Shellcode Alchemy

Posted on Posted in Hacker News, Paper

Introduction: Shellcodes plays a very important role in cyber security field, they are widely used in a lot of malware and exploits. So, what is shellcode? Shellcode is basically a series of bytes that will be interpreted as instructions on CPU, the main purpose of writing shellcodes is exploiting vulnerabilities that allows executing arbitrary bytes […]

RSA ASYMMETRIC POLYMORPHIC SHELLCODE

Posted on Posted in Hacker News, Paper

Introduction: Firewalls and Intrusion Detection Systems (IDS) are the basic core regarding safety in any company or network infrastructure within an organization. While a simple firewall filters the traffic, taking as a basis the information of the network as the TCP/UDP ports and IP addresses, the IDS performs a much more in-depth research considering and […]

Injecting SQLite database based application

Posted on Posted in Hacker News, Paper

Introduction: SQL Injection AKA mother of hacking is one of the notorious and well known vulnerability which has caused lots of damage to cyber world. Researchers has published lots of stuff on different-2 exploitation techniques for different-2 SQL servers. For MSSQL, MySQL and ORACLE database, SQL Injection payloads are in bulk and one can exploit […]

MySQL Out-of-Band Hacking

Posted on Posted in Hacker News, Paper

Overview Out-of-band injections are very well researched when it comes to MSSQL and Oracle. But in MySQL I noticed that this topic is not well researched. I thought of researching about this topic based on my experiences in SQL injections. For this purpose we can take advantage of functions such as load_file() and select … […]