2008
BiDiBLAH 2.0 BETA
Good news to all the blah’ers out there! The BETA version of BiDiBLAH 2 is available for download here.
As you probably know, [a real quick and easy] registration is required, and version 2 of BiDiBLAH runs on dotnet framework 2.
./frankieg
Vulnerability management and the Blogs
Gegroet
just a quick note on VM.
Google is now offering Google Blog Search Beta and I thought it interesting to see who is blogging on vulnerability management.Some of the output includes:
i) “Vulnerability Management” = 6,330 hits
ii) “Vulnerability Management” + Dummies = 314 hits
iii) “Vulnerability Management” + ineffective = 16 hits
iv) “Vulnerability Management” + effective = 314
Probably 90% of all hits came from vendors and it was also evident that they were punting the “successes” of VM, utilising their products and services.
Sarah Palin, a yahoo email account, and something more shocking…
By now everyone knows that John McCain’s running mate Sarah Palin had her yahoo email account hacked. I guess a presidential candidate using yahoo for govt. related email was about as shocking as Sarah Palins nomination as possible future president ((unless of course you have ever heard of other govt. officials using yahoo/gmail/hotmail for serious business)(inside joke for south africans!)).
People have been talking about secure password resets for a long time [1] and this was pretty shocking all around..
A truly sweet hack!
[Solve mazes with Photoshop (or gimp)]
i must confess that while i understand the logic of flood-fill doing a depth first search and therefor doing the lifting for u, my gimp skills are second only to my MS-Word skills and i have managed to burn about 40 minutes this morning still unable to replicate it (there goes my report writing!)
/mh
Lets hope it does better than netsec.reddit..
Introducing [http://www.reddit.com/r/ReverseEngineering/]
(like its name suggests, a reddit thats all about Code RE..)
HBN Extended Edition 6-10 October
We have scheduled our first training course for our new year, Hacking
By Numbers – “Extended” Edition – for October 6-10th . The course runs
for a full 5 days in Pretoria, South Africa.
The HBN ‘Extended Edition’ is simply an intensive extended version of
the regular Bootcamp course. Whilst the content and structure are
essentially the same as Bootcamp, the Extended Edition offers students
a deeper understanding of the concepts being presented and affords
them more time to practice the techniques being taught. Extended
Edition is currently only offered in Switzerland and South Africa
only, or can be arranged on request.
Enter Google Chrome…
Google have thrown their hat in the browser-ring, which many have predicted. [Chrome] should be coming soon to downloads near u.
It’s based on [webkit], which you might [recall] was impressive in many ways.. It has a few other interesting promises, like a brand new javascript engine [which sounds like an excellent target for future hackery] and a simple but sweet isolation concept [tabs are independent processes].
Like anything released from google, people expect it to change the world (now thats some heavy expectation-anxiety) but if nothing else it will be interesting to watch. Their comic intro is fairly comprehensive, and mixes healthy amounts of “eureka” with “this is still a hard problem“.
Education and Things u know u dont know…
A completely non-security related (but totally geek) blog that always makes me smile is [http://indexed.blogspot.com/]. We had just started the week (or ended the last one) with a conversation on how strange it was, that some people manage to remain suprememly confident while talking authoratively on subjects they know precious little about…
From our mouths, to Jessica’s pen:
Adobe APSB08-15 Patch Reversing
APSB08-15 is the latest adobe security advisory regarding a memory corruption vulnerabilty in Acrobat Reader versions <8.1.2
As expected, the advisory does not include technical details about the attack vector, So let’s try to reverse the related Adobe patch to find more about this vulnerability. I’m going to use IDA 5.2 with patchdiff2 plugin (thanks to kris hint on this plug-in).
The patch is released as a MSI file. I used Greg Duncan’s Less MSIèrables tool to examine the content of this patch:
BlackHat/DefCon 2008 – Tool Release(s)
Hey guys..
Our BlackHat/Defcon talk this year featured a few tools that we promised to release.. The first tool, or set of tools is reDuh which can be found [here]. reDuh is made up of 2 parts, a local proxy and a server component (which is jsp, php or asp). If you run the local proxy on your machine while pointing it to the server component, you are able to make TCP connections clean through the web-server. This comes in surprisingly helpful (and if nothing else is really cute!). You can read more about reDuh (with pretty pictures) by checking out the [reduh page] or by checking out our [Vegas slides].