syscalls.kernelgrok.com

marionumber1.blogspot.com

Marionumber1's blog: HSF 2016: Isengard (re500)

http://marionumber1.blogspot.com/2016/10/hsf-2016-isengard-re500.html

Monday, October 10, 2016. HSF 2016: Isengard (re500). Isengard is a 500 point reverse engineering problem. We're given a binary to look at, but little other direction. Let's see what we can find. First, it's a good idea to try running the program:. Find them and bring them back! Https:/ www.youtube.com/watch? That doesn't tell us much, so let's start disassembling Isengard:. Text:0BADCD54 push 0 .text:0BADCD56 push offset aDevUrandom ; "/dev/urandom" .text:0BADCD5B call sub BADC18E .text:0BAD...This seem...

barrebas.github.io

ROP Primer - Level0 - staring into /dev/null

http://barrebas.github.io/blog/2015/06/28/rop-primer-level0

ROP Primer - Level0. The ROP VM which I made for this exercise can be downloaded from vulnhub.com. Version 0.2 is fixed, as the home dirs had improper permissions (thanks to faleur and marky for notifying me). We’re up against the binary. In this case, we have the source code, which helps tremendously. Nevertheless, start by treating it as a blackbox. First, enable coredumps. Then, make sure you’re not running the exploits against a SUID binary. Linux, by default, will. Another useful command is. Call 80...

samthursfield.wordpress.com

The Hypercall API of the Rump Kernel project | Sam Thursfield's Blog

https://samthursfield.wordpress.com/2014/11/25/the-hypercall-api-of-the-rump-kernel-project

Sam Thursfield's Blog. I want music in my life not questions! On uWSGI and metaphors. My first Ansible modules →. The Hypercall API of the Rump Kernel project. November 25, 2014. Today I’m at the New Directions In Operating Systems. Conference in Shoreditch in London. It’s a cool thing about working for Codethink that they let you go to conferences like these and even pay for the extortionate hotel and train fares involved! There is fascinating stuff being talked about, I think Robert Watson. The other i...

blog.eikeland.se

Decoding shellcode

http://blog.eikeland.se/2013/06/10/shellcode

Developer, hacker, techno-foodie, diver, hobby-photographer. Does consultancy work from own company. Lives in Bergen, Norway. Nasjonal Sikkerhetsmyndighet (NSM) recently put up a few security challenges on their page as part of a hiring, and was linked to by one of the major norwegian tabloids - VG. Most of them looked like boring substitution cipher and so on. but one sparked my interrest - shellcode. Run it through a disassembler to verify, ndisasm - nasm's disassembler works great. Eax = eax * ebx = 0.

ins3cure.blogspot.com

Late night thoughts on security: August 2013

http://ins3cure.blogspot.com/2013_08_01_archive.html

Late night thoughts on security. Interest is a terrible thing to waste (Roger Schank). Wednesday, August 7, 2013. Store encrypted files on Google Drive. We'll use the Grive Linux client for Google Drive and EncFS to create a ' safe. In the cloud, inside Google Drive and mount it locally:. Sudo add-apt-repository ppa:nilarimogard/webupd8 sudo apt-get update sudo apt-get install grive. 2 How to use. Create a working folder :. Mkdir /grive cd /grive/. Synchronization of all the files in the cloud:. 1 EncFS ...

en.wikipedia.org

System call - Wikipedia, the free encyclopedia

https://en.wikipedia.org/wiki/System_call

From Wikipedia, the free encyclopedia. Not to be confused with system command. A high-level overview of the Linux kernel's system call interface, which handles communication between its various components and the userspace. Is the programmatic way in which a computer program. Requests a service from the kernel. Of the operating system. It is executed on. This may include hardware-related services (for example, accessing a hard disk drive. Creation and execution of new processes. Such as process scheduling.

sigma.me

debian包的结构和解包打包-从打包ubuntu12.10 linuxqq说起-Sigma

http://www.sigma.me/tag/linux

Work hard,play hard. 文章标签 ‘Linux’. Daohoo@daohoo-mbp: /Downloads$ sudo dpkg -i linuxqq v1.0.2-beta1 i386.deb [sudo] password for daohoo: dpkg: error processing linuxqq v1.0.2-beta1 i386.deb (- install): parsing file '/var/lib/dpkg/tmp.ci/control' near line 7 package 'linuxqq': error in Version string 'v1.0.2-beta1': version number does not start with digit Errors were encountered while processing: linuxqq v1.0.2-beta1 i386.deb. Sed -i "s/v1.0/1.0/g" control. Sudo dpkg -i linuxqq.deb. File: diffbyline&#46...

n0hz.com

Bypassing DEP using ROP :: n0hz | . . .

http://www.n0hz.com/2012/08/bypassing-dep-using-rop

Bypassing DEP using ROP. Is a mechanism whereas a processor can distinguish which portions of memory are executable and which portions are data. DEP will not allow the execution of data, only code, making it impossible to inject the payload as a string into the process and execute it, because it would be recognized as data and not code. A typical way to bypass DEP is to use Return-Oriented Programming. You can use a tool like ROPgadget. To help you find gadgets, but doing it ourselves is more fun. 🙂.

n0hz.com

2012 August :: n0hz | . . .

http://www.n0hz.com/2012/08

Archive for August, 2012. Bypassing DEP using ROP. Is a mechanism whereas a processor can distinguish which portions of memory are executable and which portions are data. DEP will not allow the execution of data, only code, making it impossible to inject the payload as a string into the process and execute it, because it would be recognized as data and not code. A typical way to bypass DEP is to use Return-Oriented Programming. You can use a tool like ROPgadget. Buffer is: %s n. Using an unsafe strcpy().