Another sysadmin hangout

[Tools] Give Us Chaos!

30 Apr 2012 11:32:15 +0200

Updated the tools section: New release (version 1.1) of GUChaos.c, a tool to securely feed your system's entropy pool.

[Security] Debian's x11-common script weakness (CVE-2012-1093)

20 Mar 2012 18:32:58 +0100

Added in the security section: A description of the vulnerability with the associate local root exploit.

[Security] X wrapper permission bypass (CVE-2011-4613)

17 Dec 2011 15:28:42 +0100

Added in the security section: A trivial PoC to bypass the X wrapper security restriction on Debian systems.

[Security] Xorg file permission change vulnerability

07 Dec 2011 18:59:15 +0100

Added in the security section: CVE-2011-4029 PoC improved (uses of Inotify and process scheduling priority).

[Security] bzexe (bzip2) race condition PoC (CVE-2011-4089)

06 Nov 2011 17:14:53 +0100

Added in the security section: bzexe race condition PoC.

[Security] Xorg file permission change vulnerability

28 Oct 2011 17:48:56 +0200

Added in the security section: CVE-2011-4029 description and PoC.

[Security] Two vulnerabilities in Xorg (CVE-2011-4028 and CVE-2011-4029)

18 Oct 2011 20:25:44 +0200

Added in the security section: Xorg vulnerabilities due to lock files.

[Security] Escape sequences of death

16 Jun 2011 20:14:29 +0200

Added in the security section: Some malicious escape sequences to crash a terminal which depends on VTE.

[Bash] Base64 implementation in Bash

03 May 2011 21:10:08 +0200

Updated the /bin/bash section: The script base64.sh is being used to illustrate some parts of the Advanced Bash Scripting Guide.

[Tools] New release of Pwd-hash

27 Apr 2011 00:02:39 +0200

Updated the tools section: New release of the pwd-hash (version 2.0).

[Bash] Base64 implementation in Bash

11 Apr 2011 21:30:40 +0200

Updated the /bin/bash section: Improvement of my Base64 scheme implementation in Bash.

[Security] Isgate

11 Apr 2011 20:54:20 +0200

Added in the security section: How to disclose gateways on a LAN + script.

[Tools] Keykass

31 Jan 2011 21:42:14 +0100

Updated the tools section: Keykass.so, a dynamic library for keystroke logging.

[Tools] Give Us Chaos!

26 Dec 2010 14:46:37 +0100

Updated the tools section: A tool to fill your system's entropy spool.

[Bash] Base64 encoding implementation in Bash

31 Jul 2010 09:51:07 +0200

Added in the /bin/bash section: The Bash implementation of a Base64 encoder.

[Security] Crontab

18 Jul 2010 17:39:02 +0200

Added in the security section: How to hide a scheduled task inside a cron table.

[Tools] New release of Assh

17 Jul 2010 17:32:34 +0200

Updated the tools section: New release of the Anonymous Secure SHell (version 2.3).

[Tools] New release of Assh

01 Apr 2010 23:02:14 +0200

Updated the tools section: New release of the Anonymous Secure SHell (version 2.2).

[NMAP] Patch for "--resume" option

07 Mar 2010 15:31:59 +0100

Wrote a nmap patch that makes the "--resume" option works with normal output file (previously generated with "-oN"). It has been included in Nmap version 5.20BETA1.

[Traceroute] Bug fix and patch

01 Nov 2009 09:09:11 +0100

Provided a bug fix (patch) to Fedora's traceroute command (patch included in traceroute version 2.0.13).

[NMAP] x11-access.nse (new version)

09 Aug 2009 15:08:44 +0200

Updated the security section: New version (1.3) of the NSE script x11-access.nse. It has been included in Nmap version 5.10BETA1.

[Bash] ARP spoofing detection script

07 Aug 2009 22:23:21 +0200

Added in the /bin/bash section: A tiny ARP spoofing detection script.

[NMAP] x11-access.nse (new version)

07 Aug 2009 19:08:03 +0200

Updated the security section: New version (1.1) of the NSE script x11-display.nse.

[Security] /bin/su and stdin

29 Jul 2009 23:07:00 +0200

Added in the security section: Send password on /bin/su's stdin.

[NMAP] NSE script to check a x11 display

29 Jul 2009 21:06:42 +0200

Added in the security section: A NSE script (for Nmap) to prevent use of "xhosts +".

Initial version of the website

27 Jul 2009 20:55:06 +0200

I've made up this page to share few stuff (commands, scripts and programs) that I've quickly wrote for fun purposes (I hope some of them can be usefull).