These days a new Windows 0day exploit is detected.
With it an attacker can own a victim without clicking on any file.
Put on a USB-Stick it infects the victim by connecting to the PC.
Vulnerability in Windows Help Center CVE-2010-1885 (MS10-042)
Tavis Ormandy released an exploit for the “Windows Help Center” of Windows XP ServicePack 2 and ServicePack 3. Continue reading »
By just clicking on an malicious link you can get exploited by an attacker.
Adobe Flash vuln from june 2010 CVE-2010-1297
These days a new vulnerability of Adobe Flash Player is being released.
This tut and videos show how to use it.
Having fun with Social-Engineering-ToolKit and Ettercap
The goal of this tutorial is to get a Meterpreter-session with Ettercap and SET (Social Engineering Toolkit).
The toolkit is a program by David ‘Rel1k’ Kennedy. With it you can do social-engineering attacks easily.
Just do the following steps:
embed a PAYLOAD in an existing EXE
Our weapon of choice is msfencode from the Metasploit-Framework.
In connection with msfpayload you can embed a payload in an existing an working EXE file
