/home

Bl0g & Site updates

[Tools] Give Us Chaos! [`Mon, 30 Apr 2012 11:32:15 +0200`]

Updated the tools section: New release (version 1.1) of GUChaos.c, a tool to securely feed your system's entropy pool.

[Security] Debian's x11-common script weakness (CVE-2012-1093) [`Tue, 20 Mar 2012 18:32:58 +0100`]

Added in the security section: A description of the vulnerability with the associate local root exploit.

[Security] X wrapper permission bypass (CVE-2011-4613) [`Sat, 17 Dec 2011 15:28:42 +0100`]

Added in the security section: A trivial PoC to bypass the X wrapper security restriction on Debian systems.

[Security] Xorg file permission change vulnerability [`Wed, 07 Dec 2011 18:59:15 +0100`]

Added in the security section: CVE-2011-4029 PoC improved (uses of Inotify and process scheduling priority).

[Security] bzexe (bzip2) race condition PoC (CVE-2011-4089) [`Sun, 06 Nov 2011 17:14:53 +0100`]

Added in the security section: bzexe race condition PoC.

[Security] Xorg file permission change vulnerability [`Fri, 28 Oct 2011 17:48:56 +0200`]

Added in the security section: CVE-2011-4029 description and PoC.

[Security] Two vulnerabilities in Xorg (CVE-2011-4028 and CVE-2011-4029) [`Tue, 18 Oct 2011 20:25:44 +0200`]

Added in the security section: Xorg vulnerabilities due to lock files.

[Bash] Base64 encoding implementation in Bash [`Sat, 31 Jul 2010 09:51:07 +0200`]

Added in the /bin/bash section: The Bash implementation of a Base64 encoder.

[Security] Crontab [`Sun, 18 Jul 2010 17:39:02 +0200`]

Added in the security section: How to hide a scheduled task inside a cron table.

[Tools] New release of Assh [`Sat, 17 Jul 2010 17:32:34 +0200`]

Updated the tools section: New release of the Anonymous Secure SHell (version 2.3).

[Tools] New release of Assh [`Thu, 01 Apr 2010 23:02:14 +0200`]

Updated the tools section: New release of the Anonymous Secure SHell (version 2.2).

[NMAP] Patch for "--resume" option [`Sun, 7 Mar 2010 16:31:59 +0200`]

Wrote a nmap patch that makes the "--resume" option works with normal output file (previously generated with "-oN"). It has been included in Nmap version 5.20BETA1.

[Traceroute] Bug fix & patch [`Sun, 1 Nov 2009 10:09:11 +0200`]

Provided a bug fix (patch) to Fedora's traceroute command (patch included in traceroute version 2.0.13).

[NMAP] x11-access.nse (new version) [`Sat, 9 Aug 2009 15:08:44 +0200`]

Updated the security section: New version (1.3) of the NSE script x11-access.nse. It has been included in Nmap version 5.10BETA1.

[Bash] ARP spoofing detection script [`Fri, 7 Aug 2009 22:23:21 +0200`]

Added in the /bin/bash section: A tiny ARP spoofing detection script.

[NMAP] x11-access.nse (new version) [`Fri, 7 Aug 2009 19:08:03 +0200`]

Updated the security section: New version (1.1) of the NSE script x11-display.nse.

[Security] /bin/su and stdin [`Wed, 29 Jul 2009 23:07:00 +0200`]

Added in the security section: Send password on /bin/su's stdin.

[NMAP] NSE script to check a x11 display [`Wed, 29 Jul 2009 21:06:42 +0200`]

Added in the security section: A NSE script (for Nmap) to prevent use of "xhosts +".

Initial version of the website [`Mon, 27 Jul 2009 20:55:06 +0200`]

I've made up this page to share few stuff (commands, scripts and programs) that I've quickly wrote for fun purposes (I hope some of them can be usefull).

http://vladz.devzero.fr

Another sysadmin hangout

/home

Bl0g & Site updates

[Tools] Give Us Chaos! [`Mon, 30 Apr 2012 11:32:15 +0200`]

[Security] Debian's x11-common script weakness (CVE-2012-1093) [`Tue, 20 Mar 2012 18:32:58 +0100`]

[Security] X wrapper permission bypass (CVE-2011-4613) [`Sat, 17 Dec 2011 15:28:42 +0100`]

[Security] Xorg file permission change vulnerability [`Wed, 07 Dec 2011 18:59:15 +0100`]

[Security] bzexe (bzip2) race condition PoC (CVE-2011-4089) [`Sun, 06 Nov 2011 17:14:53 +0100`]

[Security] Xorg file permission change vulnerability [`Fri, 28 Oct 2011 17:48:56 +0200`]

[Security] Two vulnerabilities in Xorg (CVE-2011-4028 and CVE-2011-4029) [`Tue, 18 Oct 2011 20:25:44 +0200`]

[Security] Escape sequences of death [`Thu, 16 Jun 2011 20:14:29 +0200`]

[Bash] Base64 implementation in Bash [`Tue, 03 May 2011 21:10:08 +0200`]

[Tools] New release of Pwd-hash [`Wed, 27 Apr 2011 00:02:39 +0200`]

[Bash] Base64 implementation in Bash [`Mon, 11 Apr 2011 21:30:40 +0200`]

[Security] Isgate [`Mon, 11 Apr 2011 20:54:20 +0200`]

[Tools] Keykass [`Mon, 31 Jan 2011 21:42:14 +0100`]

[Tools] Give Us Chaos! [`Sun, 26 Dec 2010 14:46:37 +0100`]

[Bash] Base64 encoding implementation in Bash [`Sat, 31 Jul 2010 09:51:07 +0200`]

[Security] Crontab [`Sun, 18 Jul 2010 17:39:02 +0200`]

[Tools] New release of Assh [`Sat, 17 Jul 2010 17:32:34 +0200`]

[Tools] New release of Assh [`Thu, 01 Apr 2010 23:02:14 +0200`]

[NMAP] Patch for "--resume" option [`Sun, 7 Mar 2010 16:31:59 +0200`]

[Traceroute] Bug fix & patch [`Sun, 1 Nov 2009 10:09:11 +0200`]

[NMAP] x11-access.nse (new version) [`Sat, 9 Aug 2009 15:08:44 +0200`]

[Bash] ARP spoofing detection script [`Fri, 7 Aug 2009 22:23:21 +0200`]

[NMAP] x11-access.nse (new version) [`Fri, 7 Aug 2009 19:08:03 +0200`]

[Security] /bin/su and stdin [`Wed, 29 Jul 2009 23:07:00 +0200`]

[NMAP] NSE script to check a x11 display [`Wed, 29 Jul 2009 21:06:42 +0200`]

Initial version of the website [`Mon, 27 Jul 2009 20:55:06 +0200`]

http://vladz.devzero.fr

Another sysadmin hangout

/home

Bl0g & Site updates

[Tools] Give Us Chaos! [Mon, 30 Apr 2012 11:32:15 +0200]

[Security] Debian's x11-common script weakness (CVE-2012-1093) [Tue, 20 Mar 2012 18:32:58 +0100]

[Security] X wrapper permission bypass (CVE-2011-4613) [Sat, 17 Dec 2011 15:28:42 +0100]

[Security] Xorg file permission change vulnerability [Wed, 07 Dec 2011 18:59:15 +0100]

[Security] bzexe (bzip2) race condition PoC (CVE-2011-4089) [Sun, 06 Nov 2011 17:14:53 +0100]

[Security] Xorg file permission change vulnerability [Fri, 28 Oct 2011 17:48:56 +0200]

[Security] Two vulnerabilities in Xorg (CVE-2011-4028 and CVE-2011-4029) [Tue, 18 Oct 2011 20:25:44 +0200]

[Security] Escape sequences of death [Thu, 16 Jun 2011 20:14:29 +0200]

[Bash] Base64 implementation in Bash [Tue, 03 May 2011 21:10:08 +0200]

[Tools] New release of Pwd-hash [Wed, 27 Apr 2011 00:02:39 +0200]

[Bash] Base64 implementation in Bash [Mon, 11 Apr 2011 21:30:40 +0200]

[Security] Isgate [Mon, 11 Apr 2011 20:54:20 +0200]

[Tools] Keykass [Mon, 31 Jan 2011 21:42:14 +0100]

[Tools] Give Us Chaos! [Sun, 26 Dec 2010 14:46:37 +0100]

[Bash] Base64 encoding implementation in Bash [Sat, 31 Jul 2010 09:51:07 +0200]

[Security] Crontab [Sun, 18 Jul 2010 17:39:02 +0200]

[Tools] New release of Assh [Sat, 17 Jul 2010 17:32:34 +0200]

[Tools] New release of Assh [Thu, 01 Apr 2010 23:02:14 +0200]

[NMAP] Patch for "--resume" option [Sun, 7 Mar 2010 16:31:59 +0200]

[Traceroute] Bug fix & patch [Sun, 1 Nov 2009 10:09:11 +0200]

[NMAP] x11-access.nse (new version) [Sat, 9 Aug 2009 15:08:44 +0200]

[Bash] ARP spoofing detection script [Fri, 7 Aug 2009 22:23:21 +0200]

[NMAP] x11-access.nse (new version) [Fri, 7 Aug 2009 19:08:03 +0200]

[Security] /bin/su and stdin [Wed, 29 Jul 2009 23:07:00 +0200]

[NMAP] NSE script to check a x11 display [Wed, 29 Jul 2009 21:06:42 +0200]

Initial version of the website [Mon, 27 Jul 2009 20:55:06 +0200]

[Tools] Give Us Chaos! [`Mon, 30 Apr 2012 11:32:15 +0200`]

[Security] Debian's x11-common script weakness (CVE-2012-1093) [`Tue, 20 Mar 2012 18:32:58 +0100`]

[Security] X wrapper permission bypass (CVE-2011-4613) [`Sat, 17 Dec 2011 15:28:42 +0100`]

[Security] Xorg file permission change vulnerability [`Wed, 07 Dec 2011 18:59:15 +0100`]

[Security] bzexe (bzip2) race condition PoC (CVE-2011-4089) [`Sun, 06 Nov 2011 17:14:53 +0100`]

[Security] Xorg file permission change vulnerability [`Fri, 28 Oct 2011 17:48:56 +0200`]

[Security] Two vulnerabilities in Xorg (CVE-2011-4028 and CVE-2011-4029) [`Tue, 18 Oct 2011 20:25:44 +0200`]

[Security] Escape sequences of death [`Thu, 16 Jun 2011 20:14:29 +0200`]

[Bash] Base64 implementation in Bash [`Tue, 03 May 2011 21:10:08 +0200`]

[Tools] New release of Pwd-hash [`Wed, 27 Apr 2011 00:02:39 +0200`]

[Bash] Base64 implementation in Bash [`Mon, 11 Apr 2011 21:30:40 +0200`]

[Security] Isgate [`Mon, 11 Apr 2011 20:54:20 +0200`]

[Tools] Keykass [`Mon, 31 Jan 2011 21:42:14 +0100`]

[Tools] Give Us Chaos! [`Sun, 26 Dec 2010 14:46:37 +0100`]

[Bash] Base64 encoding implementation in Bash [`Sat, 31 Jul 2010 09:51:07 +0200`]

[Security] Crontab [`Sun, 18 Jul 2010 17:39:02 +0200`]

[Tools] New release of Assh [`Sat, 17 Jul 2010 17:32:34 +0200`]

[Tools] New release of Assh [`Thu, 01 Apr 2010 23:02:14 +0200`]

[NMAP] Patch for "--resume" option [`Sun, 7 Mar 2010 16:31:59 +0200`]

[Traceroute] Bug fix & patch [`Sun, 1 Nov 2009 10:09:11 +0200`]

[NMAP] x11-access.nse (new version) [`Sat, 9 Aug 2009 15:08:44 +0200`]

[Bash] ARP spoofing detection script [`Fri, 7 Aug 2009 22:23:21 +0200`]

[NMAP] x11-access.nse (new version) [`Fri, 7 Aug 2009 19:08:03 +0200`]

[Security] /bin/su and stdin [`Wed, 29 Jul 2009 23:07:00 +0200`]

[NMAP] NSE script to check a x11 display [`Wed, 29 Jul 2009 21:06:42 +0200`]

Initial version of the website [`Mon, 27 Jul 2009 20:55:06 +0200`]