Diffie-Hellman explained

Posted on April 9, 2013 by ruinedsec

Peace be upon you all.

Welcome to our first crypto post here!

If you’re interested in cryptography , you’d know that  key(s) are required to encrypt and decrypt the messages exchanged between two parties so what if those two parties can’t meet to agree on a shared key for example we are in the middle of a war how can two allied countries exchange the keys safely knowing that their enemies are always eavesdropping on them that’s where the public key exchange came in. Continue reading

Posted in Cryptography | Tagged , , | 3 Comments

Intercepting System Calls and Dispatchers – Linux

Posted on April 4, 2013 by ruinedsec

Agenda

  1. Introduction
  2. Patching System call table
  3. Patching Interrupt Descriptor Table (IDT)
  4. Patching MSR SYSENTER/SYSCALL
  5. Detection

Continue reading

Posted in Linux, Rootkit | Tagged , , , , , , , , | 3 Comments

WordPress Themes Exploits are in action – wpscan

Posted on April 3, 2013 by ruinedsec

About five days ago a friend of mine called me telling that some group defaced a wordpress site  belongs to the company he owns.

After checking the logs, I found the attacker exploited a vulnerability in “Brilliant Theme”
a product from cmsmasters

The attacker was able to abuse a bug in a file called upload-bg.php within the following path: /wp-content/themes/brilliant/theme/functions that leads to upload malicious codes to the web-server.
Continue reading

Posted in web-application | Tagged , , , | 7 Comments

Memory Management – Windows part2

Posted on April 1, 2013 by ruinedsec

Agenda

  1. Interface to windows memory manager
    1. Allocation
    2. Reserved, committed, freed memory
    3. Memory guards
  2. User mode Memory management
    1. AWE (Address Windowing Extension)
    2. Heaps
  3. Kernel mode Memory management
    1. Memory Pools
    2. Address spaces in kernel mode Continue reading
Posted in Windows | Tagged , , , , | Leave a comment

Dll Injection

Posted on March 31, 2013 by ruinedsec

There are a lot of ways to alter a process’s execution path , Oh aren’t they many!- in this article , we’ll tackle one of the most commonly used techniques , DLL injection , We’ll start by looking at it’s concept and how to implement it your self ; then see it work in action in a real malware. Dll injection is a very common technique , where you can inject a dll into an executing binary , hence having it’s privileges would be great to evade a firewall for example. Continue reading

Posted in Windows | Tagged , | Leave a comment

Webhandler – Write your own module

Posted on March 30, 2013 by ruinedsec

What is webhandler:
A handler for PHP system functions & also an alternative ‘netcat’ handler that is written in Python.
Also it tries to simulate a ‘Linux bash prompt’ to handle and process:

  • PHP program execution functions e.g. system, passthru, exec, etc
  • Bind shell connections
  • Reverse shell connections

To learn more about webhandler, Continue reading

Posted in web-application | Tagged , , , , , , | 3 Comments

Memory Management – Windows (1-2)

Posted on March 23, 2013 by ruinedsec

Agenda

  1. Hardware Level Memory management
    1. Virtual Memory
    2. Segmentation
    3. Paging
  2. Introduction to windows memory management

First, I’d Like to welcome you to the blog since Continue reading

Posted in Windows | Tagged , , , | 2 Comments