Vulnerabilities and Exploits

Blog posts related to vulnerabilities and known exploits thereof.

After trying to get a copy of http.sys to examine, I discovered that it appeared to be in use on my desktop. Looking in to it, I found three desktop services using the HTTP Service provided by http.sys. There may be more, less obvious, vulnerable services/systems than just web servers. This post also demonstrates a brute-force approach to finding dependent services, for when you can’t find the proper way of doing so quickly enough.

Continue Reading

It’s been four months since the Bash ShellShock vulnerability was made public, and for some reason I hadn’t thought of modifying Dionaea to analyse and download any URLs in inbound ShellShock exploits until a week ago! If you’re interested in using Dionaea to download the URLs that in-the-wild ShellShock exploits are trying to download, or if you just like hairy regular expressions, then read on. Continue Reading

This post explains some measures that you can take to prevent the MySQL cna12.dll attacks from infecting your MySQL server. It follows on from a previous post which explains the attacks. If you find that a cna12.dll file or a piress user account keep reappearing on your MySQL server, then read on. Continue Reading

Have you, or your anti-virus software, noticed a file called ‘cna12.dll’ on your computer? Have you suddenly found that you have an imaginary friend called ‘piress’ whom you didn’t know about? If so, you may have fallen victim to a MySQL attack (and ‘piress’ may not be so imaginary, nor friendly for that matter). Continue Reading

Seeing an increase in MySQL attacks hitting your network and interested in knowing more about them? If so, then these posts are for you. They have all the fun involved from noticing an increase in traffic to extracting malware from a packet capture and analysing it. If you like the thrills and spills of scripting information processing tasks, then read on as this post will show you how to extract the binary files from the MySQL commands.
Continue Reading