Hacking Microsoft Windows 2003 Server with Microsoft SQL Server 2005
This post is a complete switch over from my previous post on phishing modus operandi. A little background on the hack. I was doing an assessment of a financial application; [more]
Year: 2009
A Phishy Story
Phishing sounds similar to fishing. Fishes are to the volume of internet users today much like fishermen are to phishers. Zillions of fishes falling prey the nets is nothing less [more]
Deobfuscating Javascript Malware
Some days back I was greeted by a Google Safe browsing warning when I tried visiting a ‘known’ site. As I was sure it was supposed to be clean and [more]
SQL Injection in Stored Procedure & Preventing from the same
Following is the small example of creating a stored procedure. ==================================================================== CREATE PROC sp_login (@loginid nvarchar(25),@password nvarchar(25)) AS DECLARE @SQLString VARCHAR(500) DECLARE @loginid VARCHAR(64) DECLARE @password VARCHAR(64) /* Build the [more]
Concurrent RDP connections hack – XP
by Toufiq Ali, NII Consulting Before you read further make sure you back up all the original settings of the registry or set create a restore point of your system. [more]
Infosec Scenario in 2009
1. Business continuity to get focus over disaster recovery BCM is a process issue related to building the framework to increase business resiliency and restoration capability, while DR is about [more]