Title
Zombie 2.0
Authors
Fernando Russ, Diego Tiscornia
In
Hack.lu. '07. October 18-20, 2007. Luxembourg.
Date published
2007-10
Keywords
Attack models,software agents,penetration test,network vulnerability assessment,SQL injection,web application vulnerability assessment

This paper is tasked in analyzing the problems underlying the attack and penetration in the web application scenario. We describe the different problems associated with payload engineering and produce effective solutions that allow the attacker/penetration tester to analyze the scenario and build his exploits abstracting the burdensome details in executing an attack. In particular, we analyze the building of exploit code and the use of post-exploitation in the context of Rich Internet Applications (RIA) and web applications.

Attachments