Ribadeo is pleased to announce that one of our members, Hernán Segismundo Abbamonte (sector7g) will give a talk about LDAP Injection at the 'OWASP Security conference - Argentina 2010'. Said conference will take place Wednesday 30th of June at 12:30 hs.
If you wish to know more about the conference, you can download the brochure from the following link:
http://eventos.fi.uba.ar/seg-informatica/Jornadas2.pdf (in spanish)
And you can find the presentation's slides here:
http://docs.google.com/present/view?id=d4wh29d_0cqvxp5cv (also in spanish :P)
Notes:
- If you want to find out more about the presenter go to this page: http://www.ribadeohacklab.com.ar/drupal/about
- To find more about OWASP check out their main site: http://www.owasp.org
Today Hack In The Box announced a new issue of their ezine.
The ezine is available at: http://www.hackinthebox.org/misc/HITB-Ezine-Issue-002.pdf
You will find our article about Integrity Policies there!
Also, during these days Hack In The Box Conference took place, and all contents are available online.
Get HITB 2010 Dubai conference material at: http://conference.hitb.org/hitbsecconf2010dxb/materials/
A great job by HITB crew.
The group was once again invited to contribute with the new Hack In the Box ezine.
During this week we are finishing with the english review to finally submit the article.
Hernan did a great work with this and Facundo incredibly managed to get a very old paper for us.
More details about this will be given when the ezine is published.
Some days ago, Leonardo Pigñer, Founder of BASE4 Security and one of the EkoParty conference organizers, published an article at his blog, with a list of people that "twitt" things related to security.
Ribadeo Hack Lab was mentioned there!
Full post at: http://kungfoosion.blogspot.com/2010/01/twitteros-de-seguridad-en-argent...
Thanks Leonardo for including us on that list.
During January and February the team will be on holidays and also with some final exams at university.
You will notice the site won't be updated too often but we'll come back soon with some more material.
Cheers!
The site has moved to a new web hosting.
The previous one had many problems causing the site to be offline for short periods.
If you find any strange behavior with the site, please let us know.
If you need to do some SQL Server 2005 or 2008 audit activities on DDL and DML operations this tool may help you.
Download: Effective Permissions Tool
In order to use the tool you need sysadmin privileges and xp_cmdshell enabled on the database server.
Before running it, create the following stored procedures on master db:
If you are interested on some more details you can see our slides (only spanish, sorry...)
RibadeoHackLab Team was recently invited to participate in a new ezine/magazine that Hack In The Box we'll be releasing next year.
As far as we've been informed this ezine will have an online release and also a printed release during Hack In The Box Conference 2010.
The ezine will be made available for free to everyone upon its release which is in line with the spirit of "Keeping Knowledge Free".
We've just started working on an article.
We are glad Hack in the box crew gave us the opportunity to contribute with something to the community.
Some time ago it was announced that milw0rm was not going to be mantained.
Now Offensive Security took over that project and they created a new sucessor.
http://exploits.offensive-security.com
Since we had created the milw0rm search plugin we've now created the Offensive Security Exploit database search plugin.
You can get the plugin at:
We've created a simple Firefox search plugin.
This plugins lets you search on the entire Open Source Vulnerability Database (http://osvdb.org/) inside all text.
You can get it from Firefox addons site
https://addons.mozilla.org/en-US/firefox/addon/45607/
At this moment the addon is in "experimental" mode. It has already been nominated to public, and hopefully in a few days Mozilla moderators will approve it.
Hope you enjoy it!
