How to prevent SQL Injection
28.04.08  |  Hacking, SecurityTeam

SQL Injection: What It Is
There was once a famous doctor that had it completely right: never trust your patients. Now this doctor may have only been a sitcom doctor on the show “House,” but we’ll be taking a page from his book. Of course, in our case the patients will actually be [...]

TCP/IP Tutorial
25.04.08  |  SecurityTeam

This tutorial is intended to supply a brief overview of TCP/IP protocol. Explanations of IP addresses, classes, netmasks, subnetting, and routing are provided, [...]

FBI Fears Chinese Hackers and/or Government Agents Have Back Door Into US Government & Military Computer Networks
21.04.08  |  Hacking

ome months ago, my contacts in the defense industry had alerted me to a startling development that has escalated to the point of near-panick in nearly all corners of Government Security and IT infrastructure. The very-real concern, being investigated by the FBI, is that either the Chinese government or Chinese hackers (or both) have had [...]

Hacking a Windows 2000 system through IPC$
21.04.08  |  Hacking, SecurityTeam

1: Scanning for open Win2k systems2: Connecting to the IPC$3: Connecting and using Computer Management.4. Disable NTLM5: Starting the Telnet service6: Creating user accounts and adding them to a group7: Covering your tracks8: How to protect your Win2k system from this attack
—————————————————————————————————–You need to be running a Win2k system:
Superscan version 3.00 by Foundstone (246kb). HomepageNetBrute [...]

Project: The Wifi Predator
13.04.08  |  Hacking, SecurityTeam

Picture this: You find yourself sitting in a hotel room that does not offer wireless internet… As you look out the window, you spot that the three hotels & a Starbucks across the street advertising “Free Wireless Internet” — if only you had known this when you booked! You [...]

CRLF Injection
02.04.08  |  Hacking, SecurityTeam

CRLF Injection Overview
CRLF Injection is typically used in HTTP Response Splitting. In the HTTP specification there is a spec stating that the HTTP header is to be split from the data portion of the packet. This formatting split is defined by a carriage return and line feed, or called a \r\n.
Basically by injection a \r\n [...]