ASIS CTF Quals 2016: "Catch Me!" writeup

Mon, 09 May 2016 22:29:56 +0200
Tags: reverse, CTF

The following loop decrypts 32 bytes starting from 0x601280 by XORing ... [Read more]

Writing a LKM rootkit that uses LSM hooks

Mon, 15 Jun 2015 23:42:19 +0200
Tags: security, kernel, LSM, LKM, rootkit

Modifying the syscall table (sys_call_table[]) through a LKM is a ... [Read more]

Use /dev/ptmx to measure inter-keystroke timing (CVE-2013-0160)

Mon, 07 Jan 2013 22:36:56 +0100
Tags: security

As a reminder, the "/dev/ptmx" character device is used to ... [Read more]

Debian's x11-common init script weakness (CVE-2012-1093)

Tue, 20 Mar 2012 18:32:58 +0100
Tags: security

The init script issued from the x11-common Debian package is ... [Read more]

X wrapper: Permission bypass (CVE-2011-4613)

Sat, 17 Dec 2011 15:28:42 +0100
Tags: security

While I was developing the exploit against CVE-2011-4029, I ... [Read more]

Bzip2 (bzexe): race condition (CVE-2011-4089)

Sun, 06 Nov 2011 17:14:53 +0100
Tags: security

bzexe (a shell script provided by the bzip2 package) in used ... [Read more]

Xorg: Two vulnerabilities (CVE-2011-4028 and CVE-2011-4029)

Tue, 18 Oct 2011 20:25:44 +0200
Tags: security

I recently discovered two vulnerabilities in the X server ... [Read more]

libvte9: Escape sequences of death (CVE-2011-2198)

Thu, 16 Jun 2011 20:14:29 +0200
Tags: security

While playing with terminals, I discovered several missing ... [Read more]

How to probe ip_forward option on remote hosts?

Mon, 11 Apr 2011 20:54:20 +0200
Tags: network

On a local network, I thought about a way to know if a ... [Read more] Dynamic library for keystroke logging

Mon, 31 Jan 2011 21:42:14 +0100
Tags: security

Some articles about function interposition or syscall hooking ... [Read more]

Base64 scheme implementation in Bash

Sat, 31 Jul 2010 09:51:07 +0200
Tags: bash

The Base64 encoding/decoding scheme has been implementing in ... [Read more]

Crontab: How to hide a scheduled task

Sun, 18 Jul 2010 17:39:02 +0200
Tags: security

Here is an easy way to hide a task inside a crontab by using ... [Read more]

Man-in-middle detection script

Fri, 7 Aug 2009 22:23:21 +0200
Tags: security, network

Here is a simple ARP spoofing detection script. It warns you ... [Read more]

Send password on /bin/su's stdin

Wed, 29 Jul 2009 23:07:00 +0200
Tags: security

Due to security reason, it is forbidden to pipe or redirect ... [Read more]

Nmap NSE Script "x11-access.nse"

Wed, 29 Jul 2009 21:06:42 +0200
Tags: security, network

If a X server is listening on TCP port 6000+n (where n is the ... [Read more]