Zombie 2.0

Zombie 2.0

Thursday, October 18, 2007
Fernando Russ, Diego Tiscornia
Hack.lu. '07

This paper is tasked in analyzing the problems underlying the attack and penetration in the web application scenario. We describe the different problems associated with payload engineering and produce effective solutions that allow the attacker/penetration tester to analyze the scenario and build his exploits abstracting the burdensome details in executing an attack. In particular, we analyze the building of exploit code and the use of post-exploitation in the context of Rich Internet Applications (RIA) and web applications. 

Related information

Publications
Automated SQL Ownage Techniques (OWASP)