-
Mixed links
Seen on Slashdot: Alarm Raised On Teenage Hackers – my view on it: these kids shown the challenge to be on the defender’s side. IMHO most of them do this because they want to feel special. Showing them that attacking a system is pretty easy compared with defending it could win the over… This has…
-
Tag cloud
Brought to you by Wordle:
-
No stress Perl
What I like about Perl is that it is “turtles all the way down” (almost). You go in with the perl debugger (or something visual like ptkdb) and step through almost all the code and understand how it is done. See for example this post about “magically” turning on strict/warnings from a module. In the…
-
Mixed links
From scriptnode comes: Multiline Strings in JavaScript. Interesting. From Think Vitamin comes: Reduce Your Business Costs With Free Stuff. Good list in the spirit of my Things you can get for free post (and much more comprehensive).
-
EH Challenge solution
The solution to the Ethical Hacker challenge “It happened one Friday” has been posted. Read the full story behind the challenge or go directly to the solution. This is awesome! Remember that a new EH challenge is in full swing for your entertainment :-).
-
Fun with shellcode
Didier Stevens posted an entry about some interesting stuff he found in a shellcode, so I thought that I share my little story: I was analysing a Word exploit, when I cam over the following code (written in pseudocode, because I can’t find the file right now): HANDLE h = 0; while (GetFileSize(h) != 1234)…
-
Solution to the malware challenge
The deadline for submission to the malware challenge has passed, so I will post here my solution. Sorry for the rather poor presentation, but I exported it out from Word. Describe your malware lab. A virtual machine (VirtualBox[1]) with WindowsXP installed. OllyDbg[2] IDA 4.9 Freeware[3] PEiD[4] HxD[5] LordPE[6] ImpRec[7] What information can you gather about…
-
A small Slony-I tutorial
Update: the altperl scripts seem to take away the need for most of the steps here. Take a look at the post Slony1-2.0.0 + PostgreSQL 8.4devel for an example for how to use them. When I first installed Slony-I to replicate between two PostgreSQL servers, it was very confusing. Now I am somewhat less confused…
-
Limitations of Software Restriction Policies
Update: ok, SRP is even more broken than I thought. As one of the readers pointed out (thank you Anonymous!), there is a built-in (albeit only partially documented) option on runas which circumvents SRP. For some time now there has been a friendly back-and-forth between Didier Stevens and myself with regards to the topic of…
-
Mixed links
Via Pat’s Daily Grind: Philosophical Health Check and Battleground God. Very cool pages which aim to discover discrepancies/contradictions in your world view. I’ve been using Chrome for some time now and my conclusion is: it doesn’t matter what browser you use, as long as it is a reasonably new one. Thins I’ve liked: resizable textboxes…