We are proud to present a new, growing collection from IBadishi Digital Art (the sharpest of you might note the family relationship ). The collection features hack-me shirts (try to hack them!), ASCII art, geek chic, and simply cool gear. You can see some samples below. We would also love to hear what you think and what cool designs you would like to see, so feel free to leave your comments below. Continue reading →
At the beginning of December 2011 (or maybe it all started on late November), UK’s Government Cyber Headquarters (GCHQ) published a challenge called “Can You Crack It?”. The site no longer contains the challenge, but rather hints on the solution. The webpage itself contained the following image, with an input line at the bottom, titled “Enter Keyword:”.
In the following posts I will detail the solution to GCHQ’s challenge, step by step. You can try it out for yourself, starting on this post. When you’re finished with step 1 (the image above) and know what should be the move to get to step 2, you can go to the next post.
During Black Hat USA 2012, ESET released a challenge, in which you need to build a key generator that passes 2 stages. Only one person managed to solve the crackme, and he did it in 10 hours. He later submitted another solution. Feel free to download the crackme and see if you can solve it yourself.
We continue our series of tweaking Metasploit modules to bypass EMET, without changing Metasploit’s payloads. Last time, we talked about bypassing EMET’s EAF using SEH. Since this technique may not necessarily fit your exploit, we present a second technique that bypasses EMET’s EAF without using SEH or changing Metasploit’s payload. Continue reading →
Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) is designed to increase the protection of your system against exploitation. It can render current Metasploit modules useless, as they’re currently not designed to bypass it. We discuss ways to tweak Metasploit modules in as much a generic way as possible, so they can work against targets utilizing EMET. Continue reading →
While working on Poison Ivy’s communication, one of my students approached me and asked me if the fact that an infected computer can connect to the C&C server means that the compromised host can break into the server. Well folks, it appears that it’s possible. We will now present a fully working exploit for all Windows platforms (i.e., bypassing DEP and ASLR), allowing a computer infected by Poison Ivy (or any other computer, for that matter) to assume control of PI’s C&C server. Continue reading →
In a recent press release, LinkedIn admitted it is investigating reports that about 6.5 million passwords were stolen from its database. Sources say that about 300,000 of these passwords were already cracked, and efforts are underway to reveal the rest of the passwords. LinkedIn user base is estimated at about 150 million, meaning that less than 5% of the passwords were stolen, and only 0.1% of the users’ passwords were revealed. However, some LinkedIn users have already found their passwords floating around the net.
Lately, hackers are forced to be more and more creative as defense mechanisms are piling up, making exploitation more difficult. Most notably, data execution prevention (DEP) and address space layout randomization (ASLR), both present on Windows 7 and current browsers, make drive-by exploits a real pain. In this post we explain the concept of using the Just-In-Time (JIT) compiler to bypass DEP and ASLR. Continue reading →