Archivos del blog

Remote Code Execution in Web.py framework

Several months ago I happened to be looking at web.py‘s source code when I found an old-style (as in basic) remote code execution in the database module. Fortunately for most users of web.py, the database module is pretty simple and

Tagged with: , , , ,
Publicado en hacking, Programming, web hacking

How Effective is ASLR on Linux Systems?

Address Space Layout Randomization (ASLR) is an exploit mitigation technique implemented in the majority of modern operating systems. In a nutshell, the idea behind ASLR is randomizing the process’ memory space in order to prevent the attacker from finding the

Tagged with: , , ,
Publicado en exploiting, hacking, Linux

XSS killed the anti-CSRF star

This entry hopes to be a quick consideration about how one attack vector can at times dismantle the security of a different area of the application that was otherwise deemed secure. Truth is, security threats many times work like this,

Tagged with: , , ,
Publicado en web hacking

Calling Conventions Hunting

When trying to understand a binary, it’s key to be able to identify functions, and with them, their parameters and local variables. This will help the reverser figuring out APIs, data structures, etc. In short, gaining a deep understanding of

Tagged with: , ,
Publicado en Programming, Reverse

SANS HolidayHack Write Up

During this Christmas break, although I went back to Spain to stay with family and friends I still was able to get some time to look at the SANS HolidayHack 2012 CTF. I must say it has been great fun,

Tagged with: , , ,
Publicado en CTF, hacking, wargame

A very light introduction to packers

It’s been a long time since I’ve been thinking of writing some posts about packers/crypters/protectors. I’m not sure how many I’ll write; it will probably depend on the interest of the audience. What I do know, is that I’ll try

Tagged with: , , , , ,
Publicado en cracking, Reverse

FormatFactory 3.01 Stack Based Buffer Overflow (SafeSEH bypass)

Last week I saw this vulnerability disclosed in PacketStorm and I decided to create my own exploits; yeah, boredom is a powerful motivation. Original published exploit wouldn’t work for my system, maybe because it was designed for the German language.

Tagged with: , , , ,
Publicado en exploiting, seguridad, Windows
Archive