Why Encoding Does not Matter and How Metasploit Generates EXE’s

The blog has moved to http://www.scriptjunkie.us/. If you have not moved your RSS feed over to http://www.scriptjunkie.us/feed/rss/ yet, it is about time. I will not cross-post links here for too long. http://www.scriptjunkie.us/2011/04/why-encoding-does-not-matter-and-how-metasploit-generates-exes/

, , , , , ,

Leave a comment

Shells, terminals, and sudo mitm

http://www.scriptjunkie.us/2011/04/shells-terminals-and-sudo-mitm/

Leave a comment

New Blog Location

Update: Totally unrelated to the wordpress hack and despite my enduring love of all things free, I decided it was time to move to my own domain name and a more full-featured host. So the blog is moving to http://www.scriptjunkie.us/ RSS at http://www.scriptjunkie.us/feed/rss/

Leave a comment

Important Stuff

I am adding a page Important Stuff with some thoughts on non-information-security stuff. As fun and interesting as hacking is, there are more important sides of life. So I summarized just four of the reasons why I believe what I believe, and a bit of what that means. As you may know, I am a […]

Leave a comment

Java_signed_applet with RJB

I just wasted a lot of time trying to get the java_signed_applet exploit module working in Metasploit. Not that it doesn’t work by default, but you will get the warning [-] [-] The JDK failed to initialized: no such file to load — rjb [-] In order to dynamically sign the applet, you must install […]

, , , , , ,

Leave a comment

Finding non-ASLR or DEP modules

As the recent exploits for IE using the .NET 2.0 DLL demonstrate, sometimes a non-ASLR DLL to enable an exploit is just a LoadLibrary away. So if pvefindaddr won’t give you any ASLR-free DLL’s in memory, look for other DLL’s which the process will load, given the right input. Or from a system-hardening or development […]

, , , , , , ,

2 Comments

Breaking mobile device crypto with chaos theory and hardware RNG’s

This is a continuation of the previous post with details on breaking the cryptosystem in the paper “Design and FPGA Implementation of a Pseudo-Random Bit Sequence Generator Using Spatiotemporal Chaos,” which proposed a hardware-based PRNG using a chaotic function as the basis of a cryptosystem inspired by the one-time pad. It proposed the system as […]

, , , , ,

Leave a comment

Cryptology, Academics, and Chaos

I saw an article the other day critical of the ACM (here also see this linked to in comments) and I have to say, I completely agree. As far as I can tell, the ACM, like the IEEE and other publishing houses, exists to leech off of the academic world, charging large amounts of money […]

, , , , ,

Leave a comment

Black Hat DC Presentation

The materials in the presentation, including the exploits used, are downloadable here. Have fun counterattacking! Update: the actual slides are at http://scriptjunkie1.110mb.com/security/counterattack.pdf and paper is at http://scriptjunkie1.110mb.com/security/whitepaper.pdf.

, ,

Leave a comment

Expanding Metasploit RPC and GUI

If you’d like to extend Metasploit in some way (and it isn’t polished enough or applicable to all users to be put into the main framework code), a plugin is probably the best way to go. Many examples in the framework show how to add console commands, but if you want GUI integration, or integration […]

Leave a comment

Follow

Get every new post delivered to your Inbox.