If you like this, you can use flattr. ;)
- Quickpost: Inspiring Windows software profilers and checkers
- 0x41 - back to bugs
- low footprint/hardware assisted virtualization with Linux and GrSec
- Postfix troubleshooting - a security nightmare
- New content soon
- 0x41 - (weekly) exploitation matters - Vista Heap, scripting debuggers with debug libs and how to learn to use that knowledge
- 0x41 - weekly exploitation matters - Shellcode and frameworks
- Explicit and implicit security in software development - measures and change
- 0x41 - weekly exploitation matters - Heap overflow fundamentals
- 0x41 - weekly exploitation matters - About
- wishinet: http://www.godblock.com/#what "block sexual, and psychologically harmful material" like "holy texts". Protect "from being indoctrinated"
- wishinet: Load average: 23.69 20.11 14.95 - jepp, this is obviously bad.
- wishinet: http://img2.moonbuggy.org/imgstore/ethernet-killer.jpg
- wishinet: According to my 400d stats the most viewed page at my blog is phpids's xss warning. You can do better! :)
- wishinet: I'm super-hungry after some meditation... guess this isn't normal. :-) 0xf000000d
UnprotectedHex - about formal software verification
Sean's blog
Xecurity - a security feed collecter
Reddit RCE group
Freedom To Tinker
Emergent Chaos
Woodmann RCE forums
OpenRCE community forums
SecViz - security data visualization
DAVIX Live - for security metrics
Hex Live
Security Metrics
Immunity's Free Software
Core Security's OpenSouce research
Zynamics Blog
shell-haqing
0x41 - weekly exploitation matters - Shellcode and frameworks
Sun, 03/28/2010 - 13:50 | wishi
A non Un-Shakespearian matter
There're mainly two things I wanted to write about regarding Shellcode. However my time is limited... and therefore I kept it short and simple this time.
The two things this mainly is about are:
- dnscat
- (lesser known) Shellcode tools
If your exploit is a rocket, it targets the vulnerable entry point, and the rocket's load is the Shellcode. Normally, when it comes to memory corruptions due exploitation attempts, the program flow alteration directs the EIP into this (pay)load. So instead of crashing your program continues doing what you wanted it to do.
At the point where the EIP doesn't get NOPs e. g. it expects carefully formated instructions (read: Shellcode).
Tags: Scrapers with surfraw
Sat, 01/09/2010 - 18:37 | wishi
Searching is more than googleing
surfraw is a tool to build great "scrapers". A scraper is a tool to extract content from the web automatically. It gets tricky when it comes to modern web-apps which embed content dynamically, but in case of the following it's "just" searching. The art of searching (presentation of Fravia at 22c3, html5 embedded) isn't widely known. - I think especially people in IT should train that ability or being taught: because the job always requires to search for specific information.
De-Cygwinize Win
Sat, 12/05/2009 - 15:15 | wishi
No more emulation
When it comes to the commandline administrators all over the Windows worlds nowadays think of Cygwin or Powershell. However Cygwin is a special layered environment and Powershell is .Net dependant and not very reactive.
Therefore I tend to turn back to the good old DOS-like commandline and add some stuff to the environment path in order to ease my life. However many people may think that extending your commandline tools doesn't help you in situations where you don't find these tools: on Windows the commandline is just an extra. The following stuff of course doesn't help you to do post-exploitation or to show of at your friends machine. But it helps to save time. My time ;).
