so.cl

When life gets too hard I close my eyes and pretend the world has fast-forwarded 100 years. Everyone I know is gone, and their memories of me are gone with them. I close my eyes again, and I find myself sitting on top of a mountain, a hundred thousand years from now. Everyone is dead. Here, I am the only human left alive. I look at the beach below and the waters are pristine and teeming with microscopic fluorescent life. Earth has recovered. I sigh as I remember how hard I was on myself when I was alive.

Recently, we performed a penetration test on an Android application available on the Play Store. The app had good security in place to protect it from being opened and executed on a rooted app. In this blog post, Sanjay from NotSoSecure describes how he got around every necessary check to conduct API/dynamic testing on an Android application.

This is a tale of circumventing all checks to record the activity of an Android application on a rooted smartphone. It took us 16 hours to crack and in this blog we’ll tell you the story of how we did it. Bypassing Hardened Android Applications

As mobile applications become increasingly prevalent, malicious software is also becoming more complex and covert. This report focuses on a malicious Android sample submitted by ReBensk to incinerator.cloud. Among multiple malicious samples submitted to incinerator.cloud by ReBensk, we pay special attention to a custom-modified APK file, hereinafter referred to as “Sample b356.” This sample employs unique obfuscation and evasion techniques, which make it resistant to conventional decompression tools. Through specialized remediation, we were able to bypass this limitation and analyze the sample further. Technical Analysis of Multi-layered Obfuscation Techniques in AndroidManifest.xml

This blog post presents an overview of Starlink’s User Terminal runtime internals, focusing on the communications that happen within the device and with user applications and some tools that can help further research on the same topic. Diving into Starlink’s User Terminal Firmware

Address Space Layout Randomization (ASLR) is a critical security feature implemented in modern operating systems to prevent attackers from exploiting memory corruption vulnerabilities effectively. By randomizing the memory layout, ASLR makes it challenging for attackers to predict memory locations and launch successful attacks. However, in this blog, we will explore a clever technique that leverages format string vulnerabilities to bypass ASLR by leaking crucial information about memory addresses and Exploit the Damn Exploitable Android App. Damn Exploitable Android App - Abusing Info Leaks to bypass ASLR

Probably the best supergroup ever, Mike & The Mechanics live at Shepherds Bush, London in 2004. Paul Carrack nailing the vocals as ever (unfortunately Paul Young (of Sad Cafe), the other M&M vocalist died in 2000), Jamie Moses (Queen second guitarist after Brian May) making that guitar cry, Mike Rutherford (of Genesis) focused on the bass guitar, Gary Wallis (of Pink Floyd) smashing the drums, Rupert Cobb keyboards, Peter Van Hooke (Van Morrison drummer) percussion, backing vocals provided by the amazing Abbie Osmon (backing vocal for James Morrison, Annie Lennox, Robbie Williams, Tom Jones, Cliff Richard) and Paul McGee.

Yeah.

Proof-of-concept (PoC) exploit code will be released for a zero-day vulnerability (CVE-2023-36874) allowing privilege escalation in Microsoft Windows.

The vulnerability (CVSS score of 7.8) affects the Windows Error Reporting Service (WER), a component that collects and sends error reports to Microsoft. The vulnerability exists due to a flaw in how WER handles specially crafted requests. An attacker could exploit this vulnerability by creating a malicious program that is designed to take advantage of the flaw. Once the malicious program is executed, the attacker could gain elevated privileges on the system. Microsoft says that the flaw was discovered by Vlad Stolyarov and Maddie Stone of Googles Threat Analysis Group (TAG). CVE-2023-36874 - PoC for 0-day Windows Error Reporting Service bug

As the first generation of a technological society, we have been acted upon by forces of such power that few, if any, of us can understand: extensive information gathering on every American; human experiments with drugs and psycho-surgery; electronic surveillance; the era of the computer; invasion of privacy; growing government and corporate power over our lives; a people plagued by dehumanization, loneliness, and violence.

Dramatic? Perhaps. But we are losing control of our technology and our lives. Not so long ago, people in a similar situation did not awaken to the forces around them.

Are we so unwise as to do the same?

Public Service Messages from The New Mexico Civil Liberties Union, 1974

A sheep is told its whole life to fear the coyote only to be eaten by the shepherd.

Я тебя не знаю
Тихо стою с краю
Ты в похожей куртке
Я то дурак куртку снял.

Sirotkin – Выше домов LIVE

Where was I, you might be wondering. Well, I roamed the streets of Portland in the middle of the night with my replica Glock water gun and terrorised the homeless schizophrenics.

“Open your fucking mouth. I’m going to help you. Calm down, stop crying. Stop fucking crying and stay still and open your mouth. You’re dehydrated.”

Squirt, squirt.

This post focuses on improving Module Stomping and Module Overloading, part of the PE injection techinques, that have been chosen as candidates because they avoid the creation of dynamic memory allocation and perform a common operation (LoadLibrary) that is the cornerstone of the technique. Improving the stealthiness of memory injections techniques

The reports of my death are greatly exaggerated.

I’m tired of this fake nonsense, of being told what to think, of people who cite consensus when no such consensus exists, of people who lie, distort, and betray. I’m tired of people who have neither any sense nor decency, and who so often arrogantly expect others to reason without sense or decency as they do.

That being said, see you in a week.

This website presents TunnelCrack, a combination of two widespread security vulnerabilities in VPNs. Although a VPN is supposed to protect all data that a user transmits, our attacks can bypass the protection of a VPN. For instance, an adversary can abuse our vulnerabilities to leak and read user traffic, steal user information, or attack user devices. Our tests indicate that every VPN product is vulnerable on at least one device. We found that VPNs for iPhones, iPads, MacBooks, and macOS are extremely likely to be vulnerable, that a majority of VPNs on Windows and Linux are vulnerable, and that Android is the most secure with roughly one-quarter of VPN apps being vulnerable. TunnelCrack: Widespread design flaws in VPN clients

Since today was the #rants day, let’s do one more: the new “cracking” group calling themselves SKIDROW (keep in mind there is absolutely no link between the old SKIDROW and the new SHITROW except the font) exposes some private (they think it’s private, except it’s fake, Voksi is not Empress) information about Empress while bitching that “DRM protects legitimate interest of hardworking people”. Imagine that, ladies and gentlemen. This has to be a really new cracker “person” (I have my doubts that it’s a real person) that’s been writing those .nfo files while on actual crack. Now, who would do such a thing as throwing shit at a wall and see what sticks? I do wonder.

The scene died a while ago, don’t let the shitty remains fool you, installing something “cracked” by SHITROW would be a really reckless thing to do.

And how I know Voksi is not Empress? It’s simple, I’m Voksi*. It’s easy making claims, isn’t it? One more reveal, I’m Taylor Swift too.

*no, I’m not Voksi, but I am Taylor Swift.