sigmamedia blog

BlackPhone ...a serious memory corruption vulnerability that can be triggered remotely by an attacker.  If exploited successfully, this flaw could be used to gain remote arbitrary code execution on the target's handset...

EFF’s Game Plan for Ending Global Mass Surveillance [ 1 ] [ 2 ]

#include #include #include #include #include #define CANARY "in_the_coal_mine" struct { char buffer[1024]; char canary[sizeof(CANARY)]; } temp = { "buffer", CANARY }; int main(void) { struct hostent resbuf; struct hostent *result; int herrno; int retval; /*** strlen (name) = size_needed - sizeof (*host_addr) \ - sizeof (*h_addr_ptrs) - 1; ***/ size_t len = sizeof(temp.buffer) - 16*sizeof(unsigned char) \ - 2*sizeof(char *) - 1; char name[sizeof(temp.buffer)]; memset(name, '0', len); name[len] = '\0'; retval = gethostbyname_r(name, &resbuf, temp.buffer, \ sizeof(temp.buffer), &result, &herrno); if (strcmp(temp.canary, CANARY) != 0) { puts("vulnerable"); exit(EXIT_SUCCESS); } if (retval == ERANGE) { puts("not vulnerable"); exit(EXIT_SUCCESS); } puts("should not happen"); exit(EXIT_FAILURE); } [1]

you don’t need to worry about security because IPv6 has it built into the protocol

Shmoocon Notes: Userland persistence on OS X

Securosis - Defining Threat Intelligence

Subject: [Fwd: RE: Minding our Ps and Qs in Dual_EC] Date: Wednesday, October 27, 2004 at 12:09:25 PM Eastern Daylight Time From: John Kelsey To: larry.basham@nist.gov ---------------------------- Original Message ---------------------------- Subject: RE: Minding our Ps and Qs in Dual_EC From: "Don Johnson" Date: Wed, October 27, 2004 11:42 am To: "John Kelsey" -------------------------------------------------------------------------- John, P = G. Q is (in essence) the public key for some random private key. It could also be generated like a(nother) canonical G, but NSA kyboshed this idea, and I was not allowed to publicly discuss it, just in case you may think of going there. Don B. Johnson -----Original Message----- From: John Kelsey [mailto:john.kelsey@nist.gov] Sent: Wednesday, October 27, 2004 11:17 AM To: Don Johnson Subject: Minding our Ps and Qs in Dual_EC Do you know where Q comes from in Dual_EC_DRBG? Thanks, -John [1] [2] [3]

Powershell Popups Capture - Room362.com ...the cool thing about this is you can leave it to execute on a system without any other code on disk and get creds constantly as any level of user. No admin, no UAC bypass needed. Just a bunch of creds for free.. over SSL. ;–)