+

Category: Articles

March 1, 2005

Articles Redaction No Comments

TEMPEST – Compromising Emanations

TEMPEST, also known as Van Eck Phreaking, is the art of turning involuntary emissions into compromising data. This mainly concerns electromagnetic waves, but it can also be applied to any kind of unwanted emanations induced by the inner workings of a device. The most common TEMPEST phenomena relate to CRT monitors. Author: Robin Lobel Source: https://hakin9.org Hakin9 3/2005 […]

Read more

March 1, 2005

Articles Redaction No Comments

Hiding Kernel Modules in Linux

Placing a rootkit module in the victim’s system is only the beginning of an intruder’s labours. If the intrusion is to remain undetected, the malicious code must be hidden in a way which does not arouse suspicion. Author: Mariusz Burdach Source: https://hakin9.org Hakin9 3/2005 What you will learn… how to hide Linux kernel modules. What you should know… […]

Read more

March 1, 2005

Articles Redaction No Comments

SQL Injection Attacks with PHP and MySQL

There are a couple of common attack techniques used against the PHP/MySQL environment. SQL Injection is one of the most frequently used. This technique is about trying to push the application being attacked into a state where it accepts our input to manipulate SQL queries. Therefore, SQL Injection can be classifi ed as a member […]

Read more

March 1, 2005

Articles Redaction No Comments

Finding and Exploiting Bugs in PHP Code

Programs and scripts developed with PHP, one of the most popular languages, are often vulnerable to different attacks. The reason is not that the language is insecure, but that inexperienced programmers frequently commit design errors. Author: Sacha Fuentes Source: https://hakin9.org Hakin9 2/2005 What you will learn… you will learn about popular fl avours of input validation attacks, you […]

Read more

March 1, 2005

Articles Redaction No Comments

Knock

Knock is a client-server tool allowing users to safely use SSH connections in situations where permanent access to that service is undesirable. Author: Roman Polesek Source: https://hakin9.org Hakin9 3/2005 Quick start: The Linux fi rewall we are administering has a very restrictive security policy. Although, the sshd daemon is running, our fi rewall generally does not allow for […]

Read more

March 1, 2005

Articles Redaction No Comments

Ant

Ant is a graphical tool (based on the GTK library) which greatly simplifi es the analysis and security tests of networks and computer systems. Ant enables users to create and send frames for all common protocol headers: IPv4/IPv6, TCP, UDP, ARP, IPX, SPX etc. It was the winner of the SendIP front end competition organised […]

Read more

February 1, 2005

Articles Redaction No Comments

Removing Spiderwebs – Detecting Illegal Connection Sharing

People who share Internet connections in discord with agreements made between them and their Internet service provider can cause severe headaches for both the provider and the network administrator. There are, however, several ways to detect such practice. These methods are neither very complicated nor time consuming. Authors: Mariusz Tomaszewski, Maciej Szmit, Marek Gusta Source: https://hakin9.org Hakin9 2/2005 […]

Read more

February 1, 2005

Articles Redaction No Comments

Simple Methods for Exposing Debuggers and the VMware Environment

The fi rst stage of protecting software from reverse engineering is the discovery of debuggers and virtual machines. Contrary to popular belief, this is not difficult. Authors: Mariusz Burdach Source: https://hakin9.org Hakin9 2/2005 What you will learn… how to expose debuggers, how to expose the VMware virtual machine. What you should know… the C programming language, how to […]

Read more

February 1, 2005

Articles Redaction No Comments

Reverse Engineering – Dynamic Analysis of Executable ELF Code

Dynamic analysis of code in the Executable and Linkable Format (ELF) presents more possibilities than static analysis – it allows users to infl uence the execution of the tested program. It is not diffi cult to carry out, but requires an isolated environment for security reasons. Author: Marek Janiczek Source: https://hakin9.org Hakin9 2/2005 What you will learn… how […]

Read more

February 1, 2005

Articles Redaction No Comments

SYSLOG Kernel Tunnel – Protecting System Logs

If an attacker takes control over system logs, we will not be able to trace their actions. The level of protection provided by existing solutions has proven to be insuffi cient. Author: Michał Piotrowski Source: https://hakin9.org Hakin9 2/2005 What you will learn… how to protect the system log with the help of kernel modules, how to update the […]

Read more

February 1, 2005

Articles Redaction No Comments

MD5 – Threats to a Popular Hash Function

MD5 is probably the most used one-way hash function nowadays. Its area of application starts with simple file checksums and propagates even to DRM (Digital Rights Management). Although serious openings within MD5 had been considered problematic, one of them was found by Chinese researchers and presented at the CRYPTO conference in 2004. Authors: Philipp Schwaha, Rene […]

Read more

February 1, 2005

Articles Redaction No Comments

Making a GNU/Linux Rootkit

The main purpose of rootkits is to hide specific files and processes in a compromised system. This might sound complicated, however, as we are going to see, creating your own rootkit is not rocket science. Author: Mariusz Burdach Source: https://hakin9.org Hakin9 2/2005 What you will learn… how to create your own rootkit that hides files and processes named […]

Read more

IT MAGAZINES: Hakin9 Magazine | Pentest Magazine | eForensics Magazine | Software Developer's Journal | Hadoop Magazine | Java Magazine
IT Blogs: Hakin9 Magazine Blog | Pentest Magazine Blog | eForensics Magazine Blog | Software Developer's Journal Blog | Hadoop Magazine Blog | Java Magazine Blog
IT ONLINE COURSES: Pentest Laboratory
JOB OFFERS FOR IT SPECIALIST: Jobs on Hakin9 Magazine | Jobs on Pentest Magazine | Jobs on eForensics Magazine | Jobs on Software Developer's Journal | Jobs on Java Magazine | Jobs on Hadoop Magazine
Hakin9 Media Sp. z o.o. Sp. komandytowa ul. Postępu 17D, 02-676 Warszawa