HackingTheUniverse

You are browsing the archives of hacking.

DLL hijacking vulnerabilities – [sans.edu] For the last couple of days there have been a lot of discussions about a vulnerability published by a Slovenian security company ACROS. HD Moore (of Metasploit fame) also independently found hundreds of vulnerable applications and, as he said, the cat is now really out of the bag. In order [...]

The metaphor of warfare used to apply to cyber-conflict is strained, but is still the paradigm most often used in discussions of this area by government and military. The concepts of “target” and “territory” are vastly different in a network. Likewise, the meanings of terms like: capture, destroy, defend, attack, hold, flank, surround, and many [...]

A research paper from the Center for Automotive Embedded Systems Security, describes an attack methodology against embedded computer systems in modern automobiles. The attackers were able to activate or disengage the brakes while driving, control the engine and the lights, by plugging a laptop computer into a control socket. While this was done using direct [...]

SEE ALSO: CCDC Nationals 2010 (part1) CCDC Nationals 2010 (part2) CCDC Nationals 2010 (part3) Here are some tips and thoughts on preparing a blue team defense in the CCDC: PREPARATION Know yourself – Know what your skills and limitations are, know who is good at what, know who wants to do what, know what your [...]

SEE ALSO: CCDC Nationals 2010 (part1) CCDC Nationals 2010 (part2) Sunday morning found Team 7 hard at word trying to finish up the competition: Finally, they polished off the last few injects: After breaking down the network equipment, all the teams headed to the awards ceremony, where Dave Cowen, captain of the Red Team, delivered [...]

SEE ALSO: CCDC Nationals 2010 (part 1) [see this post for the introduction to CCDC Nationals 2010] On Saturday morning, all the teams gathered again to hear an update briefing from Dwayne: The scoring engine was hard at work keeping track of everything: And the Alamo Cup was waiting for a new winner to be [...]

The Collegiate Cyber Defense Competition (CCDC) is a national competition for college students designed to promote learning about cyber defense. Each year regional competitions across the nation act as preliminary rounds and then send the regional winners to a national competition in San Antonio. Each college team is required to defend an identical network from [...]

A new paper that discussed Advanced Persistent Threat (APT) has been released by Mandiant and has sparked new interest in the topic. excerpt from the original post on APT APT or Advanced Persistent Threat describes cyber attacks mounted by organizational teams that have deep resources, advanced penetration skills, specific target profiles and are remarkably persisent [...]

The Metasploit Framework is a framework that enables penetration testing by combining modular packages of exploit code, payloads and tools such as Meterpreter that allow the tester to maintain access, collect information on the target system and execute pivot attacks against other systems. This script helps the tester by maintaining backdoor access. Meterpreter Persistence – [...]

Insurgents have learned how to intercept video relays from drones in Iraq and Afghanistan and the vulnerability has existed for some time. Hacking warfare robots will become more of an issue as they become more commonplace. Think about how network hacking techniques can be applied to war scenarios and vice-versa: botnets – encrypted control channels [...]