Security Links

0

Web Application Security:
 Advanced SQL Injections in SQL Server Applications
http://www.ngssoftware.com/papers/advanced_sql_injection.pdf
 (more) Advanced SQL Injection
http://www.ngssoftware.com/papers/more_advanced_sql_injection.pdf
 One-Way Web Hacking
http://net-square.com/papers/one_way/one_way.html
 Imperva Blind SQL Injection
http://www.imperva.com/application_defense_center/white_papers/blind_sql_server_injection.html
 SQL Injection Attacks by Example
http://www.unixwiz.net/techtips/sql-injection.html
 Web Applications and SQL Injection
http://www.spidynamics.com/whitepapers/WhitepaperSQLInjection.pdf
 Manipulating Microsoft SQL Server Using SQL Injection
http://www.appsecinc.com/presentations/Manipulating_SQL_Server_Using_SQL_Injection.pdf
 HTML Code Injection and Cross-site scripting
http://www.technicalinfo.net/papers/CSS.html

 Kerberos Details:
 http://web.mit.edu/kerberos/www
 

Buffer Overflows:
 Once Upon a Free – Heap Overflows
http://www.phrack.org/phrack/57/p57-0x09
 
Defeating Windows XP SP2 Heap Protection and DEP Bypass
http://www.maxpatrol.com/defeating-xpsp2-heap-protection.pdf
 
Smashing The Stack For Fun And Profit
http://www.insecure.org/stf/smashstack.txt
 
Intro to Shellcoding
http://tigerteam.se/dl/papers/intro_to_shellcoding.pdf
 
 
Books:
Shell Coders handbook.
http://www.amazon.com/exec/obidos/tg/detail/-/0764544683/qid=1116428692/sr=8-1/ref=pd_csp_1/104-3942550-7935958?v=glance&s=books&n=507846
 
Network Security Assessment, O’Reilly
http://www.oreilly.com/catalog/networksa/
Good broad coverage of various NPT areas – good background reading
 
Network Security Hacks, O’Reilly http://www.oreilly.com/catalog/netsechacks/index.html
 
Hacking Exposed 1st Ed. http://www.amazon.com/exec/obidos/search-handle-url/index%3Dstripbooks%3Arelevance-above%26field-keywords%3Dhacking%252520exposed%26store-name%3Dbooks/104-3942550-7935958
(The first edition was probably the best)
 
Hack Proofing your Network 1st Ed.
http://www.amazon.com/exec/obidos/search-handle-url/index%3Dstripbooks%3Arelevance-above%26field-keywords%3Dhack%252520proofing%252520your%252520network%26store-name%3Dbooks/104-3942550-7935958
(Covers some other concepts like buffer overflows etc, gives better insight into mindset)
 
Assembly Language Step-by-Step, Wiley
http://www.amazon.com/exec/obidos/tg/detail/-/0471375233/ref=ase_jeffduntemann-20/104-3942550-7935958?v=glance&s=books
(Good no assumed knowledge start to assembler on x86)
 
SQL Server Security, Osbourne
http://shop.osborne.com/cgi-bin/osborne/0072225157.html
(By NGS, excellent reading on the subject)
 
TCP/IP illustrated
http://www.amazon.com/exec/obidos/tg/detail/-/0201633469/104-3942550-7935958?v=glance
 
Building Internet firewalls, O’Reilly
http://www.greatcircle.com/firewalls-book/
 
O’Reilly ‘Security Warrior’
http://www.oreilly.com/catalog/swarrior/
(Excellent introduction to many topics with some walkthrough examples.)
 
 
Osborne ‘Hacknotes’ series
http://www.amazon.com/exec/obidos/search-handle-url/ref=dp_searchBox_1/104-3942550-7935958?url=index%3Dstripbooks%3Arelevance-above%26dispatch%3Dsearch%26results-process%3Dbin&field-keywords=hacknotes&x=0&y=0
(Thin/portable reference material which includes an entire testing methodology)

Conversion to Dalvik format failed with error 1

0

Using android on eclipse can be frustating sometimes.You create a new
android project and just cant get it to build, run or clean out the errors
eclipse shows up. Most of all, you can get vague errors like the below.

  • Conversion to Dalvik format failed with error 1
  • Could not *find* HelloAndroid.*apk*
  • Updates (from 0.9.1. to 0.9.5) dont work, vague error there too some
    org.eclipse.something is not linking (google, if you are hearing, just do a
    google search out there find out the issues people are facing). Uninstalls
    dont work.

Did a major google search to figure out how to fix it. Found many that
helped, found many that did not. And I am not alone there.

So this is what worked for me

  • Close all projects
  • Restart Eclipse
  • Uninstall both Android under Help-SoftwareUpdates
  • Restart Eclipse
  • Uncheck all under Help-SoftwareUpdates-AvailableSoftware, except the dl-sslgoogle one, install it
  • Restart Eclipse
  • Create a new project now, same problem eh!! 🙂
  • In the root directory of the project you just created, open the .classpath file. Change it to the following
    <?xml version=”1.0″ encoding=”UTF-8″?>
    <classpath>
     <classpathentry kind=”src” path=”src”/>
     <classpathentry kind=”src” path=”test”/>
     <classpathentry kind=”src” path=”gen”/>
     <classpathentry kind=”output” path=”bin”/>
            <classpathentry kind=”con” path=”com.android.ide.eclipse.adt.ANDROID_FRAMEWORK”/>
    </classpath>
  • Main Menu – Project – Clean
  • Project Explorer – – Right Click – Properties – Android – Check Android 1.5 – Hit Apply (a lot of magic happens
    in the console tab on the project)
  • Project Explorer – – Right Click – Properties – Java Build Path – Libraries – Verify if you see a “Android 1.5”
    and not a “android.jar”.

Summary

The only way to add a “Android 1.5” is to edit the classpath file. Google,you should fix this. It would be nice to know what “Android 1.5” signifies here, a jar, external jar, variable, class folder, external class folder or library(usability issue, think about it, how do I add a Android 1.5 from UI, no way now right). Also it would be nice if the create new android project would fix this automatically.