[Full-disclosure] BETA3 released
Happy New Year! As part of my New Year's resolutionshttp://skypher.com/index.php/2010/01/02/new-years-resolutions/, I am releasing some tools that I never got around to finish and/or publish. First on the list is BETA3 http://code.google.com/p/beta3/, a multi-format shellcode encoding tool that can convert raw binary shellcode into text that can be used in exploit source-code. It can convert raw binary data to a large number of encodings. It can also do the reverse: decode encoded data into binary for the same types of encodings. This is the follow-up to BETA2http://www.milw0rm.com/exploits/656 . http://skypher.com/index.php/2010/01/02/beta3-released/ Cheers, SkyLined Berend-Jan Wever berendjanwe...@gmail.com http://skypher.com/SkyLined ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com)
One of the amazing thing about these hackers calling them antisec didn't have real hardening on their servers. Most of their servers had direct public ip on their Interfaces and even their user management was crappy. I remember when i heard of antisec i thot these guys were real gurus with more than 10 years of experience, but after the fake sshd and fake attacks, and DDOS that meant nothing and now all is lulz, i cant help but rofl. ./Chuks On 1/2/10, Jeff Blaum jblau...@gmail.com wrote: It still does not change the fact that you (Glafkos) are a cock, and that astalavista is (and was) always a shit stain of a website. J On Thu, Dec 31, 2009 at 9:38 AM, Glafkos Charalambous i...@infosec.org.ukwrote: . | \ * ./ . * * * . -=* LULZ! *=- . .* * * . /* .\ | . _ _ ( ) ( ) | |_| | _ _ _ __ __ _ | _ | /'_` )( '_`\ ( '_`\ ( ) ( ) | | | |( (_| || (_) )| (_) )| (_) | (_) (_)`\__,_)| ,__/'| ,__/'`\__, | | || |( )_| | (_)(_)`\___/' _ _ _ _ ( ) ( )( ) ( ) | `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __ | , ` | /'__`\( ) ( ) ( )`\ /'/'__`\ /'_` )( '__) | |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || | (_) (_)`\)`\___x___/' (_)`\)`\__,_)(_) anti-sec.com . | \ * ./ . * * * . -=* RAWR! *=- . .* * * . /* .\ | . http://www.anti-sec.com http://pastebin.com/f12f6f9c0 http://pastebin.mozilla.org/694145 http://pastebin.ca/1733192 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- -- Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P I.T Security Analyst and Penetration Tester infosig...@inbox.com {FORUM}http://lists.my.co.ke/pipermail/security/ http://nspkenya.blogspot.com/ http://chuksjonia.blogspot.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Countslide alphanumeric GetPC
One limitation of most alphanumeric shellcode decoders, including those in * ALPHA2http://skypher.com/wiki/index.php/Hacking/Shellcode/Alphanumeric/ALPHA2 * and the soon-to-be-released *ALPHA3http://skypher.com/wiki/index.php/Hacking/Shellcode/Alphanumeric/ALPHA3 * is that they need to know where they are located in memory in order to decode themselves and run correctly. This makes using a *nopslide* hard in most circumstances, because you mostly only need a *nopslide* if you do not know exactly where your shellcode is in memory to begin with. I've developed a way to get around this problem, which I've described in more detail here: http://skypher.com/index.php/2010/01/02/countslide-alphanumeric-getpc/ ALPHA3 has support for generating working alphanumeric shellcode with nopslides using this technique. I'm currently working on getting the rest of its code into releasable shape. Cheers, SkyLined http://skypher.com/index.php/2010/01/02/countslide-alphanumeric-getpc/ Berend-Jan Wever berendjanwe...@gmail.com http://skypher.com/SkyLined ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/