July 2017 | doyler.net

Brainpan 2 – Trolling, Headaches, and a fun Challenge!

Leave a Comment / Security Not Included / By Ray Doyle / July 29, 2017 April 10, 2018

Finally back to VulnHub, and next up is my Brainpan 2 walkthrough.

MITM XSS Protection – Still Popping Alerts

1 Comment / Security Not Included / By Ray Doyle / July 22, 2017 April 10, 2018

I recently had to demonstrate the dangers of loading external resources over HTTP as well as security libraries running on the client side. In this case, I went with an attack to MITM XSS protection, and this was the result.

XSS Password Stealing – Who needs cookies?!

6 Comments / Security Not Included / By Ray Doyle / July 15, 2017 April 5, 2021

Most people are already aware of using XSS to pop alerts or steal cookies. Today I’d like to show XSS password stealing.

Easy Chat Server Exploit (<=3.1) - SEH Stack Based Overflow

Leave a Comment / Security Not Included / By Ray Doyle / July 8, 2017 April 10, 2018

The following is an older Easy Chat Server Exploit for versions <3.1 (CVE-2004-2466). That said, this is a great example of utilizing SEH for exploit writing and reliability.

Homoglyph Phishing – Exploiting Basic Authentication Userinfo

Leave a Comment / Security Not Included / By Ray Doyle / July 1, 2017 July 1, 2017

After learning more about them from eWPTX, I’d like to cover a homoglyph phishing attack.

Month: July 2017