Firefox 79 is out – it’s a double-update month so patch now!
It’s a Blue Moon month for Firefox – the second full update in July! Continue reading Firefox 79 is out – it’s a double-update month so patch now!
Collaborate Disseminate
It’s a Blue Moon month for Firefox – the second full update in July! Continue reading Firefox 79 is out – it’s a double-update month so patch now!
More bad news for cybercrooks… we hope. Continue reading Intel announces “exploit busting” features in its next processor chips
I have a binary file vulnerable to a format strings attack with the following protections:
(Full relro, NX and PIE)
I have managed to find the libc version and hence the address of system and bin/sh in order to launch a shell. My payloa… Continue reading Cannot overwrite eip in order to carry out ret2libc attack
I Am trying to understand a little bit better behind the scenes on bypassing aslr by reading the bytes in the memory of a process, but how can I make an example of an info leak in WIN32? my code does the leaks of bytes , but how can I chec… Continue reading what is an example of out of bounds read in order to leak sensitive information?
I have following code:
#include <stdio.h>
#include <stdlib.h>
int main()
{
int *ptr1 = malloc(16);
int val1 = 0x12345678;
printf(“stack: %p\nheap: %p\n”, &val1, ptr1);
return 0;
}
Compila… Continue reading ASLR doesn’t work?
From what I understand, ASLR has 3 Modes:
0 – turned off
1 – randomizes stack, heap, shared libraries, vDSO, mmap memory area and text area (if built with -fPIE -pie)
2 – additionally randomizes brk()-allocated memory, which comes, to my… Continue reading Importance of ASLR Mode 2
First off this week, a ransomware named Robinhood has a novel trick up its sleeve. The trick? Loading an old known-vulnerable signed driver, and then using a vulnerability in that driver to get a malicious kernel driver loaded.
A Gigabyte driver unintentionally exposed an interface that allows unfettered kernel level …read more
Continue reading This Week in Security: Robinhood, Apple Mail, ASLR, and More Windows 7
If a packer or crypter is used to obfuscate a piece of executable code, it seems that calls and references made in that code will not be updated at load-time and will be incorrect when the code is unpacked or unencrypted! How does a packer… Continue reading How do packers/crypters deal with ASLR?
Why hide kernel symbols?
Quote
Anyone with basic knowledge of kernel exploitation knows how important information gathering is to reliable exploitation. This protection hides the kernel symbols from various places that an attacker cou… Continue reading How to hide Kernel Symbols in Linux Kernel Image? Recompliation?
The unarguable benefits of digital photography has rendered the analog SLR obsolete for most purposes. This means that a wide selection of cameras and lenses are available on the second hand market for pennies on the dollar, making them ripe targets for hacking. [drtonis] decided to experiment with a quick …read more
Continue reading Quick And Dirty Digital Conversion For Analog SLR