secniu.com

SecNiu - Security Vulnerability Analysis Exploit 0day

A funny suspected malicious software(notepad.exe) analysis. But many av alerts. …… At last, I found the reason working with nEINEI. The section of this PE file has been changed. The Attribute of this section has been update to rwe. And also found someone inject some datas into this section. …. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. CVE-2012-1889 exploit sample analysis.

http://www.secniu.com/

OVERVIEW OF secniu.com

TRAFFIC RANK

>1,000,000

REVIEWS

0

PAGES IN THIS WEBSITE

20

LINKS TO THIS WEBSITE

CONTACTS

ADDRESSES

SOCIAL LINKS

ONLINE SINCE

WEBSITE DETAILS

SEO

PAGES

SIMILAR SITES

TRAFFIC RANK FOR SECNIU.COM

TODAY'S RATING

>1,000,000

TRAFFIC RANK - AVERAGE PER MONTH

BEST MONTH

March

AVERAGE PER DAY Of THE WEEK

HIGHEST TRAFFIC ON

Tuesday

TRAFFIC BY CITY

Sign up

CUSTOMER REVIEWS

Average Rating: 4.4 out of 5 with 9 reviews

5 star

4

4 star

5

3 star

0

2 star

0

1 star

0

Hey there! Start your review of secniu.com

AVERAGE USER RATING

Write a Review

WEBSITE PREVIEW

LOAD TIME

0.8 seconds

CONTACTS AT SECNIU.COM

NO

hello world

Be●●ng

Be●●ng , 100082

China

01-38●●●●●-8000

bi●●●●●●●●●●●@126.com

View this contact

NO

hello world

Be●●ng

Be●●ng , 100082

China

01-38●●●●●-8000

bi●●●●●●●●●●●@126.com

View this contact

NO

hello world

Be●●ng

Be●●ng , 100082

China

01-38●●●●●-8000

bi●●●●●●●●●●●@126.com

View this contact

ADD CONTACT

Login

TO VIEW CONTACTS

Remove Contacts

FOR PRIVACY ISSUES

DOMAIN REGISTRATION INFORMATION

REGISTERED: 2012 September 25
UPDATED: 2012 September 26
EXPIRATION: EXPIRED REGISTER THIS DOMAIN

BUY YOUR DOMAIN

DOMAIN AGE

12

YEARS
8

MONTHS
30

DAYS

NAME SERVERS

1: ns21.domaincontrol.com
2: ns22.domaincontrol.com

REGISTRAR

GODADDY.COM, LLC

WHOIS : whois.godaddy.com

REFERRED : http://registrar.godaddy.com

CONTENT

PAGES IN
THIS WEBSITE

20

SSL

EXTERNAL LINKS

11

SITE IP

106.187.45.72

LOAD TIME

0.75 sec

SCORE

6.2

PAGE TITLE

SecNiu - Security Vulnerability Analysis Exploit 0day | secniu.com Reviews

<META> DESCRIPTION

A funny suspected malicious software(notepad.exe) analysis. But many av alerts. …… At last, I found the reason working with nEINEI. The section of this PE file has been changed. The Attribute of this section has been update to rwe. And also found someone inject some datas into this section. …. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. CVE-2012-1889 exploit sample analysis.

<META> KEYWORDS

1 切换导航

2 secniu

3 阅读全文

4 binary vuln analysis

5 exploit method

6 malware analysis

7 my sec points

8 recent posts

9 recent comments

10 tags

CONTENT

Page content here

KEYWORDS ON PAGE

切换导航,secniu,阅读全文,binary vuln analysis,exploit method,malware analysis,my sec points,recent posts,recent comments,tags,aslr,exploit,flash,java,privilge escalation,shellcode,vbscript,vulnerability,windows xp sp3,meta,register,entries,wordpress org,版权所有

SERVER

Apache/2.2.14 (Ubuntu)

POWERED BY

PHP/5.3.2-1ubuntu4.11

CONTENT-TYPE

utf-8

GOOGLE PREVIEW

SecNiu - Security Vulnerability Analysis Exploit 0day | secniu.com Reviews

https://secniu.com

A funny suspected malicious software(notepad.exe) analysis. But many av alerts. …… At last, I found the reason working with nEINEI. The section of this PE file has been changed. The Attribute of this section has been update to rwe. And also found someone inject some datas into this section. …. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. CVE-2012-1889 exploit sample analysis.

INTERNAL PAGES

secniu.com

1

CVE-2012-1889 exploit sample analysis - Binary Vuln Analysis - SecNiu

http://www.secniu.com/maybe-cve-2012-1889-exploit-analysis

CVE-2012-1889 exploit sample analysis. This is a IE exploit sample. I found this in the vt. Https:/ www.virustotal.com/en/file/1df80150284800e82b1dd64579aae71ebce2f6fd44ea37e4c83af287502452ee/analysis/. But I see the detection radio is so low, 12 / 51. many vendor can’t detect this sample. From the vt tag, it seems CVE-2012-1889, and it really an old vulnerability. We also can find the exploit code here:. Now Let’s look through this sample. The poc code is like following:. DispatchImpl: InvokeHelper 0x9f...

2

A funny suspected malicious software(notepad.exe) analysis - Malware Analysis - SecNiu

http://www.secniu.com/a-funny-suspected-malicious-softwarenotepad-exe-analysis

A funny suspected malicious software(notepad.exe) analysis. My colleague send me some exe files, he wants to check if they are really the malicious. Because in the vt, most of the anti-av say they are the malicious. Just take one as the example. You can find static and the dynamic scan details here:. From the antiav section:. We found many alerts:. But from the dynamic result,. I found the there was no abnormal actions in the execution flow. So it’s the false positive? But many av alerts.

3

0 day - SecNiu

http://www.secniu.com/tag/0-day

标签归档 » 0 day. CVE-2014-0322 0day root cause analysis. Yesterday, fireeye has posted a blog about a new 0day attack. (http:/ www.fireeye.com/blog/technical/cyber-exploits/2014/02/new-ie-zero-day-found-in-watering-hole-attack-2.html) (http:/ www.fireeye.com/blog/uncategorized/2014/02/operation-snowman-deputydog-actor-compromises-us-veterans-of-foreign-wars-website.html). This 0day is affected IE 10, and has been assigned as CVE-2014-0322, and it can be used to ATP attack&#46...0 day 标签为您找到结果 1 个.

4

[EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit - Binary Vuln Analysis - Vulnerability Analysis - SecNiu

http://www.secniu.com/englishversioncve-2014-1767-afd-sys-double-free-vulnerability-analysis-and-exploit

EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. Hint: for Chinese Version, Click Me. 0x01] Vulnerability Root cause analysis. Our most important reference was the paper : http:/ www.siberas.de/papers/Pwn2Own 2014 AFD.sys privilege escalation.pdf, from the description of paper, we can get our poc as follows:. Pragma comment(lib, “WS2 32.lib”). DWORD targetSize = 0×310 ;. DWORD virtualAddress = 0×13371337 ;. Static DWORD inbuf1[100] ;. Memset(inbuf1, 0, sizeof(inbuf1) ;.

5

How to use VBScript to turn on the God Mode? - Exploit Method - SecNiu

http://www.secniu.com/how-to-use-vbscript-to-turn-on-the-god-mode

How to use VBScript to turn on the God Mode? What is the God Mode? This concept is came from yuange, it means if we turn on this God Mode, we can do anything we what. And What the God Mode really is? What we are going to do is to clear the SafeMode flag. Notice: All the following code is vbscript code.). I will show a demo code first. Script type="text/javascript" language="VBScript" set sh=createobject("Shell.Application") sh.ShellExecute "calc.exe" /script ". It can’t run because of the SafeMode. We kn...

UPGRADE TO PREMIUM TO VIEW 15 MORE

TOTAL PAGES IN THIS WEBSITE

20

LINKS TO THIS WEBSITE

sskaje.me

MQTT | @sskaje

https://sskaje.me/category/project/mqtt

Sskaje's blog, study and research on technology. Build mosquitto 1.45 on OS X with MacPorts. Link: https:/ sskaje.me/2015/12/build-mosquitto-os-x-with-macports/. 1 Get tar ball from www.mosquitto.org. 3 Add following lines to CMakeLists.txt. Include directories(/opt/local/include) link directories(/opt/local/lib). Set (VERSION 1.4.5). Build mosquitto 1.45 on OS X with MacPorts by @sskaje. Link to this post! December 27, 2015. Leave a comment on Build mosquitto 1.45 on OS X with MacPorts. It might be a ch...

sskaje.me

项目、研究 | @sskaje

https://sskaje.me/category/project

Sskaje's blog, study and research on technology. Link: https:/ sskaje.me/2016/08/web-static-resource-proxy/. 之前为了让blog能被大陆地区正常访问主要是G家css和字体，在ngnix上配了一些替换规则. 现在单独拿出一个域名干这事情， p.rst.im. 例如 jquery 的google cdn. Https:/ ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js. Https:/ p.rst.im/p/ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js. 如果你的blog使用nginx/tengine并且启用了 ngx http substitutions filter module. Link to this post! August 6, 2016. August 6, 2016. Leave a comment on 静态资源代理服务. 1 Route li...

sskaje.me

12306 | @sskaje

https://sskaje.me/category/project/12306

Sskaje's blog, study and research on technology. Link: https:/ sskaje.me/2013/07/12306%e9%aa%8c%e8%af%81%e7%a0%81%e8%af%86%e5%88%abtesseract%e8%ae%ad%e7%bb%83%e8%84%9a%e6%9c%ac/. Https:/ github.com/sskaje/tesseract 12306. 之前测试的时候，我是人肉再下一批图片，保存成 12306.xxxx.jpg，用训练的文件测试，把结果保存起来比对异常的，windows下命令参考. Tesseract 12306.24RS.jpg 111 -l 12306 & echo 24RS 1.txt & type 111.txt 1.txt & echo - 1.txt. Link to this post! July 25, 2013. August 12, 2014. Leave a comment on 12306验证码识别tesseract训练脚本. January 24, 2012.

sskaje.me

Cloudera Mirror | @sskaje

https://sskaje.me/category/project/cloudera-mirror

Sskaje's blog, study and research on technology. Cloudera Archive Mirror Updated for CM5 & CDH5. Link: https:/ sskaje.me/2013/10/cloudera-archive-mirror-updated-for-cm5-cdh5/. Latest Updates @ https:/ sskaje.me/cloudera-mirror/. Cloudera just released it’s CDH 5 beta download here. This time their don’t use the beta.cloudera.com as non-release product’s repo. URL: http:/ cloudera.rst.im/. You may download Cloudera Manager 4 installer from http:/ cloudera.rst.im/cm4/installer/latest/. October 31, 2013.

sskaje.me

404 Not Found | @sskaje

https://sskaje.me/category/project/hadoop-project

Sskaje's blog, study and research on technology. That page can’t be found. It looks like nothing was found at this location. Maybe try a search? Sketch 3 license key. The service provider in your current location. Native lz4 library not available. Как собрать gmp-ecm windows. Openconnect auth with key. Fsck hfs missing special device. Xmind 6 licence key. Java lang RuntimeException: native lz4 library not available. Hive transpose columns to rows. Received fatal alert: protocol version. Nothing to be done.

sskaje.me

JSON-RPC | @sskaje

https://sskaje.me/category/project/json-rpc

Sskaje's blog, study and research on technology. PHP JSON-RPC Client Class. Link: https:/ sskaje.me/2013/07/simple-json-rpc-client-class/. JSON-RPC 2.0 supported without notification and batch request. Based on php curl, currently available options. For http basic auth. PHP JSON-RPC Client Class by @sskaje. Link to this post! July 11, 2013. August 12, 2014. Leave a comment on PHP JSON-RPC Client Class. Error 1000 by Cloudflare? Iptables disallow nat by source. VMware Windows 10 Guest Shared Folder Fixer.

sskaje.me

404 Not Found | @sskaje

https://sskaje.me/category/project/weixin-project

Sskaje's blog, study and research on technology. That page can’t be found. It looks like nothing was found at this location. Maybe try a search? Sketch 3 license key. The service provider in your current location. Native lz4 library not available. Как собрать gmp-ecm windows. Openconnect auth with key. Fsck hfs missing special device. Xmind 6 licence key. Java lang RuntimeException: native lz4 library not available. Hive transpose columns to rows. Received fatal alert: protocol version. Nothing to be done.

sskaje.me

404 Not Found | @sskaje

https://sskaje.me/category/project/xunlei-project

Sskaje's blog, study and research on technology. That page can’t be found. It looks like nothing was found at this location. Maybe try a search? Sketch 3 license key. The service provider in your current location. Native lz4 library not available. Как собрать gmp-ecm windows. Openconnect auth with key. Fsck hfs missing special device. Xmind 6 licence key. Java lang RuntimeException: native lz4 library not available. Hive transpose columns to rows. Received fatal alert: protocol version. Nothing to be done.

sskaje.me

404 Not Found | @sskaje

https://sskaje.me/category/project/apple-project

Sskaje's blog, study and research on technology. That page can’t be found. It looks like nothing was found at this location. Maybe try a search? Sketch 3 license key. Native lz4 library not available. The service provider in your current location. Openconnect auth with key. Fsck hfs missing special device. Xmind 6 licence key. Как собрать gmp-ecm windows. Received fatal alert: protocol version. Nothing to be done. Java lang RuntimeException: native lz4 library not available. Hive transpose columns to rows.

UPGRADE TO PREMIUM TO VIEW 2 MORE

TOTAL LINKS TO THIS WEBSITE

11

SOCIAL ENGAGEMENT

100003469594282

ga1ois

OTHER SITES

secninja.blogspot.com

Security Ninja

Various information security posts by Kost. Thursday, August 19, 2010. Using OpenVPN to tunnel traffic on laptops and mobiles. Today, I want to talk about using OpenVPN as alternative (or complement) to ssh to tunnel traffic on laptops and mobile phones on insecure (wireless? Ssh -D 1080 some.ssh.server.somewhere. Openvpn - config my-vpn-config.ovpn - redirect-gateway def1. This would use your already set up OpenVPN configuration file (. For description of options and which parameters you can pass to red...

secninja.com

Welcome secninja.com - BlueHost.com

Web Hosting - courtesy of www.bluehost.com.

secnit.com

secnit.com - This website is for sale! - secnit Resources and Information.

The owner of secnit.com. Is offering it for sale for an asking price of 1888 EUR! This page provided to the domain owner free. By Sedo's Domain Parking. Disclaimer: Domain owner and Sedo maintain no relationship with third party advertisers. Reference to any specific service or trade mark is not controlled by Sedo or domain owner and does not constitute or imply its association, endorsement or recommendation.

secnit.net

A+ Network and PC Repair - Homepage

A Network and PC Repair offers 22 years of experience with IT Security, Network, Software and Hardware Services. Providing IT Expertise for Alabama, Mississippi, Florida panhandle, and Gulf Coast area. Please feel free to contact us. Today in regards to any of your PC or network needs. -. A Network and PC Repair - SecNIT Services 5398 Suite A Hwy 90 West Mobile, AL 36619 251-666-2944 Email: sales@SecNIT.net. A Network and PC Repair - Mobile, AL. A Network and PC Repair. Get a free quote. First, we repair...

secnitec.se

Secnitec | En alarmerande bra tekniker

Repslagarevägen 3A SE- 331 53 Värnamo. Växel 46 (0)370 - 69 22 50. 46 (0)70 - 600 76 48. 46 (0)70 - 600 76 56. Secnitec är specialister på säkerhet. Det innebär allt ifrån kameraövervakning, passagesystem, inbrottslarm och brandlarm till automatiserade dörrar och lås. Kombinationen El - tele - data. Är heller inget främmande för oss. Helt enkelt en komplett tekniker som skräddarsyr installationer efter era behov och önskemål.

secniu.com

SecNiu - Security Vulnerability Analysis Exploit 0day

A funny suspected malicious software(notepad.exe) analysis. But many av alerts. …… At last, I found the reason working with nEINEI. The section of this PE file has been changed. The Attribute of this section has been update to rwe. And also found someone inject some datas into this section. …. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. EnglishVersion]CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit. CVE-2012-1889 exploit sample analysis.

secnix.com

Secnix Systems :: Distributed Systems Security & Infrastructure Provisioning And Monitoring

CALL US ON 0300 303 2050. Welcome to Secnix Systems. Read about our services. WHO ARE SECNIX SYSTEMS? Secnix Systems is a group of engineers, architects, administrators and developers . Everyone is different and levels of satisfaction and expectations vary widely. We have immense experience delivering and maintaining large infrastructures. Secnix Systems engineers are Red Hat trained and certified. 3 Reasons to contact Secnix. Our engineers are Red Hat trained and certified, but also believe in diversity.

secnmr.org

SECNMR - The Southeast Collaboratory for Biomolecular NMR

Varian VNMRS 900 Rates: $16/hr 8am - 8pm M-F; $8/hr 8pm - 8am M-F all day Sat and Sun.

secno.fr

Accueil | Cabinet SECNO

Expertise comptable and commissariat aux comptes. Le cabinet SECNO vous accueille. SECNO - Siège social. Le service du cabinet. Transmission / reprise d'entreprises. Notre cabinet sera fermé du lundi 10 août au vendredi 21 août 2015. Le cabinet SECNO vous accueille. SECNO : Cabinet d’audit, d’expertise comptable et de conseil. Notre cabinet a construit une offre de services complète autour de l'information financière et de la mesure de la performance de l’entreprise. En savoir plus sur le cabinet.

secnobyte.com

บริการพัฒนาแอปพลิเคชั่นเว็บและเกมส์ มือถือ: บริการพัฒนาแอปพลิเคชั่นเว็บและมือถืออย่างเต็มรูปแบบ

บร การพ ฒนาแอปพล เคช นเว บและเกมส ม อถ อ. บร การพ ฒนาแอปพล เคช นเว บและม อถ ออย างเต มร ปแบบ. Line แอพพล เคช นท ถ กสร างข นมาในฐานะต วกลางในการส งข อความเพ อต ดต อส อสาร. July 17, 2015. การพ ฒนา Application สำหร บอ ปกรณ เคล อนเพ อผ บร โภค. June 29, 2015. การพ ฒนาเว บแอพล เคช นและการใช งานคอมพ วเตอร ส วนบ คคลท ต ดต งโปรแกรมต างๆ. May 25, 2015. ธ รก จโมบายพ ฒนาเว บไซต เกมออนไลน โอกาสเป ดกว างในย คด จ ตอล. March 24, 2015. การพ ฒนาการของตลาดในโลกเสม อนจร งของเกมออนไลน. February 12, 2015. Y&Y ต สำน กงาน.

secnoc.com

SecNoc Industries: home

This is where you can put your latest news. This is where you can put your latest news. ITS KIND OF FUN TO DO THE IMPOSSIBLE. We want to be your trusted advisor and partner in moving into the future. Services at a glance. We offer many of the standard Security Engineering and Management Consulting Services as well as Managed Services:. Penetration Testing and Vulnerability Assesment. WAN and Network Optimization.