TEHTRI-Security released 13 0days against web tools used by evil attackers




Gents,

As announced in recent emails here, we have just released 13 0days and
new offensive concepts against most of the tools currently used by web
attackers, like web shells, exploit packs, etc, during our new talk at
SyScan Singapore 2010 : http://www.syscan.org/Sg/speakers.html#012

We have given new methods to counter-strike intruders with our new
exploits giving you remote shells, remote SQL injection, permanent XSS
and dangerous XSRF, against remote tools used by attackers.

It's time to have strike-back capabilities for real, and to have
alternative and innovative solutions against those security issues.

We have shown how to know, identify, exploit, neutralize or destroy
attackers using those kind of tools.

For example, we gave (some of) our 0days against known tools like Sniper
Backdoor, Eleonore Exploit Pack, Liberty Exploit Pack, Lucky Exploit
Pack, Neon Exploit Pack, Yes Exploit Pack...

This was a way to explain that you can react when you are under attack.

We hope that this will open a new way to think about IT Security
worldwide, and that it might help people sometimes.

Do not hesitate to contact TEHTRI-Security if you need technical
assistance (pentests, incident handling, source code analysis, etc) with
experts who know how work cyber conflicts for real, which is totally
different from people who have clean certifications or who just
masterize security research in labs...

Here is the list of the 13 security advisories and 0days that we just
released today.

TEHTRI-SA-2010-023 - Vuln in NEON Exploit Pack. Permanent XSS+XSRF.
TEHTRI-SA-2010-022 - Vuln in NEON Exploit Pack. SQL Injection.
TEHTRI-SA-2010-021 - Vuln in YES Exploit Pack. Remote File Disclosure.
TEHTRI-SA-2010-020 - Vuln in YES Exploit Pack. Permanent XSS+XSRF admin.
TEHTRI-SA-2010-019 - Vuln in YES Exploit Pack. Remote SQL Injection.
TEHTRI-SA-2010-018 - Vuln in LuckySploit Expl Pack. Remote control.
TEHTRI-SA-2010-017 - Vuln in Liberty Exploit Pack. Permanent XSS+XSRF.
TEHTRI-SA-2010-016 - Vuln in Liberty Exploit Pack. SQL Injection.
TEHTRI-SA-2010-015 - Vuln in Eleonore Exploit Pack. Another SQL Inject.
TEHTRI-SA-2010-014 - Vuln in Eleonore Exploit Pack. XSRF in admin panel.
TEHTRI-SA-2010-013 - Vuln in Eleonore Exploit Pack. Permanent XSS.
TEHTRI-SA-2010-012 - Vuln in Eleonore Exploit Pack. Remote SQL Inject.
TEHTRI-SA-2010-011 - Vuln in Sniper_SA Web Backdoor. Remote File Disclos

More explanations available on our web site:
http://www.tehtri-security.com/en/news.php

Do not hesitate to contact us directly if needed.

Best regards,
Take care.

Laurent OUDOT - "TEHTRI-Security, This is not a game."
CEO & Founder of TEHTRI-Security
http://www.tehtri-security.com/



Relevant Pages

  • More FYI
    ... Internet Security Systems Security Brief ... Checkpoint VPN-1/SecureClient ISAKMP Buffer Overflow ... corporate networks for remote client computers. ... Remote attackers can leverage this attack to successfully compromise ...
    (comp.security.firewalls)
  • Re: Memories of BoaterDave from 2006
    ... If no-one cares, Ari, why are our 'leaders' allowing our troops being ... Just like real-world security, the ... some attackers are highly skilled and motivated with the goal ...
    (alt.computer.security)
  • [NEWS] Vulnerability Enables Passport Account Hijackings (No Secret Question)
    ... Beyond Security in Canada ... to promote the most advanced vulnerability assessment solutions today. ... A newly disclosed vulnerability could enable attackers to reset the ... who needs to reset his account password can be manipulated by attackers on ...
    (Securiteam)
  • [Full-disclosure] TEHTRI-Security released 13 0days against web tools used by evil attackers
    ... exploits giving you remote shells, remote SQL injection, permanent XSS ... against remote tools used by attackers. ... Pack, Neon Exploit Pack, Yes Exploit Pack... ... We hope that this will open a new way to think about IT Security ...
    (Full-Disclosure)
  • [NT] DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... requests and to allow attackers to download files that reside the outside ...
    (Securiteam)