Load server Poison Ivy in OllyDBG, go to the address 401200, and do as follows.

Before


After


by
qolyx

Poison Ivy 2.3.2
http://securityxploit.blogger.de/stories/1852045/

A vulnerability in Java (CVE-2011-3552, CVE-2010-4448) which enables remote DNS poisoning using Java applets. This vulnerability can be triggered when opening a malicious webpage. A successful exploitation of this vulnerability may lead to disclosure and manipulation of cookies and web pages, disclosure of NTLM credentials and clipboard data of the logged-on user, and even firewall bypass.

Download PDF
http://blog.watchfire.com/files/dnsp_port_exhaustion.pdf

Zexplo is a python based Penetration Testing toolkit with simple and cool interface.
This first version of Zexplo has 6 enumeration modules for various network scanning operations such as zping, zarpcache, ztcpscan, znmapport etc and 1 exploit (filecopa). In addition to this it also has some exciting modules for man in the middle (MITM) attack and autopwn. You will also see tools such as Injector (inject modules into running process)and Encoder (with triple layer of XOR).


Download
http://securityxploded.net/getfile.php?file=Zexplo.zip