Tag Archives: exploit

New Mode of delivering Malware Payload by Exploit Kits

Huh… Exploit writers have come up with new mode of delivering malware payload. The current pattern of exploit kit is malicious webpage -> Exploit (Java/PDF/others) -> Exploits download the malicious executable. we have devised appropriate signatures for these patterns, malware … Continue reading

Posted in security | Tagged , , | Leave a comment

Oh Shit.Yahoo mail is XSS vulnerable stealing cookies – zeroday

Just seen a yahoo e-mail exploit stealing yahoo cookie from yahoo email. This is no good.. Yahoo mail is XSS vulnerable as it failed to validate FROM field Email Header You receive a email exploit and you open in it … Continue reading

Posted in Articles, security | Tagged , | Leave a comment

Analyzing Java exploit with deobfuscating Javascript

A suspicious .class file download triggered the alert. GET /jb/kukukuk.class HTTP/1.1User-Agent: Mozilla/4.0 (Windows ) Java/1.6.0_22Host: 2374507291Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2Connection: keep-alive Now we can observed that Host is an octal host and user agent indicated java and … Continue reading

Posted in Articles, Notes, security | Tagged , , , , , | Leave a comment

MS09-067 : Microsoft Excel Malformed FEATHEADER Record Vulnerability

Posted in Tutorials | Tagged , , | Leave a comment