http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2010-04-05 12:53:48 - The Exploitant : Today, I have discovered a vulnerability within kloutcom This bug allows you to update other people s stats, change their password, or their email The vulnerability is situated in the cookies To achieve the desired result, you must edit your cookies through, for example, the firecookie plug-in for the firebug add-on for firefox One must then log in WITH remember http://www.secuobs.com/revue/news/208881.shtmlhttp://www.secuobs.com/revue/news/208881.shtml Secuobs.com : 2010-01-31 03:01:14 - The Exploitant - Hello again all I just added two new sourcecodes to my bot sourcecode section on this blog I added YaBot Version 045 and z3r0xb0t Version 100 base which was coded by me Both are c bots and are ready to compile after a little bit of configuration NOTE z3r0xb0t is a bot coded in visual c 2008 and should http://www.secuobs.com/revue/news/187022.shtmlhttp://www.secuobs.com/revue/news/187022.shtml Secuobs.com : 2010-01-27 00:37:52 - The Exploitant - Hello again all In this post I thought I would include something many people ask me RC4 encryption in different languages Below is the code for RC4 encryption in VBNET, C , and c written in visual c C using System using SystemCollectionsGeneric using SystemIO namespace RC4Project public class Rc4 http://www.secuobs.com/revue/news/185622.shtmlhttp://www.secuobs.com/revue/news/185622.shtml Secuobs.com : 2010-01-23 14:57:11 - The Exploitant - As some of you may already have noticed, there is a new section on my blog called Bot Sources In that section you will find sourcecodes of various bots used to create botnets To start off I added some IRC bot sourcecodes Most are c but right now there is a C bot base too for those http://www.secuobs.com/revue/news/184756.shtmlhttp://www.secuobs.com/revue/news/184756.shtml Secuobs.com : 2010-01-13 20:18:01 - The Exploitant - Hi again all, This is a post about SQL injection, and a twitter client I like to use for those that like twitter I ve been delving deeper into twitter, using it a bit more often, and found myself in the need of a good twitter client Currently I am using twhirl , which is in my opinion awesome http://www.secuobs.com/revue/news/181247.shtmlhttp://www.secuobs.com/revue/news/181247.shtml Secuobs.com : 2010-01-08 00:58:22 - The Exploitant - I usually don t just go and post exploits without much explanation I just thought this exploit would be interesting to study since it s a popular program Also, the exploit was coded before, but only in python and ruby, so since this is a perl version, it deserves to be put on here too This is a remote buffer http://www.secuobs.com/revue/news/179414.shtmlhttp://www.secuobs.com/revue/news/179414.shtml Secuobs.com : 2009-12-25 03:17:22 - The Exploitant - First of all, this is not my own work, i m just spreading the word Original article can be found here and full credit goes out to the original author 1 Introduction 2 Finding LFI 3 Checking if proc self environ is accessible 4 Injecting malicious code 5 Access our shell 6 Shoutz 1 Introduction In this tutorial I http://www.secuobs.com/revue/news/175734.shtmlhttp://www.secuobs.com/revue/news/175734.shtml Secuobs.com : 2009-11-28 21:03:39 - The Exploitant - Hello all, in this tutorial we will learn how to identify a vulnerability in an FTP server through the process of Fuzzing which could lead to a DoS or Buffer Overflow vulnerability identification In this specific part we will use FTPFuzz to crash FileCOPA and identify a vulnerability in the LIST command First of all to http://www.secuobs.com/revue/news/166032.shtmlhttp://www.secuobs.com/revue/news/166032.shtml Secuobs.com : 2009-11-25 01:15:54 - The Exploitant - Last week at the ACM Conference on Computer and Communications Security, security researchers Joshua Mason, Sam Small, Fabian Monrose, and Greg MacManus presented a method they developed to generate English shell code PDF Using content from Wikipedia and other public works to train their engine, they convert arbitrary x86 shell code into sentences that read http://www.secuobs.com/revue/news/164941.shtmlhttp://www.secuobs.com/revue/news/164941.shtml