January 2008
4 posts
Helbidez aldatzen dugu.
Hainbat arrazoi direla medio overflowaren ondoren gaurtik aurrera http://jonena.wordpress.com helbidean aurkituko duzue.
Orri repositorioa
Securityfocus.com webguneak kudeatutako Bugtraq posta zerrendan argitaratutako esteka interesgarri bat dakarkit gaurkoan. ORK deituriko partehartzaile batek webgune bat osatu du segurtasuna eta hacking-aren inguruko orri edo *paper* delakoez osatutako bilduma zabal batekin. Tartean Buffer Gainezkadak (BoF), Heap Gainezkadak (HoF), Iragazki ihesbideak (Filter Bypass) eta gainontzeko esplotazio...
lang = euskera;
Aurrerantzean, eduki guztiak euskaraz kaleratuko dira. Segurtasun informatikoak gure hizkuntz komunitatearen barruan duen leku txikia ikusirik, hemendik ondar ale bat bideratuko dugu gaurtik aurrera.
Hasera baten ingelesez idazteko arrazoia irakurle gehiago izatea izanik eta, begibistako arrakasta falta ikusirik. Aurrerantzean edukiak euskaraz argitaratuko dira. Itzuliko zarelakoan,
- infi
4 tags
New year, new...mayhem at redmond.
Alongside new year’s arrival, santa brought three new vulnerabilities to redmond’s very own collection of OS’s. The most important one has been marked as *critical* by Microsoft and could allow a remote attacker to execute arbitrary code on the victim’s machine. This is possible due to how windows handles the storing of data coming from IGMP and MLD network requests,...
December 2007
1 post
Unlocking Doug Lea's Malloc
After a pretty long break from blogging activies here I come again with some fresh memory managing papers to read. I’ve started fooling around with Heap management exploitation for the GNU/Linux OS. There’s much more going on in each memory allocation than just a malloc() call and a return pointer. Therefore, if successful memory corruption is to happen, proper documentation is...
November 2007
6 posts
If...
I don’t tend to make plugging but I think this time is well worth it. This is a commercial spot from Spanish company Repsol, where one of it’s lead motorbike racers, Dani Pedrosa, is featured alongside a wonderfull poem by Rudyard Kipling called “if”. Inspiring nonetheless. Si puedes mantener la cabeza sobre los hombros cuando otros la pierden y te cargan su culpa, Si confías en ti mismo aún...
“This book is dedicated to anyone and everyone who understands that
hacking...”
– Shellcoder’s Handbook: Discovering and Exploiting Security Holes, Second Edition. Wiley Publishing, Inc. 2007
Memory Management in Linux
As I’m getting deeper and deeper in my particular adventure within the shellcoder’s handbook. I’ve realised I needed some external support regarding memory management. The book gives some inshight in the matter but just as Jack Sparrow says in Pirates of The Caribean “Impossible to find unless you’ve been there before.”. Therefore I’ve spent some days...
7 + 1 = werewolf
It’s been a couple of days since its release and I decided to give it a shot in my home workstation. During years, I’ve tried many distributions and almost all of them had some sort of bug or out-of-the-box misconfiguration that ended up taking away the fresh look and appeal they had in the home site. This second release after the name change from the traditional “Fedora...
Shellcoder's Handbook, 2nd Edition
I recently got in contact with the second edition of the renowned exploit discovering/developing book Shellcoder’s handbook, hence the title :-) Apart from all the bells and whistles of the previous edition, it has around 40% of new/updated content and coverage...