Thursday, January 13, 2011

Some news...

Recently I've been playing with gdb 7.2 and python. It extends what we can have with a great .gdbinit such as gdbinit73. As examples, read the following articles presenting some of the features, or just browse the Python API offered by gdb. A good introduction to gdb and python is also this article by sha on Nibbles blog (english here).

Last week-end were given nice challenges to win a ticket for ShmooCon security conference later this month. Congrats to awesie/zoaedk & tylerni7 of team PPP for solving #3 (see their writeup), a cool network binary involving JS code, a stack-based buffer overflow and some memory leak. I wasn't fast nor good enough but learned a lot!

Speaking of which, get ready for Paradox Conference this week-end in Korea: they provide an online CTF contest, should be challenge-based like defcon quals.
Update: this week-end there is also Wargame SbD I organized by our spanish friends at Security by Default (SbD). Unlike Padocon, there is a nice prize (amazon gift card which is worth an iPad). Thanks @aramosf for reminding me.

Realized again Ubuntu security features. Ptrace scope for instance, protects against same-user ptraces to peek into another process memory.

Made a very small idadif.py to patch a binary from a DIF file produced by IDA. Did not find any better method to do that :/

Also, 27c3 was great. And I love Berlin :)

Last but not least, hacky new year!

2 comments:

  1. You have another wargame (same weekend) from yours friends of spain at:

    http://www.securitybydefault.com/2011/01/wargame-sbd-i-english-version.html

    We hope you enjoy playing

    ReplyDelete
  2. Oh thanks I forgot! Updated the post.

    I will try to get a look at both, and... I plan to have fun :)

    ReplyDelete