Our Blog
SIM Hijacking
Reading time:
~38 min
Posted
by Emmanuel Cristofaro
on
07 February 2022
Introduction “533 million Facebook users’ phone numbers leaked” was one of the highlighted titles that flooded many social networks’ pages....
DualSense Reverse Engineering
Reading time:
~7 min
Posted
by Emmanuel Cristofaro
on
23 November 2020
Ciao belli! On the 19th of November 2020, SONY finally released the new PlayStation 5 in the UK. A few...
Szensecon Discord Bot
Reading time:
~10 min
Posted
by Szymon Ziolkowski
on
09 November 2020
We have written a lot about SenseCon by now, but there is one more thing we can talk about! In...
[Dual-Pod-Shock] Emotional abuse of a DualShock
Reading time:
~36 min
Posted
by Emmanuel Cristofaro
on
24 January 2020
Hacking PlayStation DualShock controllers to stream audio to their internal speakers. Ciao a tutti. Introduction I didn’t really know what...
Exploiting MS16-098 RGNOBJ Integer Overflow on Windows 8.1 x64 bit by abusing GDI objects
Reading time:
~39 min
Posted
by saif
on
03 January 2017
Starting from the beginning with no experience whatsoever in kernel land let alone exploiting it, I was always intrigued and...
PowerShell, C-Sharp and DDE The Power Within
Reading time:
~6 min
Posted
by saif
on
20 May 2016
aka Exploiting MS16-032 via Excel DDE without macros. The modified exploit script and video are at the end. A while...
Sensepost Maltego Toolkit: Skyper
Reading time:
~4 min
Posted
by stuart
on
11 January 2016
Collecting and performing Open Source Intelligence (OSINT) campaigns from a wide array of public sources means ensuring your sources contain...
SenseCon 2014
Reading time:
~7 min
Posted
by daniel
on
07 April 2014
What originally started as one of those “hey, wouldn’t this be cool?” ideas, has blossomed into a yearly event for us...
January Get Fit Reversing Challenge
Reading time:
~4 min
Posted
by siavosh
on
17 January 2014
Aah, January, a month where resolutions usually flare out spectacularly before we get back to the couch in February. We’d...
Something about sudo, Kingcope and re-inventing the wheel
Reading time:
~5 min
Posted
by george
on
27 May 2013
Willems and I are currently on an internal assessment and have popped a couple hundred (thousand?) RHEL machines, which was...
T-Shirt Shell Competition
Reading time:
~3 min
Posted
by Dominic White
on
23 November 2012
For our internal hackathon, we wanted to produce some shirts. We ran a competition to see who could produce a...
CANSA Shavathon 2010
Reading time:
~3 min
Posted
by jacqui.maree@orangecyberdefense.com
on
10 March 2010
This past Thursday we received notice that Boogterman & Partners would be a host company for the CANSA Shavathon 2010...
Twitter killed the (infosec) Blogging Star ?
Reading time:
~1 min
Posted
by Haroon Meer
on
10 November 2009
Like it, hate it or just plain struggling to understand it, Twitter has made a huge impact across a wide...
Spammers need love too..
Reading time:
~2 min
Posted
by Haroon Meer
on
05 November 2009
-snip- From: Haroon Meer <haroon@sensepost.com> To: Marc Schneider <marcs@mplw.net> Subject: Re: http://www.sensepost.com – Contact needed Hi Dr Schneider. * Marc...
About:SnowLeopard
Reading time:
Less than a minute
Posted
by Haroon Meer
on
02 September 2009
Sure it only cost $29, but when you consider the number of people bowing down and thanking our Cupertino overlords...
Chris Eng 1 – 0 Verizon DBIR Cover
Reading time:
Less than a minute
Posted
by Haroon Meer
on
28 April 2009
Chris Eng over [at the Veracode blog] documents how he approached, and decoded the info behind the [2009 Verizon Data...
#include fakeNewsStory.h
Reading time:
Less than a minute
Posted
by Haroon Meer
on
01 April 2009
what? on April 1st???? Never!
Hello World (With an LED)
Reading time:
~1 min
Posted
by Haroon Meer
on
30 March 2009
Way back when i was a sysadmin, i recall reading a quote from one of the ATT greybeards who said...
Only an idiot will install a beta os on his primary phone..
Reading time:
~1 min
Posted
by Haroon Meer
on
19 March 2009
and i am that idiot… Developers signed up with Apples Dev Program get to take iPhoneOS3.0 out for a spin,...
Joe Grand (Kingpin) gets famouser!
Reading time:
Less than a minute
Posted
by Haroon Meer
on
17 February 2009
This is probably really old news (to some), but was in the company of sattelite TV this weekend and...
“Hooker” approach to break-in!
Reading time:
Less than a minute
Posted
by behrang
on
06 January 2009
Interesting post on cost/benefit analysis of hacker and hooker attacks….
behrang
We going to sue and make Squillions…..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
29 December 2008
or maybe not… The twitters informed me that Singe uncovered a case of brand plagiarism!!!1! -snip- -snip- So lets review.....
A truly sweet hack!
Reading time:
Less than a minute
Posted
by Haroon Meer
on
12 September 2008
[Solve mazes with Photoshop (or gimp)] i must confess that while i understand the logic of flood-fill doing a depth...
Education and Things u know u dont know…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
27 August 2008
A completely non-security related (but totally geek) blog that always makes me smile is [http://indexed.blogspot.com/]. We had just started the...
pwnies video posted online..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
22 August 2008
The video of the much publicized pwnie awards has been posted to the interwebs [gvideo link] Locals (SensePosters) can grab...
Forget the python vs ruby discussions..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
05 July 2008
Cause this puts Perl right back in the game! -snip- > sudo perl -MCPAN -e shell cpan> install Acme::LOLCAT install ...
This has nothing to do with anything technical..
Reading time:
~1 min
Posted
by Haroon Meer
on
08 June 2008
but since it made me eat crow, i figured i would share it.. Although i read a fair bit, i...
Its my SensePostaversary!
Reading time:
Less than a minute
Posted
by Haroon Meer
on
01 April 2008
Whoa! time flies when you having fun…
(click for orig.)
Write a paper? or nip down for a pint?
Reading time:
Less than a minute
Posted
by Haroon Meer
on
19 March 2008
Apparently the two _are_ mutually exclusive.. [according to the NY Times…] -snip- According to the study, published in February in...
Veni, Vidi, Damni
Reading time:
~1 min
Posted
by Haroon Meer
on
13 March 2008
At last years BlackHat USA a bunch of us played some American geeks a game of late night parking lot...
Tooble for the win.. piracy++ ??
Reading time:
Less than a minute
Posted
by Haroon Meer
on
09 February 2008
For those of you who have not yet tried it, check out Tooble. Its a point and click tool that...
Eerie coincidences..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
15 January 2008
a) its my birthday in a few days
b) Apple just announced the new macbookair..
Coincidence??? i think not!!!
Strange Entries in your wbeserver logs, Wikto and questions about our Gender!
Reading time:
~2 min
Posted
by Haroon Meer
on
08 January 2008
Over the past while we have been getting emails from people trying to figure out why they had entries like...
Two pointless excuses to post two pictures..
Reading time:
~1 min
Posted
by Haroon Meer
on
03 January 2008
a) At the end of the year we usually end up getting geek-gifts.. from SensePost, to SensePost.. Last years iPod...
Another time sink-hole..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
29 December 2007
A while back some of us discovered and subsequently lost days to “The Python Challenge“. Well.. prepare to write off...
The coolest thing this weekend…
Reading time:
~2 min
Posted
by Haroon Meer
on
18 December 2007
Ok.. so being the cautious geek i am, i had bought a mac mini a while back before jumping into...
Dino Dai Zovi is such a Rock Star..
Reading time:
~1 min
Posted
by Haroon Meer
on
06 December 2007
Dino is the guy who added much shellcode coolness to MetaSploit, gave the world Karma, released the first virtualization rootkit...
Google as an MD5 Cracker..
Reading time:
~2 min
Posted
by Haroon Meer
on
21 November 2007
Slashdot picked up on the blog post from Light Blue TouchPaper commenting on the fact that a researcher was suprised...
Follow-up (OS X BSOD Win32 Icons)
Reading time:
Less than a minute
Posted
by Haroon Meer
on
02 November 2007
Of course, Leopard’s new improved ™ finder includes an Itunes’esque “Cover Flow” view (which includes quick view thumbnailing quite impressively).....
i know this has been blogged all over the interwebs..
Reading time:
Less than a minute
Posted
by Haroon Meer
on
31 October 2007
but Leopards default icon for windows machines has to rank up there with dvwssr.dll (yeah.. thats a BSOD) /mh ok.....
Mind Control, Big Cats, Feynman && kiosks…
Reading time:
~4 min
Posted
by Haroon Meer
on
29 October 2007
Aka… A good weekend.. The weekend got off to a slow start, when Amazon claimed it would take a little...
PauldotCom Interview, Part I
Reading time:
Less than a minute
Posted
by Haroon Meer
on
25 October 2007
OK.. so part one of our pauldotcom interview has hit the interwebs.. it was fun and involved a power failure...
22:30 to 23:30: the quiet hour
Reading time:
~2 min
Posted
by marco
on
19 October 2007
while waiting around for the PSW guys last night, it seemed like a good time to test our mettle on...
Piotr Bania Agrees.. Metal Gear Rocks.. (warning.. this post has 0 to do with infosec)
Reading time:
~2 min
Posted
by Haroon Meer
on
02 October 2007
Way back in 2000 i bought my kid sister a Sony PlayStation.. I have never been a big gamer (not...
I have always tried to keep this blog politics-free
Reading time:
Less than a minute
Posted
by Haroon Meer
on
22 September 2007
but the last Scott Adams posting on the Iranian presidents US visit has to be the best piece i have...
Alas.. i could have made squillions (aka – Amazon MTURK)
Reading time:
~1 min
Posted
by Haroon Meer
on
12 September 2007
In early 2002 i suggested that we could solve some computer problems and south africas street-kid problem by setting up...
Heheh.. Elite! snakes on a #$#%@# plane!
Reading time:
Less than a minute
Posted
by Haroon Meer
on
10 September 2007
Courtesy of afx:
Another attempt at you-tube science, aka how to save 36c when changing the batteries on your remote!
Reading time:
~1 min
Posted
by Haroon Meer
on
02 September 2007
ok.. so a long time ago we tried the you-tube mentos stuff and happily wasted time (and coke) in the...
Medical Doctors.. bah! hambug..
Reading time:
~3 min
Posted
by Haroon Meer
on
02 September 2007
I’ve ranted a few times about things i hate about the way we “do medicine”. (Doctors are not alone here.....
Thunks from hacking games
Reading time:
~8 min
Posted
by Charl van der Walt
on
24 August 2007
In Vegas I bought Herman “Exploiting Online Games” by Greg Hoglund and Gary McGraw. Being the saint that I am,...
It begs the question…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
24 August 2007
I cant recall who said it in yesterdays meeting, but my response is simple: http://begthequestion.info/
MTBF and Light Bulbs..
Reading time:
~1 min
Posted
by Haroon Meer
on
23 August 2007
Some of you will know that i finally moved out of the shoe box i lived in for 6 years...
Ok.. Now this is pretty cool…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
22 August 2007
For all those guys who usually scoff at CSI / Police Movies where the detective shouts “enhance image” or remove...
2 Un-related thoughts.. on Echelon and the recent Skype Outage..
Reading time:
~2 min
Posted
by Haroon Meer
on
20 August 2007
I suspect somewhere there exist cardinal rules of blogging which would state that using a single post to make 2...
On hamsters, Escaping, Escaping of Hamsters and the Lack of escaping in Hamster…
Reading time:
~5 min
Posted
by Haroon Meer
on
15 August 2007
OK.. So as i mentioned before, I saw Robert Graham from Erratasec demo hamster live on stage and wondered if...
Late BlackHat Update..
Reading time:
~1 min
Posted
by Haroon Meer
on
03 August 2007
ok.. so im in my room finally catching up on sleep (or will be in a few minutes) while most...
BlackHat Progress Report
Reading time:
~1 min
Posted
by Haroon Meer
on
30 July 2007
(always wanted to say that!) 2 SensePost Training sessions are over, and as i type The weekday sessions are at...
-sigh- little things, little minds…
Reading time:
Less than a minute
Posted
by Haroon Meer
on
22 July 2007
Deels stumbled on www.simpsonizeme.com to give me mh, the springfield edition.. Combine with your intranet mug-shots, and it could give...
Probably the best book dedication i have ever seen….
Reading time:
Less than a minute
Posted
by Haroon Meer
on
07 July 2007
Richard Bejtlich didnt give the pre-release a glowing review but i know at least a few people waiting eagerly to...
Adventures while moving… (Part II)
Reading time:
~1 min
Posted
by Haroon Meer
on
30 May 2007
Ok.. so we have an outside gate type thing that leads to our garden. Since we would probably get to...
Do you group your passwords?
Reading time:
~1 min
Posted
by Haroon Meer
on
30 May 2007
This has probably been pondered, but something occurred to me whilst entering my new home.. The guard house grants access...