Last year in corCTF 2021, D3v17 and I wrote two kernel challenges demonstrating the power of msg_msg: Fire of Salvation and Wall of Perdition. These turned out to be a really powerful technique which have been repeatedly utilized in real world exploits.
For this year’s edition, we followed a similar trend and designed challenges that require techniques seen before in real world exploits (and not CTFs). I wrote Cache of Castaways, which requires a cross cache attack against cred structs in its isolated slabs. The attack utilized a simplistic and leakless data-only approach applicable in systems with low noise. D3v17 wrote CoRJail, which requires a docker escape and a novel approach of abusing
poll_listobjects for an arbitrary free primitive through its slow path setup. Reviving Exploits Against Cred Structs - Six Byte Cross Cache Overflow to Leakless Data-Oriented Kernel Pwnage
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer
I think some people are just destined to die young. For their lives to be a tragedy.
It’s a shame how anti-intellectual society has become, but don’t let yourself believe you are really that much more intelligent than everyone else.
CLI tool written in Rust to check Yara rules against a folder of APK files. You have to pass the folder (or APK file) to check your Yara rules (param -p) and the
.yarfile of your Yara ruleset (param -r). apk-yara-checker
The people mocking the death of Daria Dugina are trying to dehumanize her because they know it was an evil, cowardly thing to do.
And it was done by their allies, which makes THEM complicit in their evil and cowardice.
When you ally yourself with monsters, you become one.
Dumping a list of books on the subject Philosophy of Technology:
- The Concept of the Political, Carl Schmitt
- Man and Technics, Oswald Spengler
- This World We Must Leave, Jacques Camatte
- The Question Concerning Technology, Martin Heidegger
- Steps to an Ecology of Mind, Gregory Bateson
- History as a System, José Ortega y Gasset
- Technics and Civilization, Lewis Mumford
- The Failure of Technology, Friedrich Georg Jünger
- The Technological Society, Jacques Ellul
- Technological Slavery, Theodore Kaczynski
- Grundrisse, Karl Marx
- The Worker, Ernst Jünger
In the age of everyone trying to identify with a label or group, it is more important than ever to remember that the individual > the group.
Welcome! The purpose of this website is to gather a diverse set of different Android malware samples. So often the Android malware datasets are boring. They have the same or very similar malware families and, if used to practice reverse engineering, may become very repetitive.
I’ve decided to create a list of samples which are different. Each one should give you a different, fun reverse engineering challenge. The samples are divided in three sections: easy, average and difficult. Each one contains a short description of what the malware does (but no spoilers!). All samples are sourced from publicly available websites and link to these websites. Android malware samples
The Roaming Mantis cyber threat actor is currently targeting France with an SMS phishing campaign in order to deliver a malicious Android application. This malware is named MoqHao, it contains its code in an encrypted and compressed resource. Once the resource is launched, MoqHao retrieves the IP address of its Command & Control server by decrypting the ‘About’ section of Imgur’s profile. Analysis of MoqHao Android malware
The daughter of Russian philosopher Alexander Dugin, Daria Dugina, was assassinated in a car explosion in Moscow earlier.
The world isn’t run by spiritually uplifted individuals, it’s run by sadistic adrenaline junkies.
DLL Hijacking is, in the broadest sense, tricking a legitimate/trusted application into loading an arbitrary DLL. Defensive measures such as AV and EDR solutions may not pick up on this activity out of the box, and allow-list applications such as AppLocker may not block the execution of the untrusted code. There are numerous examples of threat actors that have been observed to leverage DLL Hijacking to achieve their objectives.
This project provides an curated list of DLL Hijacking candidates. A mapping between DLLs and vulnerable executables is kept and can be searched via this website. Additionally, further metadata such as resources provide more context.
For defenders, this project can provide valuable information when trying to detect DLL Hijacking attempts. Although detecting DLL Hijacking isn’t always without challenge, it is certainly possible to monitor for behavior that may be indicative of abuse. To further support defenders, out-of-the-box Sigma rules are provided through this website. A σSigma feed containing detection rules for all entries part of this project is available too. Hijack libs
Offensive tool to scan & exploit vulnerabilities in Microsoft Windows over the Samba protocol (SMB) SMBv1/SMBv2 using the Metasploit Framework. SMBploit
I pray every day for a zombie apocalypse so I can assume my rightful place in the world.
I bought these cameras primarily to use as a test device for work. I needed something that had an ethernet interface and worked as an IP based device. I found them on eBay for around $20 each. I bought two cameras, the model IPC-3605N and the model IPC-4605N. The devices run basically the same hardware it seems, with the IPC-4605N having pan, tilt, & zoom capability.
I generally enjoy figuring out if embedded devices are well built or simply cobbled together, so I spent some time looking at these devices.
TLDR - Do not buy, do not use, and remove all of these devices from service immediately. They are so miserably insecure it took me less than a day of effort to develop a utility to remotely compromise any of them. Keep reading if you want to know how.Hacking Zyxel IP cameras to gain a root shell
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. CVE-2022-36446 - Webmin RCE
The majority of people are petty, immoral and stupid. And they’re worthless individually but have a terrible strength in numbers.
We’ve created a society where people prefer capitalism to life.
Today, I shook God’s hand. His palm was sweaty, because He is afraid of me.