w

Court Confirms DMCA Good Faith Web Site Shut Down




w

Court Adds New DMCA Exceptions




w

Diebold Uses DMCA to Conceal E-Voting Machine Flaws




w

E-Voting Vendor Sued For DMCA Takedown




w

Kazaa Threatens Google with DMCA Letter





w

Coupons, Inc. Drops DMCA Lawsuit Against Coupon Hacker




w

Demonoid Still Down One Week After Massive DDoS Attack




w

Microsoft Cites BBC, Wikipedia In Error-Filled DMCA Takedown







w

The Robot War Over Libya Has Begun




w

Libyan Rebels Are Flying Their Own Minidrone




w

Gaddafi Death Reports Likely To Spawn Multiple Scams






w

Why Iraq is Buying up Playstation 2's





w

Hackers Plan Attacks To Protest Iraq War




w

Iraq Collapse May Pose New WMD Threat, Say UN Monitors




w

Iraq Government Launches Its Own Channel On YouTube




w

Wikileaks Releases Indiscriminate Slaying Video From Iraq




w

WikiLeaks Set To Release Iraq War Records




w

Unpublished Iraq War Logs Trigger Internal WikiLeaks Revolt




w

Will 400,000 Secret Iraq War Document Restore WikiLeaks' Sheen?















w

win-useradd.c

318 byte useradd shellcode for Russian Windows NT/2k/XP variants.




w

un-D_0WNED.c

GoodTech Telnet Server for Windows NT/2000.




w

winntcomp.txt

A critical security vulnerability has been found in the Windows NT Message compiler. Arbitrary code execution might be possible.




w

Microsoft Server Service NetpwPathCanonicalize Overflow

This Metasploit module exploits a stack overflow in the NetApi32 CanonicalizePathName() function using the NetpwPathCanonicalize RPC call in the Server Service. It is likely that other RPC calls could be used to exploit this service. This exploit will result in a denial of service on on Windows XP SP2 or Windows 2003 SP1. A failed exploit attempt will likely result in a complete reboot on Windows 2000 and the termination of all SMB-related services on Windows XP. The default target for this exploit should succeed on Windows NT 4.0, Windows 2000 SP0-SP4+, Windows XP SP0-SP1 and Windows 2003 SP0.




w

Microsoft RPC DCOM Interface Overflow

This Metasploit module exploits a stack overflow in the RPCSS service, this vulnerability was originally found by the Last Stage of Delirium research group and has bee widely exploited ever since. This Metasploit module can exploit the English versions of Windows NT 4.0 SP3-6a, Windows 2000, Windows XP, and Windows 2003 all in one request :)




w

Microsoft IIS 4.0 .HTR Path Overflow

This exploits a buffer overflow in the ISAPI ISM.DLL used to process HTR scripting in IIS 4.0. This Metasploit module works against Windows NT 4 Service Packs 3, 4, and 5. The server will continue to process requests until the payload being executed has exited. If you've set EXITFUNC to 'seh', the server will continue processing requests, but you will have trouble terminating a bind shell. If you set EXITFUNC to thread, the server will crash upon exit of the bind shell. The payload is alpha-numerically encoded without a NOP sled because otherwise the data gets mangled by the filters.




w

Windows NT/2K/XP/2K3/VISTA/2K8/7 NtVdmControl()-

Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7 NtVdmControl()->KiTrap0d local ring0 exploit. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".




w

Windows NT/2K/XP/2K3/VISTA/2K8/7/8 EPATHOBJ Local ring0

There is a pretty obvious bug in win32k!EPATHOBJ::pprFlattenRec where the PATHREC object returned by win32k!EPATHOBJ::newpathrec does not initialize the next list pointer. This is a local ring0 exploit for Microsoft Windows NT/2K/XP/2K3/VISTA/2K8/7/8.




w

Disk Pulse Enterprise 9.0.34 Login Buffer Overflow

This Metasploit module exploits a stack buffer overflow in Disk Pulse Enterprise 9.0.34. If a malicious user sends a malicious HTTP login request, it is possible to execute a payload that would run under the Windows NT AUTHORITYSYSTEM account. Due to size constraints, this module uses the Egghunter technique.




w

Disk Pulse Enterprise 9.9.16 GET Buffer Overflow

This Metasploit module exploits an SEH buffer overflow in Disk Pulse Enterprise version 9.9.16. If a malicious user sends a crafted HTTP GET request it is possible to execute a payload that would run under the Windows NT AUTHORITYSYSTEM account.




w

SyncBreeze 10.1.16 SEH GET Overflow

There exists an unauthenticated SEH based vulnerability in the HTTP server of Sync Breeze Enterprise version 10.1.16, when sending a GET request with an excessive length it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows NT AUTHORITYSYSTEM account. The SEH record is overwritten with a "POP,POP,RET" pointer from the application library libspp.dll. This exploit has been successfully tested on Windows XP, 7 and 10 (x86->x64). It should work against all versions of Windows and service packs.




w

The Power of Salt

Where the river meets the sea, there is the potential to harness a significant amount of renewable energy, according to a team of mechanical engineers at MIT.




w

South Africa Seeks to Improve Process for Renewable Energy Deals

South African Energy Minister Tina Joemat-Pettersson said her department wants to address weaknesses in the process of commissioning renewable-power projects.