On Mon, May 9, 2011 at 11:23 PM, Adrien Kunysz wrote:
> On Mon, May 09, 2011 at 11:58:41AM +0200, Piotr Bania wrote:
>> LINK TO THE PAPER:
>> http://www.piotrbania.com/all/articles/pbania-securing-the-kernel2011.pdf
>
> Is the code available publicly?
>
Nope, code is
--
Piotr Bania - - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com - Key ID: 0xBE43AC33
icles/pbania-jit-mitigations2010.pdf
PAPER MIRROR:
http://kryptoslogic.com/download/JIT_Mitigations.pdf
best regards,
pb
--
Piotr Bania - - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
s,
pb
--
Piotr Bania - - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com - Key ID: 0xBE43AC33
- "The more I learn abou
n the ascii g00gle ads to support our cause. ODZYSKAMY POLMOS!
thank you and have a nice winter!
_o/
* - alcohol-free ((:)
[1] -
http://blog.metasploit.com/2009/10/smb2-351-packets-from-trampoline.html
--
Piotr Bania - -
together with providing potential countermeasures against this type of
detection method.
Paper can be found at:
http://piotrbania.com/all/articles/pbania-evading-nemu2009.pdf
best regards,
pb
--
--------
Piotr Bania - - 0xCD, 0x19
F
unpack, to be honest I have never used it but i surely will
give it a try. Thanks.
- pb
--
--------
Piotr Bania - - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689
best regards,
pb
--
Piotr Bania - - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com - Key ID: 0xBE43AC33
lysis.
Paper is available here:
http://piotrbania.com/all/spiderpig/pbania-spiderpig2008.pdf
Simple video demo and some other things available on project website:
http://piotrbania.com/all/spiderpig/
best regards,
Piotr Bania
--
/adv/vmware-io-adv.txt
best regards,
Piotr Bania
* - probably other VMware virtualization products are affected as well
--
Piotr Bania - - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http
lost your password? Now it doesnt matter at all :-)
You can download Kon-Boot Windows&Linux version from the project website:
http://piotrbania.com/all/kon-boot/
Please note:
You may use this software only for personal, legal and non-commercial
activity.
best regards,
Piotr Bania
[1] h
page:
http://piotrbania.com/all/kon-boot/
best regards,
Piotr Bania
--
--------
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotrbania.com - Ke
RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap Corruption
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
Original url (and formatting):
http://www.piotrbania.com/all/adv/realplayer-heap-corruption-adv.txt
Severity: Important/Critical - Pot
RealNetworks RealPlayer/RealOne Player/Helix Player Remote Memory
Corruption
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
Original url (and formating):
http://www.piotrbania.com/all/adv/realplayer-memory-corruption-adv.txt
Severity: Critical - Remot
Binary:
http://piotrbania.com/all/ti89/dis2.89z
i hope you will find them somehow interresting.
best regards,
pb
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689
/all/ti89/
*EDUCATIONAL PURPOSES ONLY WHATSOEVER*
best regards,
pb
--
----
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.piotr
AOL Nullsoft Winamp IT Module "IN_MOD.DLL" Remote Heap Memory Corruption
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
Severity: Important - Potencial remote code execution.
Software affected: Tested on AOL Nullsoft Winamp v5
AOL Nullsoft Winamp LIBSNDFILE.DLL Remote Memory Corruption (Off By Zero)
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
Severity: Critical - Possible remote code execution.
Software affected: Tested on AOL Nullsoft Winamp v5.33 (x86)
AOL Nullsoft Winamp S3M Module "IN_MOD.DLL" Remote Heap Memory Corruption
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
Severity: Important - Potencial remote code execution.
Software affected: Tested on AOL Nullsoft Winamp v5
Apple QuickTime Player Remote Heap Overflow
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
All rights reserved.
Severity: Critical - potencial remote code execution.
Software affected: Tested on QucikTime 7.1 (W
Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
Orginal url:http://www.piotrbania.com/all/adv/adobe-acrobat-adv.txt
Severity: Critical - Possible remote code execution.
Apple QuickTime Player H.264 Codec Remote Integer Overflow
by Piotr Bania <[EMAIL PROTECTED]>
http://www.piotrbania.com
All rights reserved.
Severity: Critical - potencial remote code execution.
CVE:CV
ing your own checksumer.
best regards,
pb
--
--------
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC33
http://www.
Hi all,
Some little Kadu fun info:
http://www.piotrbania.com/all/adv/kadu-fun.txt
best regards,
pb
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE43 AC3
Hi,
If someone is interrested I have released beta version of my
disassembler engine, available here:
http://www.piotrbania.com/all/disit/
best regards,
Piotr Bania
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD
Hi,
Damn, shit happens, you were first, i have just finished writting the
initial raport:
http://www.piotrbania.com/all/adv/MS06-002-adv.txt
best regards,
pb
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Finge
DOES NOT rely on ANY
signatures.I really advice you to study, before you will talk about
things you really don't understand.
Anyway, I must confess I'm under impression of yours "bypassing snort
sigs" mad skillz, ph33r.
E
rbania.com/all/protty_vs_wmf_exploit.avi
(Ah, btw. it was tested on my old machine with some really slow CPU
model so forgive me the video lags...)
best regards,
Piotr Bania
--
--------
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD,
Hello,
Appending to the "topic", several months ago i have created my own
protection mechanism (http://www.piotrbania.com/all/protty/), full
description was attached to Phrack#63.
Maybe you will find it useful :)
best regards,
P
Apple QuickTime PICT Remote Memory Overwrite
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
All rights reserved.
CVE-ID: CVE-2005-2756
Original location:
http://pb.specialised.info/all/adv/quicktime-pict-adv.txt
Severity: Critical - remot
Apple QuickTime Player Remote Denial Of Service
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
All rights reserved.
CVE-ID: CVE-2005-2755
Original location:
http://pb.specialised.info/all/adv/quicktime-mov-dos-adv.txt
Severity: Critical -
Apple QuickTime Player Remote Integer Overflow (2)
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
All rights reserved.
CVE-ID: CVE-2005-2754
Original location:
http://pb.specialised.info/all/adv/quicktime-mov-io2-adv.txt
Severity: Cr
Apple QuickTime Player Remote Integer Overflow (1)
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
All rights reserved.
CVE-ID: CVE-2005-2753
Original location:
http://pb.specialised.info/all/adv/quicktime-mov-io1-adv.txt
Severity: Cr
Hi,
For those who are interrested, the paper can be downloaded from:
http://pb.specialised.info/all/articles/ewdd.pdf
Enjoy.
best regards,
Piotr Bania
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint
Kerio Technologies Kerio Personal Firewall and Kerio Server
Firewall FWDRV driver
Local denial of service
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
Original location:
http://pb.specialised.info/all/adv
(currently disabled)
available at: http://pb.specialised.info/all/protty/prott_packV01A.zip
best regards,
Piotr Bania
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF6 689F BE4
Hi,
For those who are interrested, new version (0.1c) of TAPiON (polymorphic
decryptor generator) is now available. The package can be downloaded at:
http://pb.specialised.info/all/tapion/
- the list of changes in 0.1c version is also stored at this url.
best regards,
Piotr Bania
a level 3 or level 4, unless you fully
understand the source. I'm not saying it is perfect, is was written in 5
days.
Hope this helps you.
best regards,
Piotr Bania
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fi
variants
# block swapping
# garbage engine (normal instructions / coprocessor instructions)
# block swapping
# random decryptor size
# multiple decryptor layers generation
DOWNLOAD AT:
---
http://pb.specialised.info/all/tapion/
best regards,
Piotr Bania
alised.info/all/efilter/efilter.dll
Source:
- http://pb.specialised.info/all/efilter/efilter.c
best regards,
Piotr Bania
--
--------
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD, 0x19
Fingerprint: 413E 51C7 912E 3D4E A62A BFA4 1FF
Compuware Softice (DbgMsg driver) Local Denial Of Service
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
Original location: http://pb.specialised.info/all/adv/sice-adv.txt
Severity: Low / Medium - BSOD (Blue Screen Of Death) DOS
Software af
Alwil Software Avast Antivirus Device Driver Memory Overwrite
Vulnerability
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
Original location: http://pb.specialised.info/all/adv/avast-adv.txt
Severity: Less Critical/Medium - local ring0 code execution
So
OllyDbg "INT3 AT" Format String Vulnerability
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
Original location:
http://pb.specialised.info/all/adv/olly-int3-adv.txt
Severity: High / Medium - code executi
RealNetworks RealPlayer/RealOne Player/Helix Player Remote Heap
Overflow
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
Original location:
http://pb.specialised.info/all/adv/real-ram-a
Hi,
For thoose who would like to read some about Firefox Greasemonkey.
Here is the article: http://pb.specialised.info/all/articles/monkey.txt
have phun.
Peace,
Piotr Bania
--
Piotr Bania - <[EMAIL PROTECTED]> - 0xCD
DataRescue Interactive Disassembler Pro Debugger Format String
Vulnerability
by Piotr Bania <[EMAIL PROTECTED]>
http://pb.specialised.info
Severity: High / Medium - code execution.
Versions affected: Probably all versions, however tested on
4.7.0.830.
46 matches
Mail list logo