For the third year we had the chance to participate to REcon 2012.
Here is a summary of the most intelligible talks.
The case for semantics-based methods in reverse engineering
Rolf Rolles started the conference on his predilection subject, semantic analysis of code.
A lengthy introduction reminded us that semantic ...
Hack.lu CTF 2011 Write-up : Scotty's last signal
Another writeup for the excellent Hack.lu 2011 Capture The Flag contest. This one was very unusual, based on a patched NES rom of Super Mario Bros 1.
Scotty's last signal You might have heard about Montgomery Scott, the legendary chief engineer of the U.S.S. Enterprise. What ...read more
Linux syscall ABI
A quick post to summarize the linux kernel syscall ABI on i386 architecture.
It is hard to come by a short summary of how to do direct syscalls under the linux kernel. This does not intend to be exhaustive nor authoritative, but at least now I'll have something to ...read more
Sniffing USB traffic with VMWare
VMWare offers the possibility to dump any usb traffic at the lowest level to a dump file.We'll describe here how to activate this feature, and additionally publish a script to convert the dump file to the PCAP format, suitable for use with wireshark.
Enable USB logging
VMWare can ...
Splitting a mercurial repository : HgSplit
Training at CanSecWest 2011: Advanced binary deobfuscation
The course will teach you how to overcome state-of-the-art binary obfuscation.
You will see, and learn to defeat :
- traditional junk,
- arithmetic code hiding,
- code flattening,
- and ...
Metasm recipes: working with a process image
Today we'll discuss how metasm can be used to work with a process memory dump, and also how to search for gadgets suitable for a short ROP sequence.
While working on a vulnerability on a windows server, we had the following premises:
- Non-executable heap
- Randomised address space (except for ...
Automatic exploitation with Metasm
Ivan wrote a post on a script he wrote using metasm to automatically find most parameters needed when exploiting a simple stack-based buffer overflow.
I want to add a few lights on other ways to achieve the same result, and take this opportunity to bring his work to our english-speaking ...read more
Hack in the Box - Amsterdam 2010
Nous y tiendrons le dojo Metasm, et donnerons une présentation sur une attaque physique ciblant Windows 7 64bits.
N'hésitez pas à passer nous faire un petit coucou !
We'll ...read more
We had the chance to assist to the CanSecWest 2010 IT security conference, which took place as every year in Vancouver, Canada.
This is a summary of the conferences we could attend to.
Internet Nails The first day started with a great rant of Marcus Ranum on how most of ...read more