Comments for L1pht Offensive Labs

Comment on Fuzzing for RFI with Burp Intruder – n00blet 0×01 by Week 39 in Review – 2010 | Infosec Events

Week 39 in Review – 2010 | Infosec Events — Mon, 04 Oct 2010 04:19:09 +0000

[...] Fuzzing for RFI with Burp Intruder – n00blet 0×01 – l1pht.com started tossing the idea of discovering remote file inclusion bugs and generating a list (read, scripting op) of decent fuzz values for playing with. [...]

Comment on pigtoddler.py – Culling Files By Riding Spiders by Week 22 in Review – 2010 | Infosec Events

Week 22 in Review – 2010 | Infosec Events — Mon, 07 Jun 2010 06:50:58 +0000

[...] pigtoddler.py – Culling Files By Riding Spiders – l1pht.com I wanted a troubled little script that didn’t require much care and had a little more “dice roll” type attitude. [...]

Comment on Archiving Windows System Files for Binary Diffing by Week 11 in Review – 2010 | Infosec Events

Week 11 in Review – 2010 | Infosec Events — Mon, 22 Mar 2010 18:14:02 +0000

[...] Archiving Windows System Files for Binary Diffing – l1pht.com I present for your viewing pleasure… binaryeti. [...]

Comment on SureThing CD/DVD Labeler Overflow – OSVDB 55297 by CG

CG — Mon, 29 Jun 2009 03:01:38 +0000

i’ve got no help for you… but a cool discussion of the problem. please post any solutions you come up with.

Comment on Common Info Security Weaknesses – Nathan Keltner by natron

natron — Fri, 06 Mar 2009 15:42:46 +0000

Thanks for the kind words! It’s funny, when the ISACA guy called me to ask if I could fill in for someone who bailed on them for their March presentation, he said “Really, you can talk about whatever you want, just pick a topic and go.”

Never one to pass up a chance to hop on my soap box and rant about the ridiculousness seen in most organizations, I threw this together in a few hours. Hopefully at least a couple of minds were changed on the importance of an overarching security posture that doesn’t rely on luck as the primary component to info security…

Comment on Clickjacking Metasploit Aux Module by Saint Patrick

Saint Patrick — Wed, 04 Mar 2009 02:16:55 +0000

There are some other issues as well with the WP plugin I was using to style source code. I went ahead and pulled that view off of the post and replaced it with a link to the .rb file.

Comment on Clickjacking Metasploit Aux Module by initram

initram — Fri, 27 Feb 2009 10:48:17 +0000

The code within the “view code” pop up has a little error. In line 55 you must add a “|” in the end so that the line looks like this:

@hostpage.each do |sourceline|

I’ll try out the auxilary right away! Thanks a lot

Comment on Stealing Browser History the Metasploit Way by natron

natron — Fri, 30 Jan 2009 15:58:18 +0000

Patrick — will you send me an email regarding this? I have some ideas on this and don’t seem to have your email address.

Thx,
N

Comment on Details Released Regarding SSL Fail by Saint Patrick

Saint Patrick — Wed, 31 Dec 2008 04:52:21 +0000

Update: there are some interesting comments, etc. on the BreakingPoint Labs blog http://www.breakingpointsystems.com/community/blog/Attacking-Critical-Internet-Infrastructure

Comment on L1pht Blog by Saint Patrick

Saint Patrick — Mon, 15 Dec 2008 01:29:07 +0000

Code is up.