background preloader

Top 10 Web hacking techniques of 2010 revealed

Top 10 Web hacking techniques of 2010 revealed
Network World - A Web hack that can endanger online banking transactions is ranked the No. 1 new Web hacking technique for 2010 in a top 10 list selected by a panel of experts and open voting. Called the Padding Oracle Crypto Attack, the hack takes advantage of how Microsoft's Web framework ASP.NET protects AES encryption cookies. FROM THE SECURITY WORLD: Quirky moments at Black Hat DC 2011 If encryption data in the cookie has been changed, the way ASP.NET handles it results in the application leaking some information about how to decrypt the traffic. The developers of the hack -- Juliano Rizzo and Thai Duong -- have developed a tool for executing the hack. The ranking was sponsored by Black Hat, OWASP and White Hat Security, and details of the hacks will be the subject of a presentation at the IT-Defense 2011 conference next month in Germany. Here are the rest of the top 10 Web hacks voted in the competition: 2. 3. 4. 5. 6.

The War On Cyber CyberTerrorists - The War On Cyber: CyberTerrorists - The War On Cyber Join us now to get access to all our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, and so, so much more. Subscribe to topics and forums to get automatic updates Welcome to CyberTerrorists - The War On Cyber, like most online communities you must register to view or post in our community, but don't worry this is a simple free process that requires minimal information. Looking for Developers !! Autodesk Revit Structure 2012 Build 2315 + Portable by Today, 05:46 AM Application Pack for iPad and iPhone by Today, 05:16 AM p777 God z da Shortest distance from Zero to INFiNiTY.........!!! locon i want access to TRACK2.NAME ONLINE DUMP SHOP Toggle this category ..:: CT Global Rules, Announcements, News & Feedback ::.. Forum Rules & Announcement, Read RULES before Posting any kind of thing here.

70 Things Every Computer Geek Should Know. | Arrow Webzine The term ‘geek’, once used to label a circus freak, has morphed in meaning over the years. What was once an unusual profession transferred into a word indicating social awkwardness. As time has gone on, the word has yet again morphed to indicate a new type of individual: someone who is obsessive over one (or more) particular subjects, whether it be science, photography, electronics, computers, media, or any other field. A geek is one who isn’t satisfied knowing only the surface facts, but instead has a visceral desire to learn everything possible about a particular subject. How to become a real computer Geek? Little known to most, there are many benefits to being a computer geek. You may get the answer here: The Meaning of Technical Acronyms 1. One of the best list of default passwords. 1A. 2. If you rolled your eyes here, that is a good thing. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21.

Nmap Tutorial / Nmap Howto Nmap ist einer der bekanntesten Netzwerkscanner überhaupt. Das Programm gilt als digitales Schweizer Messer und sollte nicht nur von Administratoren beherrscht werden können. Für einen optimalen Einstieg mit Nmap gibt es nachfolgend ein kleines Nmap Tutorial in dem man die Grundlagen zum Programm lernt. Nmap Installation Schon bei der Installation von Nmap sollte man aufmerksam sein, um das Programm besser verstehen zu können. So werden neben dem eigentlichen Programm Nmap noch weitere Komponente installiert, die für den Betrieb wichtig sind. Nmap Start Wie schon gesagt kann man Nmap auch mit Zenmap als grafische Oberfläche starten. Wer bei der Installation nicht das Häkchen von der Option „Register Nmap Path“ entfernt hat, der kann Nmap von jedem beliebigen Pfad aufrufen und muss nicht erst zum Installations-Pfad wechseln. Der Aufbau eines Nmap-Scans sieht im Grundsatz folgendermaßen aus: nmap Optionen Zielbereich Der Zielbereich könnte also z.B. so aussehen: Nmap Localhost

DARKSIDE RG [WeChall] About WeChall filter - The Wireshark Network Analyzer 1.8.0 wireshark-filter - Wireshark filter syntax and reference wireshark [other options] [ -R "filter expression" ] tshark [other options] [ -R "filter expression" ] Wireshark and TShark share a powerful filter engine that helps remove the noise from a packet trace and lets you see only the packets that interest you. If a packet meets the requirements expressed in your filter, then it is displayed in the list of packets. Filters are also used by other features such as statistics generation and packet list colorization (the latter is only available to Wireshark). Check whether a field or protocol exists The simplest filter allows you to check for the existence of a protocol or field. Think of a protocol or field in a filter as implicitly having the "exists" operator. Comparison operators Fields can also be compared against values. eq, == Equal ne, ! Search and match operators Additional operators exist expressed only in English, not C-like syntax: http contains " Functions or Hacking Conference - Frequently Asked Questions About DEFCON. [NOTE: Before this FAQ goes production 1.0 it will be split into two, one for general DEF CON questions, and another for the current years con] What is DEF CON? DEF CON is one of the oldest continuous running hacker conventions around, and also one of the largest. How did DEF CON start? Originally started in 1993, it was a meant to be a party for member of "Platinum Net", a Fido protocol based hacking network out of Canada. As the main U.S. hub I was helping the Platinum Net organizer (I forget his name) plan a closing party for all the member BBS systems and their users. Where did the name come from? The short answer is a combination of places. There are several resources that will give you an idea of what DEF CON is all about. When and where is DEF CON? DEF CON is generally in the last week of July or first week of August in Las Vegas. Isn't there a DEF CON FAQ already? Yes, an unofficial one. What are the rules of DEF CON? Physical violence is prohibited. Is DEF CON cancelled? No. Yes. No.

DD-WRT Bei DD-WRT handelt es sich um eine quelloffene (GPL) Linux-Distribution, die auch proprietäre Anteile enthält. Sie wurde für Consumer-WLAN-Router und Access-Points der Unternehmen Asus, ALLNET, Belkin, Buffalo, Linksys, Netgear, Motorola, Siemens u.v.m. mit Atheros-, Broadcom- oder Ralink-Chipsatz entwickelt. Ende 2006 wurde die Unterstützung für professionelle WLAN-Geräte ständig erweitert. Vornehmlich kommen die Geräte bei Wireless Internet Service Provider (WISP), Internetdienstanbieter (ISP) oder Campus WLANs zum Einsatz. Als Plattformen stehen x86, Intel IXP, Atheros MIPS, Infineon ADM MIPS und PowerPC zu Verfügung. Für einige Geräte muss man eine kostenpflichtige Lizenz im DD-WRT-Shop erwerben. Während OpenWrt ganz klar die Basar-Entwicklungsmethode verfolgt, verfolgt DD-WRT die Kathedralen-Methode. Geschichte[Bearbeiten] Versionsgeschichte[Bearbeiten] Entstehung und Entwicklung bis Version 23[Bearbeiten] Unterstützung durch kommerzielle Hersteller[Bearbeiten] Siehe auch[Bearbeiten]