Gaining Information | Information Gathering

h4x0r w4rri0r.com
VulnerabilitiesSecurity Bug and Exposures
- Improper Input ValidationNever trust user input!
- Improper AuthenticationWho you are!
- Improper AuthorizationWhat you can access!
- Lack of EncryptionEncoding information!
- Security MisconfigurationIncorrect arrangement!
- Information ExposureError allows to break!
- Business Logic Errors and MisuseUnderstand the business!
- Insecure DeserializationThe reverse process!
- Insufficient Logging and MonitoringAnalyse specific incident!
- Memory Corruption and LeakIncorrectly manages allocation!
- Insecure Interfaces and ServicesThe exposure of data!
- Social Engineering and Human ErrorExploits human psychology!
Exploits Attacker Controller
- Win32 / Win64 Windows 32-bit and 64-bit Application
- Linux x64 / Linux x86 Linux 64-bit and 86-bit Extension
- OpenBSD / NetBSD BSD Operating Systems
- OS X - ppc / OS X - x86 PowerPC and Intel x86-based Macintosh
- AIX / UnixWare 32-bit/64-bit Multiplatform UNIX
- Solaris - SPARC / Solaris - x86 Solaris SPARC-based and x86-based
- Zero Day Exploits Unknown Vulnerability
- Remote Exploits Without Prior Access
- Local Exploits Requires Prior Access
- Web Application Exploits Compromised Web Applications
- Denial of Service (DoS) Resource Unavailable
- Privilege Escalation (EoP) Gain Elevated Access to Resources
Advisories Defense in Depth
- Microsoft Security Microsoft Products Security
- Red Hat Security Red Hat Products Security
- Cisco Security Cisco Products Security
- Oracle Security Oracle Products Security
- Apache Security Apache Products Security
- Adobe Security Adobe Products Security
- Apple Security Apple Products Security
- Check Point Security Check Point Products Security
- Google Chrome Security Google Products Security
- Debian Security Debian Products Security
- IBM Security IBM Products Security
- US-CERT Advisories Current Cyber Security
Training Educational Use
- Information Security Certifications That Will Get You A Raise
- Information Security Conferences Exchange of Information and Views
- Information Security Magazines Paper Painting of Modern Security
- Hackers Operating Systems Penetration Testing and Security Auditing
- Best Hackers Movies Forever Passionate Hackers and Crackers in Action
- Security Practical Challenges Testing Knowledge Without Going to Jail
ArsenalHacking Weapons
- Web Application Analysis Where Everybody Belongs
- Wire Network Analysis Information in Wire Transmission
- Wireless Network Analysis Information in Radio Waves
- Malicious Code Analysis Attackers to Disrupt Computer Operation
- Reverse Engineering Analysis Disassemble and Discovering Principles
- Digital Forensic Analysis Investigations of Digital Devices
- Information Gathering Act of Collecting Data
- Network Mapping Generate Network Maps
- Vulnerability Assessment Security Weakness and Threats
- Penetration Testing Exploitation of Security Flaws
- Privilege Escalation Gain Elevated Access to Resources
- Maintaining Access Reconnect Target System

WoW64 (Windows 32-bit on Windows 64-bit) is a subsystem of the Windows operating system capable of running 32-bit applications and is included on all 64-bit versions of Windows - including Windows XP Professional x64 Edition, IA-64 and x64 versions of Windows Server 2003, as well as 64-bit versions of Windows Vista, Windows Server 2008, Windows 7 and Windows 8. In Windows Server 2008 R2 Server Core, it is an optional component.

WoW64 is designed to take care of many of the differences between 32-bit Windows and 64-bit Windows, particularly involving structural changes to Windows itself.

Translation Libraries

The WoW64 subsystem comprises a lightweight compatibility layer that has similar interfaces on all 64-bit versions of Windows. It aims to create a 32-bit environment that provides the interfaces required to run unmodified 32-bit Windows applications on a 64-bit system. Technically, WoW64 is implemented using three dynamic-link libraries (DLLs):

Wow64.dll, the core interface to the Windows NT kernel that translates between 32-bit and 64-bit calls, including pointer and call stack manipulations
Wow64win.dll, which provides the appropriate entry-points for 32-bit applications
Wow64cpu.dll, which takes care of switching the processor from 32-bit to 64-bit mode

Registry and File System

The WoW64 subsystem also handles other key aspects of running 32-bit applications. It is involved in managing the interaction of 32-bit applications with the Windows components such as the Registry, which has distinct keys for 64-bit and 32-bit applications. For example HKEY_LOCAL_MACHINE\Software\Wow6432Node is the 32-bit equivalent of HKEY_LOCAL_MACHINE\Software (although 32-bit applications are not aware of this redirection). Some Registry keys are mapped from 64-bit to their 32-bit equivalents, while others have their contents mirrored, depending on the edition of Windows.

The operating system uses the %SystemRoot%\system32 directory for its 64-bit library and executable files. This is done for backward compatibility reasons, as many legacy applications are hardcoded to use that path. When executing 32-bit applications, WoW64 transparently redirects 32-bit DLLs to %SystemRoot%\SysWoW64, which contains 32-bit libraries and executables. 32-bit applications are generally not aware that they are running on a 64-bit operating system. 32-bit applications can access %SystemRoot%\System32 through the pseudo directory %SystemRoot%\sysnative.

There are two Program Files directories, both visible to both 32-bit and 64-bit applications. The directory that stores the 32 bit files is called Program Files (x86) to differentiate between the two, while the 64 bit maintains the traditional Program Files name without any additional qualifier.

Incompatible Applications

32-bit applications that include only 32-bit kernel-mode device drivers, or that plug into the process space of components that are implemented purely as 64-bit processes (e.g. Windows Explorer) cannot be executed on a 64-bit platform. Service applications are supported.

The SysWOW64 folder located in the Windows folder on the OS drive contains several applications to support 32-bit applications (e.g. cmd.exe, useful to register 32bit windows services, odbcad32.exe, to register ODBC connections for 32-bit applications). 16-bit legacy applications for MS-DOS and early versions of Windows are usually incompatible with 64-bit versions of Windows Vista, 7 and 8, but can be run on a 16-bit or 32-bit Windows OS via Microsoft Virtual PC or DOSBox. 32-bit versions of Windows XP, Vista, 7, and 8, on the other hand, can usually run 16-bit apps with few to no problems.

The component that makes this possible, Windows on Windows 32-bit, is replaced in 64-bit Windows OSs by WoW64, rendering nearly all 16-bit apps unexecutable.

Internet Explorer is implemented as both a 32-bit and a 64-bit application because of the large number of 32-bit ActiveX components on the Internet that would not be able to plug into the 64-bit version. The 32-bit version is used by default and the 64-bit version cannot be set to be the default browser.

CORE Impact Professional

CORE Impact Professional is the most comprehensive software solution for assessing and testing security vulnerabilities throughout your organization.

IBM Security AppScan

IBM Rational AppScan Enterprise is a scalable solution to help resolve application security vulnerabilities, offering recommendations to simplify remediation.

HP WebInspect

HP WebInspect gives security professionals and security novices alike the power and knowledge to quickly identify and validate critical, high-risk security vulnerabilities.

Acunetix WVS

Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits web applications by checking for hacking vulnerabilities.

w4rri0r - Hacking Is Not A Crime - It's an art of Awareness

\/ w4rri0r - Hacking Is Not A Crime - It's an art of Awareness \/ - w4rri0r work in the dark, w4rri0r do what w4rri0r can, w4rri0r give what w4rri0r have, w4rri0r doubt is w4rri0r passion and w4rri0r passion is w4rri0r task. The rest is the madness of art \/ w4rri0r \/

\/ w4rri0r.com \/ are the great resource for information security professionals and researcher. \/ w4rri0r \/ offers a extensive variation of information security services that include SECURITY EXPLOITS (Bug or Vulnerability), SECURITY ADVISORIES (Security Alerts), SECURITY RESEARCHER TOOLBOX (Freeware, Shareware & Open-Source), SHELLCODE (Attacker Controller - Chunk of Data), SECURITY TRAINING (Educational Purpose), SECURITY NEWS (Security Recent or Important Events) and with this group you can be assured that you’re in the right hands. \/ w4rri0r gr0up \/ efforts being endorsed and appreciated by administrators, security researchers and members of various underground hacking groups and communities worldwide.

\/ w4rri0r mission \/ are to make the information systems more secure, more aware, more reliable and protect against possible security breaches.

Windows 32-bit and 64-bit Application

Translation Libraries

Registry and File System

Incompatible Applications

CORE Impact Professional

IBM Security AppScan

HP WebInspect

Acunetix WVS

w4rri0r - Hacking Is Not A Crime - It's an art of Awareness

Hacker Groups

Login

Register