Metasm HowTo: bintrace

Mon 19 July 2010 by alex

Finally, here is the tool we presented at RECON. Our objective is to demonstrate that the use of Metasm allow to quickly and efficiently develop tools, in this particular case we have developed a basic code tracing tool.

bintrace provides few modules: TraceOS, TraceDB, TraceEngine and BranchTraceEngine. They are designed ...

read more

REcon 2010 was really HOT!

Thu 15 July 2010 by alex

And I am not speaking about adult entertainment, but about the crash of the air conditioning system in the hotel during the whole conference. This issue apart, RECON perfectly applies a simple mojo: if you want to make a bunch of reversers happy, talk to them about reverse-engineering. The conference ...

read more

Exploitation de format string avec Metasm

Fri 09 July 2010 by thomas

Metasm est à la mode en ce moment dans le lab, après le post d'Ivan et celui de jj, c'est à mon tour de m'y coller.

Depuis que j'exploite des vulnérabilités de type Format String, j'ai toujours eu l'envie de me coder rapidement un ...

read more

HITB Amsterdam 2010 quick thoughts

Mon 05 July 2010 by alex

Hi all,

Just last week, a few lucky people from our lab did attend the HITB Conference in Amsterdam (the first time for HITB in Europe!)

We had a really great time there.

Damien and Christophe gave a presentation about the subversion of the Windows 7 x64 kernel using DMA ...

read more

Automatic exploitation with Metasm

Sat 19 June 2010 by jj

Ivan wrote a post on a script he wrote using metasm to automatically find most parameters needed when exploiting a simple stack-based buffer overflow.

I want to add a few lights on other ways to achieve the same result, and take this opportunity to bring his work to our english-speaking ...

read more

Exploitation automatique avec Metasm

Mon 14 June 2010 by ivan

Metasm est un outil puissant permettant de scripter la manipulation de binaires. Sachant qu'il fournit une fonctionnalité de debugging, on peut automatiser certaines actions en les scriptant avec Ruby. On va ainsi l'utiliser pour créer un outil basique d'exploitation automatique de binaires ELF x86. L'idée est ...

read more

What will we do at HITB Amsterdam?

Tue 08 June 2010 by fred

Sogeti ESEC R&D will be very active at the HITB Amsterdam conference (June 29 - July 2, 2010), and will be giving a training, a lab session and a talk. If you want to meet us there, we can propose some reduction coupons. Please get in touch with us for ...

read more

Hack in the Box - Amsterdam 2010

Tue 25 May 2010 by jj

Sogeti est sponsor platinum de la conférence HITB Amsterdam.

Nous y tiendrons le dojo Metasm, et donnerons une présentation sur une attaque physique ciblant Windows 7 64bits.

N'hésitez pas à passer nous faire un petit coucou !

Sogeti is a Platinum sponsor for the HITB amsterdam ITsec conference.

We'll ...

read more

CanSecWest 2010

Wed 31 March 2010 by jj

We had the chance to assist to the CanSecWest 2010 IT security conference, which took place as every year in Vancouver, Canada.

This is a summary of the conferences we could attend to.

Internet Nails The first day started with a great rant of Marcus Ranum on how most of ...

read more

Séminaire 2010 : compromission de smartphones

Mon 22 February 2010 by gabriel

Les terminaux mobiles sont omniprésents dans notre monde actuel sous diverses formes : GPS, téléphones portables, PDAs, etc. Le smartphone est le résultat de la convergence de toutes ces plateformes. Windows Mobile, est un des systèmes d'exploitation embarqués les plus présents sur le marché mobile. Par conséquent, il parait essentiel ...

read more