Category: Security

How to develop ShellCode, a crucial point of any exploit software

It’s not an easy task to find a vulnerable service and find an exploit for it. It’s also not easy to defend against users who might want to exploit your system, if you are a system administrator. However, writing an exploit by yourself, to convert a news line from bug tracker into a working lockpick, is much more difficult. This article is not a guide on writing exploits, nor an overview of popular vulnerabilities. This is a step-by-step guide on developing a shellcode, a crucial point of any exploit software. Hopefully, learning how they work will help conscientious and respectable developers and system administrators to understand how malefactors think and to defend their systems against them.
How an Exploit Works

Take any exploit downloaded from the internet that promises you an easy root shell on a remote machine, and examine its source code. Find the most unintelligible piece of the code; it will be there, for sure. Most probably, you will find a several lines of strange and unrelated symbols; something like this:

Continue reading

How to detect a Rootkit on your machine

A root kit is a collection of programs that intruders often install after they have compromised the root account of a system.
These programs will help the intruders clean up their tracks, as well as provide access back into the system.
Root kits will sometimes leave processes running so that the intruder can come back easily and without the system administrator’s knowledge.

Solution

chkrootkit V. 0.46a

Nelson Murilo [[email protected]] (main author)
Klaus Steding-Jessen [[email protected]] (co-author)

This program locally checks for signs of a rootkit.
chkrootkit is available at: http://www.chkrootkit.org/

This tool includes software developed by the DFN-CERT, Univ. of Hamburg (chklastlog and chkwtmp), and small portions of ifconfig developed by Fred N. van Kempen, [[email protected]].

What’s chkrootkit?

Continue reading

How to hide your email address from spammers, a thorough guide

Every IT professional worth his/her salt has their own webpage/blog these days. While you may have people from all over the globe dropping a line at your site, Email harvesters are the most unwanted visitors on any website. These email spambots crawl the web via search engines to find and extract email addresses from webpages. E-mail addresses in your blog or webpage are no secret to spam robots. Here’s a guide that should help you protect your email addresses from these spam spiders. Techniques mentioned use text manipulation, Masking, HTML, Flash, CSS, and JS to hide email addresses.
How email spammers operate? Email addresses always contain an @ symbol. Most spambots do a pattern-search for likely combinations of letters ([email protected]) like [email protected] or [email protected] in the HTML source of webpages. Often they just search for the @ character and grab all the letters on each side on the assumption that it’s a valid email address.
How to keep your email address available to humans but invisible to email spiders? There are tons of Email Address Protector software that claim to protect your email address in web pages and get rid of junk mail – Don’t waste your money, they only encode your email or generate a javascript snippet. We will discuss manual email encoding techniques here. If a visitor clicks an encryped email link on your website, it will work as normal, but spam robots will not be able to extract the address from the link.

Continue reading