-
Possible PE file trick
I was reading this: pefile and LOAD_CONFIG and took a look at the structure: IMAGE_LOAD_CONFIG_DIRECTORY Structure. Some things which I found interesting: GlobalFlagsClear – The global flags that control system behavior. For more information, see Gflags.exe. GlobalFlagsSet – The global flags that control system behavior. For more information, see Gflags.exe. LockPrefixTable – The VA of…
-
Ethical hacker challenge solution posted
To the Santa Claus is Hacking in Town challenge. You can find it here: Santa Claus is Hacking to Town – Answers and Winners. Unfortunately my answer wasn’t accepted 100% because of a small misunderstanding, but it got cleared up and all is good now :-). The RaDaJo blog also posted a detailed solution (warning!…
-
Mixed links
From the Security4All blog: Preventing Brute Force attacks with IPTABLES (Rate Limiting) – iptables is an incredibly versatile tool! Via the nezumi-lab blog: patch-diff – a free (as in beer) alternative for BinDiff. Something like Google Streetview, but not quite for Romania: NORC (they are using Google Maps underneath, but it seems that the photos…
-
Watch out for long running tasks with Java Timer
The problem? Write a code which will execute every N seconds. The solution? Using a Timer with scheduleAtFixedRate. Now you got two problems :-), unless you’ve carefully read the documentation which states (emphasis added): If an execution is delayed for any reason (such as garbage collection or other background activity), two or more executions will…
-
Circumventing web filtering software
I was reading the Messing with Web Filtering Gateways post from GNU Citizen, and here are some comments / ideas: The problem is the impedance mismatch between the way the filtering software is parsing the headers and the way the webserver parses them. There will always be corner cases… For example, it would be interesting…