Monthly Archives: July 2017

July 29, 2017 · 12:00 pm

Brainpan 2 – Trolling, Headaches, and a fun Challenge!

Finally back to VulnHub, and next up is my Brainpan 2 walkthrough.

MITM XSS Protection – Still Popping Alerts

I recently had to demonstrate the dangers of loading external resources over HTTP as well as security libraries running on the client side. In this case, I went with an attack to MITM XSS protection, and this was the result.

Continue reading →

1 Comment

Filed under Security Not Included

July 15, 2017 · 12:00 pm

XSS Password Stealing – Who needs cookies?!

Most people are already aware of using XSS to pop alerts or steal cookies. Today I'd like to show XSS password stealing.

Continue reading →

6 Comments

Filed under Security Not Included

July 8, 2017 · 12:00 pm

Easy Chat Server Exploit (<=3.1) - SEH Stack Based Overflow

The following is an older Easy Chat Server Exploit for versions <3.1 (CVE-2004-2466). That said, this is a great example of utilizing SEH for exploit writing and reliability.
Continue reading →

Homoglyph Phishing – Exploiting Basic Authentication Userinfo

After learning more about them from eWPTX, I'd like to cover a homoglyph phishing attack.

Continue reading →

Monthly Archives: July 2017

Brainpan 2 – Trolling, Headaches, and a fun Challenge!

MITM XSS Protection – Still Popping Alerts

XSS Password Stealing – Who needs cookies?!

Easy Chat Server Exploit (<=3.1) - SEH Stack Based Overflow

Homoglyph Phishing – Exploiting Basic Authentication Userinfo

Popular Posts

Recent Posts

Recent Comments

Archives

Meta