From Rexploit

Papers

Here you can find variuos papers on many topics. Feel free to provide additions or feedback.


Cisco Pen-Testing (http://www.securityfocus.com/infocus/1847)

Article written for Security Focus about Cisco pen-testing involving GRE tunnels and SNMP spoofing. Written by muts and redkommie.


Bypassing CISCO SNMP Access Lists

Bypassing CISCO SNMP access lists using spoofed SNMP UDP packets.


022-024_hotspotter.pdf (English)

Enlarge
The guys from the linux magazine did translate and republish my article about hotspotter in the english Linux-Magazine. (July 2005 issue). Please take a read, hotspotter is a very interessting tool during auditing on wireless networks.

Hotspotter.pdf (German only)

I have written two articles for a special issue of the german Linux Magazine. This one is about wireless client penetration using hotspotter and the general risks based on wireless client insecurities.


WLAN default settings & vulnerabilities

We have collected various default settings of wireless devices and their vulnerabilities.


SecOnlineGames.txt.gz

Document describing the generic security problems with online games and applications.


Router Sniffing

How to utilize a router to sniff traffic from a remote site.


Linux Encryption

Encryption using the loop device and Openssl.

Se ofrece este articulo En EspaƱol (http://enrique.heraldodeinternet.com/INFORMATICA/ADMINISTRACION/articulosLinux/ficherosEncriptados)


Prism Firmware Upgrading & wpa_supplicant Usage

How to utilize wpa_supplicant and upgrade prism firmware to support WPA.


Types Wireless Cards

Explanation of prism, hermes, and cisco wireless cards.


SecOnlineGames.txt.gz

Document describing the generic security problems with online games and applications.


Wepkey-cleartext.txt.gz

Document, describing the problem with the Intel(R) PRO/Wireless 2011B LAN USB Device drivers. Intel Driver storing 128bit WEP-Key in plain text in the Registry! The permission the the specific key is weak enough that every local user has read access and can extract it via regedit.exe or an equivalent tool.


http://www.codito.de/text/pine.html

Small description of denial of service problem found in Pine 4.44


http://www.codito.de/text/omnihttpd.html

Small description of denial of service problem found in OmniHttpd 2.0.9


http://www.codito.de/text/ikonboard.html

Security paper describing the bug in Ikonboard v.2.1.7b which causes a file-read vulnerability.


http://www.codito.de/text/cfs.html

Tutorial about how to set up a cryptographic filesystem using cfs.


http://www.codito.de/text/linviren.html

Analysis of Linux viruses (german), published in LinuxEnterprise 12/2001


http://www.codito.de/text/wurm.html

Analysis of Linux worms (german), published in LinuxEnterprise 01/2002


http://www.codito.de/text/perlcgi.html

Secure CGI programming using Perl (german), published in LinuxEnterprise 07/2001


Support us by making a donation using the button below. Please contact us using email. For other payment methods.