Asciinema link: Python3 pickle backdoor
This binary challenge is based on a i386 stripped elf file which prompts for a flag:
$ file ./howtobasic ./howtobasic: ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.26, BuildID[sha1]=4f288f1a66ad673dc50b51c7e85635358bb11da0, stripped $ ./howtobasic Facebook CTF Enter flag: asdasdasdasd Sorry, that is not correct. $
This binary challenge is based on a i386 elf file which prompts for a flag:
$ file ./derp ./derp: ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.26, BuildID[sha1]=b77361bfdab4b30a5ed258ee173fe306184a4438, not stripped $ ./derp Facebook CTF Enter flag: asdasdasdasd Sorry, that is not correct. $
I just arranged a OVH FreeBSD dedicated server. The first time I logged in, I noticed some issues I would like to comment…
In this article, I’m going to resume the steps to have a full packet capture solution with snort IDS and Intel NIC’s.
This solutions is based on Luca Deri’s software PF_RING, a new type of socket to exploit the capabilities of packet capture and snort.
We will follow these steps
In this article I’m going to illustrate how to read the full content of /dev/mem on linux 3.x machines. I will bypass the function devmem_is_allowed with a kernel return probe.
The kernel probes is a kernel component designed for kernel developers to debug the system internals.It can dynamically break into any kernel routine and modify the function’s behavour. This proves had been heavily since yeah by kernel developers. RedHat has build an user interface to kprobes called SystemTap
You can find kprobes’ documentation in Documentation/kprobes.txt. You should also download the article example files kprobe.tgz
This article shows basic shellcoding on NetBSD/i386. I hope this won’t be the last on exploitation BSD archs.
The playground is prepared with a fresh NetBSD 5.1.2 installation, virtualized with kvm.
net# uname -a NetBSD net 5.1.2 NetBSD 5.1.2 (GENERIC) #0: Thu Feb 2 17:22:10 UTC 2012 email@example.com:/home/builds/ab/netbsd-5-1-2-RELEASE/i386/201202021012Z-obj/home/builds/ab/netbsd-5-1-2-RELEASE/src/sys/arch/i386/compile/GENERIC i386
Gltrail is a software for real-time viewing the relations and activities from any supported logfile format.
Nice visualization for websites (you can easily see the most visited sections on the website), SSH connections, etc.
You can tune the logs parsing by modifing the configuration file gltrail.ini.
You can grab the source code at https://github.com/Fudge/gltrail/
Quick recipe on XEN installation on Debian whizzle (testing) dom0
Install the packages with apt:
root@xen:~# apt-get install xen-hypervisor-4.1-amd64
root@xen:~# apt-get install xen-utils-4.1
root@xen:~# apt-get install xen-tools
After installing, a reboot is neede to start the new xen-kernel.
This is a quick recipe on reducing a btrfs FS inside a LMV structure.
First, the will reduce the “content”, then we will operate over the “container”.
This is the algorithm:
btrfs is actually considered “experimental”, but is included since stable kernel 3.0.0. Btrfs is the answer from the GNU/Linux community to Sun Microsystems ZFS. You will find more info on wikipedia:
Barada (Barada Ain’t Respecting Any Devious Adversaries) is a two factor authentication software based on a pam module for Linux and an Android client. Get…
This approach do not take LVM into consideration! Clean badblock and check the disk badblocks -c 10240 -s -w -t random -v /dev/sdb Install software…