Friday, 24 May 2013

Linux commands for computer forensics

Here are some of linux basic command that used in computer forensics : 1.  dd - command used to copy from an input file or device to an output file or device. syntax : dd if=[source] of=[destination] bs=(optional) 2.  hdparm - command to get evidence harddisk information. syntax : hdparm [ flags ] [device]  3.  sfdisk...

Thursday, 23 May 2013

Computer Forensic : unallocated space and slack space

Unalocated space : Unallocated space, sometimes called “free space”, is logical space on a hard drive that the operating system, e.g Windows, can write to. To put it another way it is the opposite of “allocated” space, which is where the operating system has already written files to. Unallocated space can contain deleted files or partially deleted...

Computer Forensic : Introduction

Hello again, today my blog post is about Computer Forensic, one of my favourite subject in computer security world. What is Computer Forensic? Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law....

Monday, 20 May 2013

From web application to ID 0

How to gaining access to local system from web application? in this post i will simulate the process of gaining access using DVWA installed on Metasploitable OS as a target. i will use the one of several vulnerabilities of DVWA to penetrate the system, put the backdoor shell command, gaining root access, and doing some post exploitation activities. --on...

Sunday, 19 May 2013

Client side attack combination using BeEF and Metasploit

Hello again, in this post i will simulate the client side attack using Beef and metasploit. client side attack is the attack performed by the client. in this simulation i am using windows xp in virtualbox and firefox browser as a target. Here's the gameplay : 1. attacker send the link of youtube...

crafted file

coming soon ...

Wednesday, 24 April 2013

Buffer Overflow : SEH based exploit on Elecard MPEG Player

in this post i will write my steps to exploit media player application (Elecard MPEG Player) with SEH protection, and here's the steps : 1. install application in windows XP machine 2. do the information gathering about supported filetype 3. From IG i got the information : the target support...