Publications
The following library includes
cutting-edge, original research by Airscanner
members that have appeared in their books, professional
papers, and published articles.
Jump to:
Books written by Airscanner members
XSS
Attacks: Cross-site Scripting Exploits and Defense
Syngress, 2007
Cross Site Scripting Attacks starts by defining the
terms and laying out the ground work. It assumes that the reader is
familiar with basic web programming (HTML) and JavaScript. First it
discusses the concepts, methodology, and technology that makes XSS a
valid concern.
It then moves into the various types of XSS attacks, how they are implemented,
used, and abused. After XSS is thoroughly explored, the next part provides
examples of XSS malware and demonstrates real cases where XSS is a dangerous
risk that exposes internet users to remote access, sensitive data theft,
and monetary losses. Finally, the book closes by examining the ways
developers can avoid XSS vulnerabilities in their web applications,
and how users can avoid becoming a victim. The audience is web developers,
security practitioners, and managers.
PSP
Hacks
O'Reilly, 2006
This book illustrates that we aren't just computer
security geeks. At heart, we just love anything we can take apart, and
this book is one example of that. PSP Hacks shows you how to make the
versatile and powerful new PlayStation Portable (PSP) do more than you
ever imagined--and more than Sony ever intended--with 50 innovative
hacks, tweaks, tricks, and how-tos for customizing your PSP and taking
full advantage of features, capabilities, and functionality far beyond
what's listed in the PSP user manual.
Aggressive
Network Self Defense
Syngress, 2005
From the Slashdot review, "It's a series of part
fiction, part tutorial series of short stories. In them, you'll see
tools like Metasploit, virus creation, some nmap, sniffers, and keystroke
loggers, all in action, being used as an operator would use them, and
achieving real goals. This is more valuable than a basic manual, and
the stories themselves act as a nice setting."
Security
Warrior
O'Reilly, 2004
An advanced book on network security from O'Reilly.
Includes the world's first tutorial in print on how to reverse engineer
(crack) Windows CE software. Written by Cyrus Peikari (Airscanner) and
Anton Chuvakin with contributions from Seth Fogie (Airscanner) and Mammon_.
Maximum
Wireless Security
SAMS, 2003
In this bestselling wireless security book, Cyrus Peikari
and Seth Fogie walk you step-by-step through securing, probing and testing
virtually every area of wireless networking. This includes hands-on
coverage of topics as diverse as cracking WEP, setting up (and detecting)
clandestine rogue access points, surveillance, wardriving, jamming wireless
networks, and even airborne wireless viruses.
Windows
.Net Server Security Handbook
Prentice Hall, 2002
This is the first book ever written to cover security
aspects of Windows 2003 Server (formerly Windows .NET Server). Discover
the critical security implications of new features such as Remote Desktop
and Remote Assistance, then learn how to use the latest tools to configure
security in a wide range of scenarios. Includes coverage of Windows
2003 Server PKI, Certificates, IIS, and more.
Windows
Internet Security: Protecting Your Critical Data
Prentice Hall, 2001
A comprehensive look at the many dangers Internet users
face. Starting with computer fundamentals and moving on to viruses,
hacker techniques and protection concepts, this book is a must for all
users new to the world of information security.
Maximum
Security 4th Ed.
SAMS, 2003
In the 4th edition of this legacy security reference,
Dr. Cyrus Peikari joins ranks with top security experts to help you
lock down your network infrastructure against hackers.
Back to Top of Page
Articles written by Airscanner
members
(Requires PDF reader such as Adobe Acrobat)
Windows
Mobile Security Software Fails the Test
From http://www.windowsfordevices.com, "The thrust
of the paper is that far too many software vendors are careless about
how they store their customers' sensitive information. In many cases,
passwords are simply stored as plain text. Even when encryption is used,
the algorithms are often either trivial or flawed, according to Fogie,
who offers numerous detailed examples."
(IN)SECURE
Magazine: Writing an enterprise handheld security policy
(IN)SECURE
Magazine: PDA attacks, part 2: airborne viruses - evolution of the latest
threats
(IN)SECURE
Magazine: PDA attacks: palm sized devices - PC sized threats
Embedded
Reverse Engineering: Cracking Mobile Binaries
Windows CE is the operating system of choice for most
pocket PC devices. As such, it is important to understand the basics
of how this operating system works to become proficient at reverse engineering
on the PPC platform. This segment of the paper will outline the particulars
of Windows CE, and what it means to you when researching the characteristics
of a program.
XSS,
Cookies, and Session ID Authentication – Three Ingredients for
a Successful Hack
Cross site scripting (XSS) errors are generally considered
nothing more than a nuisance — most people do not realize the
inherent danger these types of bugs create. In this article Seth Fogie
looks at a real life XSS attack and how it was used to bypass the authentication
scheme of an online web application, leading to "shell" access
to the web server.
Nikon
Coolpix P1 Wifi Camera: Exposed and Abused
The digital camera has completely revolutionized the
photographic industry. Most families own one, if not two or three of
these devices, yet few people know how they work. In this article, Seth
Fogie exposes the internal mysteries of the digital camera for your
viewing pleasure. However, this isn’t just an ordinary digital
camera — Seth picked one that has built-in wireless connectivity,
which he examines from both a hardware and software perspective. Unfortunately,
he also learned that adding wireless abilities to a camera could leave
you quite exposed.
Airpwn:
Owning the Airwaves
There is no shortage of wireless exploits: cracking
WEP and WPA, man in the middle attacks, rogue access points, etc. In
this article Seth Fogie deals with a method that is not widely discussed:
data traffic injection.
Xbox
360 Exposed
We know many people are just dying to get their hands
on Microsoft's latest next-gen console. Informit's own Seth Fogie, however,
was dying to get his hands in one. On November 22 at 12:01 AM he headed
home with his brand new hardware. But instead of going straight to his
couch, he went straight to his toolbench to crack open one of the first
Xbox 360s to see what's under the hood. See what's inside and learn
how to take it apart in 5 minutes or less with this article and video.
Score
List Hacking: Lessons Learned by Cheating Your Way to Number One
If you like to spend your lunch hour playing online
browser-based games, you're probably familiar with score list hackers
and their cheating ways. However, what you may not realize is that these
vulnerable lists can expose you to a lot more than a sore ego. In this
two-part series, Seth Fogie explains how score lists are exploited,
and more importantly, how these lists can be used to exploit innocent
gamers who are only trying to be number one.
Adding
an External Wi-Fi Antenna to Your PSP
Not content with the factory-installed Wi-Fi adapter
in his PSP, Seth Fogie added an external antenna to boost his signal
strength and improve his signal-to-noise ratio. Here he shows how you
can do it, too. If you own a PSP, this is one of many articles related
to this handheld device that you will find of interest at InformIT.com!
Securing
Your Wireless PDA Connection
There are times a Pocket PC owner might need to use
a public hotspot to check email or surf the Internet. The problem is
that most wireless hotspots are vulnerable to sniffer based attacks.
Seth Fogie and Cyrus Peikari provide a step by step guide that you can
use to securely communicate with almost any online service.
Cracking
Wi-Fi Protected Access (WPA)
In this two-part series, Seth Fogie examines the internals
of WPA and demonstrates how this wireless protection method can be cracked
with only four packets of data. Part 1 outlines the details of WPA as
compared to WEP and builds the foundation for Part 2, in which he describes
in detail how WPA-PSK can be cracked.
Reverse-Engineering
the First Pocket PC Trojan
In this article, we present a detailed two-part analysis
of the Brador Trojan horse for the Windows Mobile operating system.
Details
Emerge on the First Windows Mobile Virus
This three-part series discusses the development of
viruses for the Windows Mobile platform.
Summer
Brings Mosquito-born Malware
This three-part series discusses the menace of viruses
for handheld devices.
Dallas
Business Journal - Stand Up to the BSA
Lost
Interview with the Deceptive Duo
Close
Encounters of the Hacker Kind: A Story from the Front Lines, Part I.
From a warez server to a powerful hacker crew, this
article describes a real life experience of a network admin's worst
nightmare.
Close
Encounters of the Hacker Kind: A Story from the Front Lines, Part II
In part II, the author undergoes a bizarre, yet edifying,
journey of self-exploration and discovery. Or rather, gets owned.
SQL
Server Attacks: Hacking, Cracking, and Protection Techniques
SQL Server attacks strike right at the heart of a business.
Fortunately, you can secure a database server by implementing proper
coding practices and ensuring that the SQL server is configured properly.
Seth Fogie and Dr. Cyrus Peikari uncover two main methods for hacking
SQL servers - and show how you can guard against them.
The
Ingredients to ARP Poison
If you think the only thing between you and the Internet
is a bunch of networking equipment, think again! Using ARP spoofing
attacks, a hacker can see everything you send and receive from your
computer. Cyrus Peikari and Seth Fogie discuss the theory of ARP spoofing
and demonstrate how this type of attack is accomplished.>
Going
on the Defensive: Intrusion-Detection Systems
Tighten your defenses against IDS attacks by learning
about the inherent weaknesses in intrusion-detection systems. Cyrus
Peikari and Seth Fogie show you how to more safely implement this technology
by first showing you how to attack it.
Cracking
WEP
What are the dangers of WEP? After reading this article,
you will understand what a weak IV is, and how RC4, the KSA, PRGA, and
XOR are exploited to crack WEP.
Raw
Sockets Revisited: What Happened to the End of the Internet?
Could a hacker really crash the Internet? Could Windows
XP be turned into a tool of mass destruction? Take a closer look at
the startling alert that predicted the end of the Internet. In this
article, Seth Fogie revisits the prophecy of doom surrounding the subject
of Raw Sockets.
Warez
All That Pirated Software Coming From?
Seth Fogie traces the history of the "Golden Age" of
warez.
Back to Top of Page
Talks
presented by Airscanner members
(Requires PDF reader such as Adobe Acrobat)
Shmoocon
2007 - Windows Mobile Software: Raw and Exposed
Check out the slides from the Windows Mobile: Raw and
Exposed talk that described and demonstrated the sad state of affairs
the Windows Mobile software world is in. From insecure financial storage
programs, to exploitable buffer overflows - one bug can lead to a compromised
Pocket PC/Smartphone.
BlackHat
2004 / DEFCON12
View the slides from the popular talk on Abusing Windows
Mobile/Pocket PC Devices, in which Seth Fogie discusses viruses, trojans,
keyloggers, and buffer overflow attacks.
HIPAA
Security: You Can Run, But You Can't Hide
Read the latest on HIPAA security with this 3.5 credit
CME course published in the January 2004 edition of the Texas Medical
Association monthly periodical.
Defcon
11: Reverse-Engineering Mobile Binaries
Jump into hardcore reverse-engineering with Seth Fogie
at Defcon 11 as he presents a cutting edge presentation on the techniques
and tools used to reverse-engineer the ARM processor and Pocket PC applications.
Defcon
10: Windows .Net Server (Windows Server 2003): Architecture and Policy
Vulnerabilities
Join Dr. Cyrus Peikari and Seth Fogie at Defcon X as
they present a paper on Windows .Net Server security issues, including
subjects ranging from weaknesses in the Remote Assistance program to
the infamous WPA.
dallascon
2002: Cracking WEP
Read the slides from Seth Fogie's revealing talk on the mathematics
behind cracking the WEP protocol. Voted one of the two Best Papers
of DallasCon 2002.
An
Open Source, International, Attenuated, Computer Virus Vaccine
Using irrefutable analogies from history and medicine
such as Smallpox, Dr. Cyrus Peikari outlines the distant future of the
Anti-Virus industry: live computer virus vaccines based on their medical
counterparts.
Back to Top of Page
© 2003 Airscanner Corp.
Some articles courtesy of Pearson Education and InformIT.com
|
