Recently I've been playing with gdb 7.2 and python. It extends what we can have with a great .gdbinit such as gdbinit73. As examples, read the following articles presenting some of the features, or just browse the Python API offered by gdb. A good introduction to gdb and python is also this article by sha on Nibbles blog (english here).
Last week-end were given nice challenges to win a ticket for ShmooCon security conference later this month. Congrats to awesie/zoaedk & tylerni7 of team PPP for solving #3 (see their writeup), a cool network binary involving JS code, a stack-based buffer overflow and some memory leak. I wasn't fast nor good enough but learned a lot!
Speaking of which, get ready for Paradox Conference this week-end in Korea: they provide an online CTF contest, should be challenge-based like defcon quals.
Update: this week-end there is also Wargame SbD I organized by our spanish friends at Security by Default (SbD). Unlike Padocon, there is a nice prize (amazon gift card which is worth an iPad). Thanks @aramosf for reminding me.
Realized again Ubuntu security features. Ptrace scope for instance, protects against same-user ptraces to peek into another process memory.
Made a very small idadif.py to patch a binary from a DIF file produced by IDA. Did not find any better method to do that :/
Also, 27c3 was great. And I love Berlin :)
Last but not least, hacky new year!
You have another wargame (same weekend) from yours friends of spain at:
ReplyDeletehttp://www.securitybydefault.com/2011/01/wargame-sbd-i-english-version.html
We hope you enjoy playing
Oh thanks I forgot! Updated the post.
ReplyDeleteI will try to get a look at both, and... I plan to have fun :)