Security Musing and Writings

From time to time, our security professionals love to write-up their personal musing on a certain security issue. We hope some of these contents may provide additional food for thought. The write-up reflects each individual’s personal views and does not necessarily represent Securxcess as an organization.

Buffer OverFLow pada Aplikasi Ability FTP

Pada tutorial kali ini akan membahas step by step BOF (Buffer OverFlow) pada aplikasi Ability FTP pada windows
Tutorial ini adalah bagian dari series : Exploit Development
Tingkat Kesulitan                      : Mudah
Software yg digunakan                  : MetasploitFramework, Immunity Debugger
Tipe Exploit                           : Remote Exploit
Platform                               : Windows

Don't Count on IP Address and Metadata Too Much

In investigating or tracing a security incident, we are sometimes asked to determine from whence—or where—an incident occurred, besides its perpretrator. Usually, we perform IP address tracing to get some sort of evidence. Another possible scenario is when we are faced with a situation where a file is thought to be the evidence and we are required to ascertain that. Sometimes in this case, merely checking its metadata is considered one of the best ways in determining whether it is valid as a piece of evidence. Unfortunately, it is not the case; not even close.