Sunday, March 16, 2008

Shotgun Blast 17 March 08


Here is some pretty interesting (well i think so, it is MY blog) stuff going on out on the interwebs...

Are your devices pre-0wned?? Time to re-look that great deal on goods/labor we get from China http://www.veracode.com/blog/?p=82

FinCEN and how it helped catch Spitzer: http://blogs.zdnet.com/BTL/?p=8211

Weak passwords strike again: http://blog.liquidinfo.net/2008/03/case-of-weak-password.html

inguma 0.0.7.2, looks like the tool is coming around. looks like its time for another go with it:
http://sourceforge.net/forum/forum.php?forum_id=797281

XSS in SNMP web interfaces, check out Adrian Pastor's comment: http://www.sensepost.com/blog/2120.html#comments

Seven deadly pen-test sins: http://www.matasano.com/log/1026/seven-deadly-pen-test-sins/
and Mike Andrews commentary on it: http://www.mikeandrews.com/2008/03/15/seven-deadly-pen-test-sins/

(Ab)using scheduled tasks to elevate privileges over on sensepost blog/videos
http://www.sensepost.com/videostatic/ntupback/weaponised/index.html
http://www.sensepost.com/videostatic/ntupback/olly1/index.html

and Elevating Privileges using Sygate's Personal Firewall http://www.sensepost.com/videostatic/sygate/sygate.html
CG

No comments: