Software Exploit Development – Fuzzing with AFL
It’s quite impressive to look back in the past to the early days of software vulnerabilities and observe the ongoing dance between new mitigation and new exploitation techniques. Powerful fuzzing tools are now commonplace and operated on a daily basis by IT corporations and security labs; either to find crashes in their software or others’ […]
Using Sasquatch with Binwalk for Ubuntu
I am an avid user of binwalk since it automates the initial reverse engineering work. It identifies the compression if any, and file format of a given firmware fairly easily once you take care of the false positives. Last week I built a virtual machine (VM) using a minimal install of Xubuntu Linux. My last […]
Remembering the ‘Stakkato’ Hacks
Philip Gabriel Pettersson, best known by the pseudonym of “Stakkato” can be said to have reached legendary status within the computer security community of his numerous successful breaches of high-level targets between 2003 and 2005. Then a 16-year-old hacker from Uppsala, Sweden, he successfully infiltrated systems of large universities, the United States military, NASA and […]
The Syrian Civil Conflict in the Cyber Environment
This document analyzes the use of the cyber environment in the Syrian civil war by both the population and the government in order to characterize online tactics and strategies developed and used by each belligerent.
Removing Debugging Information from Visual C++/C# Projects
It’s often surprising how many malware programmers forget to do the simplest things. Mostly because many are so concerned with functionality, stealthiness and other production concerns, that details slip easily of their minds – a clear advantage to forensics. One of these details is the Program DataBase (PDB) information added by Visual Studio, which most malware authors used for Windows development. While it may seem innocuous, this string reveals a lot about the operating system used by the author, its user name and most notably, symbols that can be used by IDA and ease understanding of the disassembly.
Useful T-Shark Commands for Intelligence Gathering from Network Traffic
T-Shark is practically the command-line version of Wireshark. It has the same basic capabilities but with the added flexibility offered by using the command-line to process outputs and send them to other applications. Below I’ve enclosed some of the commands that I have found myself reusing over and over again.
Using Infogreffe – France’s National Registry of Corporations and Companies
Any operator knows that prior to any penetration testing activity requires a solid recon phase. The more information you collect about your target, the wider your attack surface becomes and thus, increased chances in a successful infiltration. In this post, we browse to the France’s registry, i.e. the “Registre du Commerce et des Societes” to extract information from the company and use this information to expand our attack surface
The Past, Present and Future of Chinese Cyber Operations
China, as one of many alleged actors on the frontier of cyber espionage, is best understood by briefly examining the past century, how it influences contemporary cyber operations attributed to Chinese-based actors, and how they could be used against the Canadian Armed Forces in a potential Southeast Asian conflict.
Phusking PhotoBucket and Other Pictures Sharing Sites
Fusking picture sharing sites in order to retrieve pictures from private album.
A Study of Smart Cards
Cards are quite an interesting species of object that have invaded our lives in every way: we either use them for public transit, laundry, gift cards, phone cards, credit cards etc… One could gather quite a lot of power buy not only understanding their functioning, but also by being able to tamper their data. I […]