Materials
Abusing GDI Objects for ring0 Primitives Revolution
Exploiting MS17-017 EoP Using Color Palettes This post is an accompaniment to the Defcon 25 talk given by Saif. One of the core topics of the talk was the release of a new technique GDI object abuse technique, name Palette Objects. Saif presented a previously unreleased Windows 7 SP1 x86 exploit involving the abuse of a newly discovered GDI object abuse technique.
A complete white-paper on the topic was released and can be found here: Whitepaper
BlackHat Challenge
This year marks a special anniversary for us at SensePost in that we’ve been training at BlackHat for over a decade now. To celebrate this, we thought we’d give away a free ticket to any of our courses on offer at this year’s BlackHat Briefings in Las Vegas.
With data breaches happening almost on a monthly basis these days, everyone is turning to encryption in order to protect their information. Bob, a rather tech-savvy gentleman, works for a FTSE 100 company and they’ve written their own secure message implementation. You’ve been tasked to perform a penetration test and noticed that after compromising their shared document server, an internal web application leaked the source code used by the company for the client and the server.
Open Patch Management Survey
Rich Mogull (who’s stuff I really quite dig) has launched an ‘Open Patch Management Survey’ via the SecurityMetrics blog. Its an interesting idea, and they plan to release both their analysis *and* the raw data, which might be really insightful for our VMS stuff.
Corporations can take the SurveyMonkey survey at http://www.surveymonkey.com/s.aspx?sm=SjehgbiAl3mR_2b1gauMibQw_3d_3d, and there’s some nice material already available at http://securosis.com/projectquant.
Here’s the rest of Rich’s message (pls forgive the cross-post):
Our goal here is to gain an understanding of what people are really doing with regards to patch management, to better align the metrics model with real practices. We’re doing something different with this survey. All the results will be made public. We don’t mean the summary results, but the raw data (minus any private or identifiable information that could reveal the source person or organization). Once we hit 100 responses we will release the data in spreadsheet formats. Then, either every week or for every 100 additional responses, we will release updated data. We don’t plan on closing this for quite some time, but as with most surveys we expect an initial rush of responses and want to get the data out there quickly. As with all our material, the results will be licensed under Creative Commons.
OWASP NYC Talks Posted..
The full videos from the OWASP NYC Conf have been posted.
At least one BlackHat re-run, but some look well worth the watching.. Most people can grab the videos and slide decks [here], SensePost’ers (except for those actually currently living in NY) can grab selected talks locally [here]
Phrack is dead.. long live Phrack ??
Uninformed has certainly done awesomely at filling in the gap left when phrack went silent, but there is something nostalgic about reading phrack… it seems like issue 65 has just hit the streets..
Page 1 of 1