BackTrack 4 Release 1 (R1 Dev)

The release of BackTrack 4 unleashed a whirlwind of over 1 million downloads. Information Security specialists and Penetration Testers from all over the world showing their support and love for the product that has become the #1 Penetration Testing Distribution.

Read More

Malicious Google Gadgets in Action

Malicious Google WidgetA new report by emgent shows malicious Google Gadgets in action. The vulnerability lies in the ability of a malicious user to add their own Gadgets on a separate domain space, without Google’s authorization. The attack variant shown in the movie can be altered to steal cookies, run arbitrary JavaScript on victim machines, and could be further weaponised to great Malicious Google Gadget worms.
When researching this topic, we found references to similar vulnerabilities which date back to 2007, reported by Tom Stracener and Robert Hansen.

Read More

How Strong is Your Fu?

We are happy to announce our first Public Hacking Tournament, labeled “How strong is Your Fu?“. The Hacking Tournament will last for two days, and may go on longer, depending on how long our machines survive. The reward ? The winner of the tournament will be able to choose ONE of our Online courses, free of charge. This could be either PWB, WiFu or CTP (30 day labs where relevant).
Registration for the contest,

… Read more »

Read More

How to choose your Information Security Training

In the past couple of years, the economy has struck hard on organizations seeking to educate their employees. Training budgets have been cut down, and choosing the right course that will give you real Return on Investment is not an easy job. This is especially true in the offensive Information Security Training arena, where standards and qualifications are weakly defined. So how can you make sure you’re getting your money’s worth ?

Welcome to our “10 questions you should be asking your Information Security Training Provider“.

… Read more »

Read More

Return Oriented Exploitation (ROP)

For all those who registered to AWE in BlackHat Vegas 2010 – we have special surprise for you… We’ve updated our “Bypassing NX” module with the buzzing ROP exploitation method.

Read More

Upcoming Courses and Security Training

BlackHat Offensive Security Training Courses are selling out…sign up quick! To all those who signed up – we’ve got some special things planned for you, you’re definitely in for a ride. Thanks for flying Offsec.

Read More

QuickZip Stack BOF 0day: a box of chocolates

A few days ago, one of my friends (mr_me) pointed me to an application that appeared to be acting somewhat “buggy” while processing “specifically” crafted zip files.  After playing with the zip file structure for a while (thanks again, mr_me, for documenting the zip file structure), I found a way to make the application crash and overwrite a exception handler structure.

In this article, I will explain the steps I took to build an exploit for this bug. 

… Read more »

Read More

PWB V.3.0 Available March 21st, 2010

The Offensive Security team is excited to announce the release date of v3.0 of the Pentesting With BackTrack Course.  On March 21, 2010 the course will be made live. The team has worked overtime to ensure the videos and labs are better than ever.

With new modules, more in depth explanations and a new rich lab environment, this will prove to be a very exciting release. We are opening up early registration for those interested in signing up now.  

… Read more »

Read More

Multiple Media Player HTTP DataHandler Overflow

We recieved an interesting submission today at exploit-db from Dr_IDE. We have verified that both Quicktime and Itunes crash on Windows and OSX. The description reads:

“There is a widespread failure in the way that (.MOV) files are handled by the Quicktime Library. I have attempted to compound my findings on this issue.

Nearly every (.MOV) enabled application that I tested fell victim to this exploit. This is a local memory corruption vulnerability in the way these programs process a malformed file.

… Read more »

Read More

Pentesting With BackTrack v.3.0

BackTrack 4 Downloads are still going strong with over 30,000 registered downloads up to now. We are currently working on updating our new course materials based on BackTrack 4. We expect the new version to be available soon.

As always, alumni students will be able to upgrade their version of PWB. The upgrade fee will (as usual) be the difference between the current price and new one. No, we don’t have pricing information at this point!

… Read more »

Read More