SecurityRatty: tag: exe

Using Metasploit to create a reverse Meterpreter payload EXE by John Strand

2008-10-15 17:53:56 by Editor in Irongeek's Security Site

New Video: Using Metasploit to create a reverse Meterpreter payload EXE by John Strand John Strand of Black Hills Security sent me an awesome video on using Metasploit to create an EXE with the Meterpreter payload that creates a reverse TCP connection outbound, blowing through many NAT boxes and firewalls. This goes great with a previous video I...

Tags: exe, video, previous video, metasploit, meterpreter payload, black hills security, awesome video, exe bindersjoiners, nat boxes

Using Metasploit to create a reverse Meterpreter payload EXE by John Strand

2008-10-15 20:20:00 by Editor in Irongeek's Security Site

New Video: Using Metasploit to create a reverse Meterpreter payload EXE by John Strand John Strand of Black Hills Security sent me an awesome video on using Metasploit to create an EXE with the Meterpreter payload that creates a reverse TCP connection outbound, blowing through many NAT boxes and firewalls. This goes great with a previous video I...

Tags: exe, video, previous video, metasploit, meterpreter payload, black hills security, awesome video, exe bindersjoiners, nat boxes

Using Metasploit to create a reverse Meterpreter payload EXE by John Strand

2008-10-15 20:20:00 by Editor in Irongeek's Security Site

New Video: Using Metasploit to create a reverse Meterpreter payload EXE by John Strand John Strand of Black Hills Security sent me an awesome video on using Metasploit to create an EXE with the Meterpreter payload that creates a reverse TCP connection outbound, blowing through many NAT boxes and firewalls. This goes great with a previous video I...

Tags: exe, video, previous video, metasploit, meterpreter payload, black hills security, awesome video, exe bindersjoiners, nat boxes

Zero-day Microsoft Windows NSlookup.exe Vulnerability Exploited In The Wild

2008-08-15 23:07:46 by CyberInsecure in CyberInsecure.com

...execution vulnerability due to an unspecified error in NSlookup.exe. Successfully exploiting this issue would allow the attacker to execute arbitrary code on an affected computer. Failed attacks will cause denial-of-service conditions. Microsoft Windows

Tags: microsoft windows, execute arbitrary code, wild, nslookup, exe, attacks, prone, issue, error

HACKED BY THE RBN!

2008-04-01 15:52:09 by HASH0x8b24a94 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...executing the harmless to a VMware backed up PC setup files below, will not just strengten our relationship by having your computer contact ours, but will also help us pay for the infrastructure we use to host these, and let us continue maintaining our 99% uptime even in times of negative attitude on a large scale against our business...

Tags: 42jdk7dx, 42jdk7dx pinch, 42jdk7dx system, 42jdk7dx ldig0031242, 42jdk7dx inst250, 42jdk7dx bhos, 42jdk7dx win32, exe, 42jdk7dx bho

A Diverse Portfolio of Fake Security Software

2007-12-07 15:16:07 by HASH0x89688e0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...exe content.onerateld.com/avsystemcare.com/AVSystemCare/install en.exe content.onerateld.com/winsecureav.com/WinSecureAv/install en.exe content.onerateld.com/goldenantispy.com/GoldenAntiSpy/install en.exe content.onerateld.com/menacerescue.com/MenaceRescue/install en.exe content.onerateld.com/antispywaresuite.com/AntiSpywareSuite/install...

Tags: domains portfolio, domains, portfolio, sample domains portfolio, fake security software, software, onerateld, content, exe

Storm-Bot stripshow analysis

2007-12-23 22:06:00 by Russ McRee in HolisticInfoSec.org

...exe (modified to protect the innocent) yields a hash of 2BBA62FBC3B9AF85C3C7D64A82E1237C. Once executed it immediately copies itself as disnisa.exe to C:WINDOWS and adds a startup registry key for the same Current AV detection includes Kaspersky stripshow.exe - Email-Worm.Win32.Zhelatin.pd eTrust-Vet - Win32/Sintun.AT Microsoft -...

Tags: 40d9f1 connect, w32tm config syncfromflags, config, time, quick time check, w32tm config, exe, src78, dst192

Malware and Office Documents Joining Forces

2008-07-14 11:20:34 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

...executable file (win32 exe), followed by fully automatic recovery and launch, without any additional action by the user. The only requirement that formed in such a way xls / doc files is to support VBA macros on the computer end-user formed file and permission to launch macros The program uses NOT a vulnerability (exploit) or macro-virus...

Tags: document, document macros, support, enable support, macro, macro viruses, support vba macros, exe-file, extract exe-file

Execute in PowerShell

2007-12-02 11:27:00 by Keith Brown in Security Briefs

...exe -r but I didn't want to make any assumptions about what drive or directory Windows was installed in. What I wanted was something like this WINDIR%Microsoft.NETFrameworkv2.0.50727aspnet regiis.exe -r In PowerShell, an easy way to get the value of an environment variable is to use the $env namespace like so env:windir but when I put this...

Tags: powershell, 50727aspnet regiis, env, powershell assumes, env namespace, exe, netframeworkv2, windirmicrosoft, call operator

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo