We had a pretty good line up this time. Steven gave us a preview of his submission to Schmoocon. Dave pointed out some command injection using various stock Perl modules in Linux. vesh gave a talk on the mystery of the urlmon call “FileBearsMarkOfTheWeb” and the safety of using the WinHTTP and Wininet libraries in […]
So we were interviewed for a segment about password security. I think they missed the point a bit, but media will be media. The real crime was cutting out scriptjunkie’s cutting remarks about password futility, and pointing out that robbing me of my logbook is a good idea since it’s on me AT ALL TIMES. […]
One of SAHA!’s own was featured in an article in the UK Register. Check it out here: http://www.theregister.co.uk/2014/09/12/phone_scammer_slammer/
As pointed out in https://twitter.com/grsecurity/status/508354758940581888, there is some new fun in overwriting running executables in the upcoming Ubuntu release. It’s a kernel thing, so other distros are affected, but I’m going with the old standby Ubuntu. (thank you, sadbox for the inotify stuff) I’m just going to post findings, because they mostly speak for themselves. […]
scriptjunkie presented a 0 day in a popular piece of software sam S. presented on a linux variant for Mimikatz vesh presented on process injection brownbear showed off his raspi wap platform
cruxpot talked about an open source effort, integrating the mighty scriptjunkie’s ambush project, into another platform (details forthcoming, stay tuned) vesh demoed some emulated+arm+freebsd nonsense, seriously f*** that guy he totally sucks, but if you need an arm-freebsd shellcode engine, holla
http://cybernigma.blogspot.com/2014/03/using-sspap-lsass-proxy-to-mitigate.html NOTE: mitigate means to lessen or make less severe, not solve or completely get rid of. Please, see the definition at the top of the post.
Be there by 7 if you are a participant, or any time between 0800 and 2000 if you just want to see us working.
We had presentations from Nick, Hulse, vesh, and Boyd…plus CodeUp was kind enough to sponsor our food for the evening.
I know I’m slow…but that can be good in certain quests. I would recommend the following to accomplish this challenge. Windows VM via Virtual Box or VM Player/Workstation Ollydbg or ImmunityDBG (IDA Free is an overkill) Favorite programming/scripting language (Python, Ruby, PHP, C#, whatever++) The challenge is to download this file > tini.dat < and make […]