It’s been a few months since I’ve posted anything. This is not to mean I have been idle. Indeed, rainbowsandpwnies has launched the haxathon, a challenge-based CTF type event that lasts more than 48 hours. I’ve begun a rewrite of Rainbows-And-Pwnies-Tools and a symbolic execution engine. To be fair, I’ve, “Started,” the symbolic execution a [...]
This is in response to an email I recently received (edited a bit for clarity) With our current resources we can test passwords to their hash in fractions of a second allowing for well resourced groups to test thousands of passwords every second. This means, given enough time and resources, you can crack any password [...]
This post really isn’t up to the standard of most others here. However, there comes a time when writing anything is better than nothing. I’m also glazing over a lot of details that would be important in implementing a Symbolic Execution Engine. I am interested in the discovery of memory-corruption vulnerabilities. The two often-used methods [...]
A couple weeks ago I posted about rop_tools, a tool for quickly finding a variety of rop gadgets in x86 ELF binaries. Well, I decided rop_tools needed an awesome scripting interface, and a couple of weeks later rop_tools emerged into a pretty powerful tool for scripting elf disassembly. Hacking together a disassembler (we’re going to [...]
This post is about a new tool I’ve been working on, rop_tools. This is a tool for working with rop gadgets in ELF binaries (currently only 32-bit). But first I’ll talk about the reasons why I wrote the tool. I was recently working on exploiting a binary in linux. This binary was small, and I [...]
I read an article last night (this one in fact) which included the following sentence: “That said, it is no longer secure to hash your passwords with MD5, much less when it is unsalted.” I cringed. I understand this sentence comes from a common misunderstanding of what security a cryptographic hash brings to your password [...]
This post is not a class on assembly. It is about a tool I use and hope others will find useful. An understanding of x86 assembly will help. What is the RAVM, and why create it? Learning how programs work at the assembly level is crucial towards gaining a holistic understanding of modern day computing. [...]
This post is a basic explanation of the concepts behind sending/receiving messages with PGP. This is the basic information I want someone to understand before I start communicating with them. These explanations are fairly simplified. Infeasible means it is very, very difficult to do something. In cryptology, this usually equates to something along the lines [...]
I just came across this post talking about a reflective XSS attack on google that only worked on IE 6/7. I’m going to make an assumption and assume this is due to Internet Explorer 8′s resistance to reflective XSS. I also came across this issue about a week ago and thought I would share some [...]
I know this talk took place at Shmoocon, and though I was not able to attend it, I just stumbled across this write up of the material covered. I believe it’s time to discuss a project of mine from a couple years ago: The Boot and Pwner (affectionately named The Bwner). I’m tired, so we’re [...]