Grey bar Blue bar
Share this:

Thu, 16 Apr 2009

RFP Spotting..

Not the boring pile of papers kind.. the shiny pants and sunglasses kind:

Turns out you can find him blogging these days at [http://research.zscaler.com/]

PS. if you dont know who RFP is, you are too young, and probably think w00w00 is leetspeak for a siren..

Wed, 4 Feb 2009

EDoS is the new DDoS ?

Over at [Rational Survivability] beaker as coined the term EDoS. To describe how "the utility and agility of the cloud computing models such as Amazon AWS (EC2/S3) and the pricing models that go along with them can actually pose a very nasty risk to those who use the cloud to provide service"

Of course, this has kicked off the flurry of responses from "How is this different to soaking up the bandwidth of people who pay per gig" to "OMG! thats the new thing.. Cloud Computing is bad".

It is an interesting concept, one we blogged about briefly back in 2007 . What makes it interestinger for me, is that with a smart enough attacker, the defender is far worse off trying to differentiate valid application requests from the invalid and black-holing wont be as easy to do..

We are currently doing some fiddling on this, and while i dont think it deserves a new acronym, i do think its got some coolness that needs exploring..

Fri, 23 Jan 2009

QoW: Software Reversing and Exploitation

I've developed a FTP like multi-threaded server application as a target for this challenge of the month. It has been coded in c and compiled by VC++ 2008. This is a three step challenge:

Step 1- Find the correct "passphrase" format to logon to the server and get the "Access Granted" message. (You may use a debugger like Ollydbg to do Live RE for this step).

Step 2- Do vulnerability research on the server software. There is at least one exploitable bug but there could be more bugs or error conditions. Try to spot a memory corruption bug and write a denial of service exploit for it.

Step3- Convert your DoS exploit to a code execution exploit to get a connect-back shell.

If you have questions on the challenge, post them here (or to behrang AT sensepost.com)

[you should be able to run the server on just about anything - bug will be exploitable even under XP-SP*]

/behrang

Thu, 22 Jan 2009

When missing a good hire works out well..

A few years ago, Mohamed Nanabhay was considering joining SensePost and i was trying hard to convince him it was the way and the light. He had been a KPMG auditor in a past life (but i promised not to hold that against him).

We were not sure what he would do at SP, since he was kinda moving away from hardcore tech, but we always said that we would take quality people, even if we didnt have a niche for them, cause quality people will make a new niche.

In the end he chose to be "head of new media, for Al Jazeera".

Earlier this month, Al Jazeera announced "The Al Jazeera Creative Common Repository" which "hosts select broadcast quality footage that Al Jazeera has released under various Creative Commons licenses."

Now it must have been quite an undertaking to get an organization that makes money selling news, to give their footage away free, but along with the Internet itself, i think the CC repositary played a huge role in alerting the world to the realities of the situation in Gaza. As an achievement for M, i think its huge, i think its meangful and impactful (and in truth i think im even secretly jealous).

While i am sad that we didnt get him (because i think we could have done cool stuff together), i'm glad we didnt because the world would have been (at least) a creative commons media repository poorer..

Thu, 15 Jan 2009

So so senseless...

Peace in Palestine!

haroon :(