| |
Current Topic: Miscellaneous |
|
Importing MSDN documentation into IDA Pro � blog.zynamics.com |
|
|
Topic: Miscellaneous |
5:39 pm EDT, May 4, 2010 |
Importing MSDN documentation into IDA Pro By Sebastian Porst A few weeks ago I already twittered a screenshot that showed what disassembled code looks like in IDA Pro after automatically importing function information from MSDN. Today, I have finally managed to upload our IDA Pro script, ida-msdn, to the zynamics GitHub account. If you are analyzing Windows executable files in IDA Pro you can now benefit from automated API calls documentation.
Importing MSDN documentation into IDA Pro � blog.zynamics.com |
|
Hex blog: Kernel debugging with IDA Pro / Windbg plugin and VirtualKd |
|
|
Topic: Miscellaneous |
5:31 pm EDT, May 4, 2010 |
Kernel debugging with IDA Pro / Windbg plugin and VirtualKd The other day we received an email support question asking if IDA Pro / Windbg debugger plugin works with VirtualKd, a tool that allows speeding up (up to 45x) Windows kernel module debugging using VMWare and VirtualBox virtual machines. After we installed and experimented with VirtualKd, our answer was "yes, certainly". This blog entry aims at illustrating how to configure VirtualKd to be used with IDA Pro / Windbg plugin and VMWare.
Hex blog: Kernel debugging with IDA Pro / Windbg plugin and VirtualKd |
|
Why buffer overflow exploitation took so long to mature � root labs rdist |
|
|
Topic: Miscellaneous |
9:47 am EDT, May 4, 2010 |
I think the history of buffer overflow exploits is interesting because of how long it took for techniques to mature. About 16 years passed from awareness to first public exploitation, and then 8 more years from that until they were commonly exploited. Programmers were aware of this class of flaw but did little to avoid them for 24 years. But why?
Why buffer overflow exploitation took so long to mature � root labs rdist |
|
Topic: Miscellaneous |
2:54 pm EDT, Apr 19, 2010 |
Friday, April 9, 2010 Javocalypse Almost one year ago, I blogged about one of my favorite security bug, found by Sami Koivu. More specifically, I blogged about a class of Java bugs exposed by Sami Koivu and I mentioned this was the first instance of it.
cr0 blog: Javocalypse |
|
Topic: Miscellaneous |
2:48 pm EDT, Apr 19, 2010 |
Friday 16 April 2010 - A little return oriented exploitation on Windows x86 (Part 2) In part 1 of this blog post I showed a simple return oriented attack which utilized some ROP in order to bypass permanent DEP and execute arbitrary code. The rest of this post will look at an experimental compiler convention (currently dubbed saferet) that aims to mitigate such return oriented attacks.
Harmony Security : Blog |
|
ROP and iPhone � blog.zynamics.com |
|
|
Topic: Miscellaneous |
2:39 pm EDT, Apr 19, 2010 |
ROP and iPhone By Vincenzo Iozzo As you might know I and Ralf-Philipp Weinmann from University of Luxembourg won pwn2own owning the iPhone.
ROP and iPhone � blog.zynamics.com |
|
Algorithms for platform independent return-oriented programming (I of III) � blog.zynamics.com |
|
|
Topic: Miscellaneous |
2:26 pm EDT, Apr 19, 2010 |
Algorithms for platform independent return-oriented programming (I of III) By Tim Kornau In my last post about the history of return-oriented programming I showed that we are not dealing with a completely new technology when we are talking about return-oriented programming. However, the technology is evolving to a point where even the world of academia thinks it worth discussing it in theoretical conferences. Until recently return-oriented programming has always been platform dependent so that one specific implementation was only able to work on one single platform. To sharpen the point a little further current approaches only target one specific compiler for one platform in general. Even though this is not necessarily the case for variable length instruction sets like the IA-32/64 instruction set, where the search for instruction sequences can be performed without paying attention to the alignment restrictions, for all platforms where alignment is enforced the current approaches are still very limited.
Algorithms for platform independent return-oriented programming (I of III) � blog.zynamics.com |
|