[Full-disclosure] BETA3 released
Happy New Year! As part of my New Year's resolutionshttp://skypher.com/index.php/2010/01/02/new-years-resolutions/, I am releasing some tools that I never got around to finish and/or publish. First on the list is BETA3 http://code.google.com/p/beta3/, a multi-format shellcode encoding tool that can convert raw binary shellcode into text that can be used in exploit source-code. It can convert raw binary data to a large number of encodings. It can also do the reverse: decode encoded data into binary for the same types of encodings. This is the follow-up to BETA2http://www.milw0rm.com/exploits/656 . http://skypher.com/index.php/2010/01/02/beta3-released/ Cheers, SkyLined Berend-Jan Wever berendjanwe...@gmail.com http://skypher.com/SkyLined ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Antisec for lulz - exposed (anti-sec.com)
One of the amazing thing about these hackers calling them antisec
didn't have real hardening on their servers. Most of their servers had
direct public ip on their Interfaces and even their user management
was crappy.
I remember when i heard of antisec i thot these guys were real gurus
with more than 10 years of experience, but after the fake sshd and
fake attacks, and DDOS that meant nothing and now all is lulz, i cant
help but rofl.
./Chuks
On 1/2/10, Jeff Blaum jblau...@gmail.com wrote:
It still does not change the fact that you (Glafkos) are a cock, and that
astalavista is (and was) always a shit stain of a website.
J
On Thu, Dec 31, 2009 at 9:38 AM, Glafkos Charalambous
i...@infosec.org.ukwrote:
.
|
\ * ./
. * * * .
-=* LULZ! *=-
. .* * * .
/* .\
|
.
_ _
( ) ( )
| |_| | _ _ _ __ __ _
| _ | /'_` )( '_`\ ( '_`\ ( ) ( )
| | | |( (_| || (_) )| (_) )| (_) |
(_) (_)`\__,_)| ,__/'| ,__/'`\__, |
| || |( )_| |
(_)(_)`\___/'
_ _ _ _
( ) ( )( ) ( )
| `\| | __ _ _ _ `\`\_/'/'__ _ _ _ __
| , ` | /'__`\( ) ( ) ( )`\ /'/'__`\ /'_` )( '__)
| |`\ |( ___/| \_/ \_/ | | |( ___/( (_| || |
(_) (_)`\)`\___x___/' (_)`\)`\__,_)(_)
anti-sec.com
.
|
\ * ./
. * * * .
-=* RAWR! *=-
. .* * * .
/* .\
|
.
http://www.anti-sec.com
http://pastebin.com/f12f6f9c0
http://pastebin.mozilla.org/694145
http://pastebin.ca/1733192
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--
--
Gichuki John Ndirangu, C.E.H , C.P.T.P, O.S.C.P
I.T Security Analyst and Penetration Tester
infosig...@inbox.com
{FORUM}http://lists.my.co.ke/pipermail/security/
http://nspkenya.blogspot.com/
http://chuksjonia.blogspot.com/
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Countslide alphanumeric GetPC
One limitation of most alphanumeric shellcode decoders, including those in * ALPHA2http://skypher.com/wiki/index.php/Hacking/Shellcode/Alphanumeric/ALPHA2 * and the soon-to-be-released *ALPHA3http://skypher.com/wiki/index.php/Hacking/Shellcode/Alphanumeric/ALPHA3 * is that they need to know where they are located in memory in order to decode themselves and run correctly. This makes using a *nopslide* hard in most circumstances, because you mostly only need a *nopslide* if you do not know exactly where your shellcode is in memory to begin with. I've developed a way to get around this problem, which I've described in more detail here: http://skypher.com/index.php/2010/01/02/countslide-alphanumeric-getpc/ ALPHA3 has support for generating working alphanumeric shellcode with nopslides using this technique. I'm currently working on getting the rest of its code into releasable shape. Cheers, SkyLined http://skypher.com/index.php/2010/01/02/countslide-alphanumeric-getpc/ Berend-Jan Wever berendjanwe...@gmail.com http://skypher.com/SkyLined ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
