Create an Account
username: password:
 
  MemeStreams Logo

Security Reads's MemeStream

search

Security Reads
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Security Reads's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Importing MSDN documentation into IDA Pro � blog.zynamics.com
Topic: Miscellaneous 5:39 pm EDT, May  4, 2010

Importing MSDN documentation into IDA Pro
By Sebastian Porst

A few weeks ago I already twittered a screenshot that showed what disassembled code looks like in IDA Pro after automatically importing function information from MSDN. Today, I have finally managed to upload our IDA Pro script, ida-msdn, to the zynamics GitHub account. If you are analyzing Windows executable files in IDA Pro you can now benefit from automated API calls documentation.

Importing MSDN documentation into IDA Pro � blog.zynamics.com


Hex blog: Kernel debugging with IDA Pro / Windbg plugin and VirtualKd
Topic: Miscellaneous 5:31 pm EDT, May  4, 2010

Kernel debugging with IDA Pro / Windbg plugin and VirtualKd

The other day we received an email support question asking if IDA Pro / Windbg debugger plugin works with VirtualKd, a tool that allows speeding up (up to 45x) Windows kernel module debugging using VMWare and VirtualBox virtual machines. After we installed and experimented with VirtualKd, our answer was "yes, certainly". This blog entry aims at illustrating how to configure VirtualKd to be used with IDA Pro / Windbg plugin and VMWare.

Hex blog: Kernel debugging with IDA Pro / Windbg plugin and VirtualKd


Dino Dai Zovi - Practical Return-Oriented Programming
Topic: Miscellaneous 11:01 am EDT, May  4, 2010

Dino Dai Zovi - Practical Return Oriented Programming (SOURCE Boston)

Dino Dai Zovi - Practical Return-Oriented Programming


source10-linuxkernel-jonoberheide.pdf (application/pdf Object)
Topic: Miscellaneous 10:06 am EDT, May  4, 2010

Linux kernel exploitation

source10-linuxkernel-jonoberheide.pdf (application/pdf Object)


Why buffer overflow exploitation took so long to mature � root labs rdist
Topic: Miscellaneous 9:47 am EDT, May  4, 2010

I think the history of buffer overflow exploits is interesting because of how long it took for techniques to mature. About 16 years passed from awareness to first public exploitation, and then 8 more years from that until they were commonly exploited. Programmers were aware of this class of flaw but did little to avoid them for 24 years. But why?

Why buffer overflow exploitation took so long to mature � root labs rdist


cr0 blog: Javocalypse
Topic: Miscellaneous 2:54 pm EDT, Apr 19, 2010

Friday, April 9, 2010
Javocalypse
Almost one year ago, I blogged about one of my favorite security bug, found by Sami Koivu.

More specifically, I blogged about a class of Java bugs exposed by Sami Koivu and I mentioned this was the first instance of it.

cr0 blog: Javocalypse


Harmony Security : Blog
Topic: Miscellaneous 2:48 pm EDT, Apr 19, 2010

Friday 16 April 2010 - A little return oriented exploitation on Windows x86 (Part 2)

In part 1 of this blog post I showed a simple return oriented attack which utilized some ROP in order to bypass permanent DEP and execute arbitrary code. The rest of this post will look at an experimental compiler convention (currently dubbed saferet) that aims to mitigate such return oriented attacks.

Harmony Security : Blog


ROP and iPhone � blog.zynamics.com
Topic: Miscellaneous 2:39 pm EDT, Apr 19, 2010

ROP and iPhone
By Vincenzo Iozzo

As you might know I and Ralf-Philipp Weinmann from University of Luxembourg won pwn2own owning the iPhone.

ROP and iPhone � blog.zynamics.com


Algorithms for platform independent return-oriented programming (I of III) � blog.zynamics.com
Topic: Miscellaneous 2:26 pm EDT, Apr 19, 2010

Algorithms for platform independent return-oriented programming (I of III)
By Tim Kornau

In my last post about the history of return-oriented programming I showed that we are not dealing with a completely new technology when we are talking about return-oriented programming. However, the technology is evolving to a point where even the world of academia thinks it worth discussing it in theoretical conferences. Until recently return-oriented programming has always been platform dependent so that one specific implementation was only able to work on one single platform. To sharpen the point a little further current approaches only target one specific compiler for one platform in general. Even though this is not necessarily the case for variable length instruction sets like the IA-32/64 instruction set, where the search for instruction sequences can be performed without paying attention to the alignment restrictions, for all platforms where alignment is enforced the current approaches are still very limited.

Algorithms for platform independent return-oriented programming (I of III) � blog.zynamics.com


WebOS – Intrepidus Group - Insight
Topic: Miscellaneous 1:21 pm EDT, Apr 19, 2010

Awesome WebOS bugs by Intrepidus

WebOS – Intrepidus Group - Insight


(Last) Newer << 1 - 2 - 3 - 4 - 5 - 6 - 7 - 8 >> Older (First)
 
 
Powered By Industrial Memetics
RSS2.0