Hi,
after 5 years I decide to close this blog. The same I will do with my LinkedIn
and Twitter account so I will not be available any more.
I would like to thank you all for watching and supporting me during those years. :)
"Have fun & good luck."
Thanks.
Cheers
Showing posts with label research. Show all posts
Showing posts with label research. Show all posts
Wednesday, 25 May 2016
Sunday, 15 May 2016
[EN] MS Excel 2010 DoS (poc)
Below you will find DoS poc for MS Excel 2010.
Found during some fuzzing exercises... ;)
Also you will find a small description, directly from Windbg:
Found during some fuzzing exercises... ;)
Also you will find a small description, directly from Windbg:
Friday, 13 May 2016
FristiLeaks: 1.3 CTF Writeup
During last day I had a pleasure to play FristiLEaks CTF prepared by Ar0xA. Thanks! ;)
It was a good idea to choose this one as well as a lot of fun when I was wondering how to get root.
Below you will find a solution how to get the flag (and to "love Fristi"! ;))
(For those who want to read other writeups for Fristi, you can find them here.)
Here we go...
It was a good idea to choose this one as well as a lot of fun when I was wondering how to get root.
Below you will find a solution how to get the flag (and to "love Fristi"! ;))
(For those who want to read other writeups for Fristi, you can find them here.)
Here we go...
Monday, 9 May 2016
CrackMe by Rapture - solved
Hi,
this time we will analyze and patch another small and simple .NET crackme.
This time we will check "FishMe #1 by Rapture". You can find it at crackmes.de.
Like before we need HxD and .NET Reflector (but you can use your favourite tools to do it as well).
Let's get to work!
this time we will analyze and patch another small and simple .NET crackme.
This time we will check "FishMe #1 by Rapture". You can find it at crackmes.de.
Like before we need HxD and .NET Reflector (but you can use your favourite tools to do it as well).
Let's get to work!
CrackMe by Rayko - solved
During last few days I was checking crackmes from this page (BTW great place to check if you're learning reversing and cracking).
Below you will find one simple solution for crackme found in ".Net" category: CrackMe By Rayko.
Below you will find one simple solution for crackme found in ".Net" category: CrackMe By Rayko.
Friday, 29 April 2016
Another DoS in MS Publisher 2010
During last week I found few more NULL ptrs in MS Office Publisher (2010 for Windows 7).
Thursday, 3 March 2016
BrokenWebapps - CTF writeup
When I was looking for a new CTF, I found interesting website with multiple CTFs ISO and VM images, prepared (vulnerable) to hack. I decided to try OWASP Project called BrokenWebapps (VM I’ve tried was OWASP_Broken_Web_Apps_VM_1.2).
I prepared the VM and started another one (this time with Kali2.0 – both on VirtualBox). As far as I know, we can treat this VM as a big WWW server, hosting multiple webpages.
I prepared the VM and started another one (this time with Kali2.0 – both on VirtualBox). As far as I know, we can treat this VM as a big WWW server, hosting multiple webpages.
Sunday, 27 December 2015
Joomla CVE-2015-7857 writeup
(I wrote this as a 'note' in 14.12.2015 but in case that all information are already public,
below you will find proof of concept and little write-up for vulnerability described in this CVE.)
below you will find proof of concept and little write-up for vulnerability described in this CVE.)
Saturday, 26 December 2015
New version of Lime Survey
As far as I know LimeSurvey is already updated, so below you will find all described vulnerabilities I found nearly 2 months ago during some small 'code review' exercises.
Response from LimeSurvey Team was very fast! :)
Found: 4.11.2015
Sent: 5.11.2015
Resp: 5.11.2015
AFAIK all findings were fixed in 48h. So... here we go:
Response from LimeSurvey Team was very fast! :)
Found: 4.11.2015
Sent: 5.11.2015
Resp: 5.11.2015
AFAIK all findings were fixed in 48h. So... here we go:
Saturday, 24 October 2015
[EN] SOAP testing
During one of last projects I needed to test some webservices.
I was wondering: if I can do it with Burp or by manual testing,
maybe I can also write some quick code in python...
And that's how I wrote soapee.py:
I was wondering: if I can do it with Burp or by manual testing,
maybe I can also write some quick code in python...
And that's how I wrote soapee.py:
Friday, 2 October 2015
My Java SIGSEGV's
During
couple of last days I was checking lcamtuf’s American Fuzzy Lop against
some (“non-instrumented”) binaries.
I was
looking for some sources, but unfortunately I wasn’t able to find any. Next
thing was checking where I have Java installed (so I will know what/where I can
check. Kind of ‘test lab’ was: Ubuntu 12, Kali Linux, WinXP, Win7. (Exact version
of Java installed on that OS’s you will find below.)
Friday, 19 June 2015
[EN] Social engineering attacks during conference in Katowice
Thanks for watching and all questions during this conference ;)
It was a great energy!
More details: http://www.tuv-nord.com/pl/pl/aktualnosci-436-1921.htm
See you next time.
o/
It was a great energy!
More details: http://www.tuv-nord.com/pl/pl/aktualnosci-436-1921.htm
See you next time.
o/
Monday, 25 May 2015
[EN] Browser exploitation during CybercomDev conference - Updated
During this weekend I gave my first formal security presentation at CybercomDev in Poland.
I was talking about use-after-free exploits, fuzzing and browser exploitation.
Thank you for watching and support ;)
* Currently this presentation is available only on demand.
* Update - 16.07.2015 *
Video (PL) is available here. Thank's Kenis. ;)
See you next time! ;)
o/
I was talking about use-after-free exploits, fuzzing and browser exploitation.
Thank you for watching and support ;)
* Currently this presentation is available only on demand.
* Update - 16.07.2015 *
Video (PL) is available here. Thank's Kenis. ;)
See you next time! ;)
o/
Tuesday, 28 April 2015
[EN] Flex 2.5.33 (2) 0days
I was testing some old bugs in one old distro, and that's how I found sigsegv in flex (2.5.33).
Below is the proof of concept:
Below is the proof of concept:
Monday, 2 March 2015
[EN] Analysing malicious PDF - part 2
This time we will check 2 PDF's (because I decide that it will be more fun than just posting about one ;)). Beside that - those 2 files contains different method for delivering the payload, so we will check all of them.
Sunday, 1 March 2015
[EN] Analyzing Malicious PDF
Reading Contagio Blog I found few examples of malicious PDF files.
Today we will check one of them. :)
During PDF analysis many times we will use peepdf and Malzilla.
Also this time, those tool will help us to understand what's going on with
our PDF file.
Let's run peepdf on this file. As we can see there is some JavaScript object.
Let's examine this by "object 7" command:
Today we will check one of them. :)
During PDF analysis many times we will use peepdf and Malzilla.
Also this time, those tool will help us to understand what's going on with
our PDF file.
Let's run peepdf on this file. As we can see there is some JavaScript object.
Let's examine this by "object 7" command:
[EN] Obfuscated case - JSredirector
Today we'll check some "obfuscated" JavaScript code. I found this example (named
'JSredirector') on this site. Thanks again! ;)
So... Unzip the file and you will find index.html with JS code.
Index.html contains encoded JS code:
'JSredirector') on this site. Thanks again! ;)
So... Unzip the file and you will find index.html with JS code.
Index.html contains encoded JS code:
Tuesday, 24 February 2015
[EN] Malware analysis – Fake AV Downloader (part 1)
1. Thanks for the sample file(s)
After writing my last article about malware analysis for Android[1], I decide to check some threats that may come from webpages. Today we can see more advertisement on web than it was few years ago. In case of malicious pages, “advertisements” added there now, more often probably will try to steal your data by installing some malware on your computer or by redirecting you to webpage containing exploit code for your browser(‘s plugin).
Few nice examples of ‘webpages’ like this, I found (again) on great Mila’s blog[0]. Thank’s again! ;)
(Hint: Don’t ask me for the password. Ask Mila via email.)
After writing my last article about malware analysis for Android[1], I decide to check some threats that may come from webpages. Today we can see more advertisement on web than it was few years ago. In case of malicious pages, “advertisements” added there now, more often probably will try to steal your data by installing some malware on your computer or by redirecting you to webpage containing exploit code for your browser(‘s plugin).
Few nice examples of ‘webpages’ like this, I found (again) on great Mila’s blog[0]. Thank’s again! ;)
(Hint: Don’t ask me for the password. Ask Mila via email.)
[EN] Fun with American Fu(n)zzy Lop
Last days I was doing a little research about 'how this crazy afl works'. ;)
"American Fuzzy Lop" it's an excellent tool created by lcamtuf.
Now it's a good moment to check the documentation of 'afl' if you want
some nice details about using it.
"American Fuzzy Lop" it's an excellent tool created by lcamtuf.
Now it's a good moment to check the documentation of 'afl' if you want
some nice details about using it.
Subscribe to:
Posts (Atom)