chackraview.net

Short URL is a concept of reducing long and non-human friendly URLs. This is especially useful when it comes to micro blogging sites like Twitter. Twitter has a word limit of only 140 characters for a tweet. Hence posting long URLs along with a descriptive message is somewhat difficult. A link shortening service from twitter [...]

The newly proposed legislation acts SOPA (Stop Online Piracy Act) and PIPA (Protect Intellectual Property Act) are very much controversial and are potentially bound to damage the freedom of Internet. US department of Justice shut down megaupload.com under the SOPA legislation and alleged copyright infringement. To oppose these acts many sites including Wikipedia, GoDady, took [...]

NullSecurity.net publically released a security advisory on SEH overflow in WorldMail 3.0 IMPAD product. An attacker could exploit this issue to execute arbitrary code in the context of the application. This may facilitate to the compromise of the application and underlying system. Attackers do not need to authenticate to exploit this vulnerability making its threat [...]

Exploit-DB posted a new exploit code for old buffer overflow vulnerability in read/write request packet processing code of TFTP Server version 1.4. I thought it will be a nice rule writing practice to develop IDS detection rule for it. Below Snort rule will be help to detect the exploit attempt for this vulnerability. Snort provides [...]

Just before the end of 2011, new buffer overflow vulnerability was detected in telnetd in FreeBSD 7.3 through 9.0 allowing remote attackers to execute arbitrary code. This vulnerability was tracked under CVE-2011-4862 and exploited in the wild. We all know that telnet sends data in plain text over wire and can be easily eavesdropped. To [...]

Have you ever tried running some cryptographic hash calculator on some of the existing system files? Or even tried reading them programmatically and it failed with below error?        Error msg  : The system cannot find the path specified. Guess what, I had a similar issue last weekend.  I knew file existed at the location [...]

Just before we say good bye to 2011, Microsoft released a security bulletin for escalation of privileges vulnerability in .Net Framework. NIST describe the vulnerability as – The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access [...]

One of our employees reported receipt of suspicious email to Microsoft Network Security team and I got a chance to analyze one more client side attack from the bag of BlackHole exploit kit. Attacker was not at all funky this time, no fancy stuff in the email, just a plain email with an external link. [...]

 In this post, I have used one of the encrypted samples found for CVE-2011-2462 vulnerability. After coming back from my vacation, I decided to take a quick look at the new samples shared on contagio blog to understand the exploitation methods of CVE-2011-2462. As many nice articles/blog posts have already written on this vulnerability, I [...]

Yesterday, one of my colleagues received a legitimate looking email from Internal Revenue Service with subject: Your Federal Tax Payment with a link to tax report.pdf file. He reported it to me and I got a chance to analyze it. Below are some of my findings from the analysis. The link had below obfuscated javascript [...]