There were 5 categories:
- 3dub: web-based challenges
- 0x41414141: exploitation
- \xff\xe4\xcc: shellcode
- OMGACM: guerilla programming
- gnireenigne: reverse engineering
If you want to have a look, @JonathanSalwan saved some of the binaries on his repo.
Wednesday, June 19, 2013
Defcon 21 quals - blackbox write-up
It was DEFCON 21 quals last week-end, with new organizers. It went well, good organization and good challenges. If you're curious about the results, here is a fancy top15 graph. Apparently it was too easy for PPP who finished all of the challenges... insane! :)
There were 5 categories:
If you want to have a look, @JonathanSalwan saved some of the binaries on his repo.
There were 5 categories:
If you want to have a look, @JonathanSalwan saved some of the binaries on his repo.
Tuesday, June 04, 2013
Golang heap corruption during garbage collection
I've been playing with Go recently, it's an interesting programming language (I recommend the tour).
It is compiled, garbage-collected and memory safe.. as long as you don't find a bug in the runtime. Alex Reece (@awreece) from PPP recently blogged about a nice vulnerability, I found it interesting and started following more of the changes.
This one looked fun: runtime: fix heap corruption during GC (#5554), let's try to exploit it. The bug was not present in Go 1.0.3, present in Go 1.1 but will be fixed in Go 1.1.1 (to be released next week).
It is compiled, garbage-collected and memory safe.. as long as you don't find a bug in the runtime. Alex Reece (@awreece) from PPP recently blogged about a nice vulnerability, I found it interesting and started following more of the changes.
This one looked fun: runtime: fix heap corruption during GC (#5554), let's try to exploit it. The bug was not present in Go 1.0.3, present in Go 1.1 but will be fixed in Go 1.1.1 (to be released next week).
Friday, January 18, 2013
TOR relay and transparent routing
I assume you already know about TOR, The Onion Router for anonymity to protect your privacy.
TOR is a network so it can only work if there are nodes (relays). If you have a server, you can run one so consider it. Afraid of legal issues? You do not need to run an exit node, a relay is just fine: everything is encrypted.
This post will show you how easy it is to set up a TOR relay on Debian, how to nicely monitor it and how to use it as a transparent router.
TOR is a network so it can only work if there are nodes (relays). If you have a server, you can run one so consider it. Afraid of legal issues? You do not need to run an exit node, a relay is just fine: everything is encrypted.
This post will show you how easy it is to set up a TOR relay on Debian, how to nicely monitor it and how to use it as a transparent router.
Subscribe to:
Posts (Atom)