Autonomy News
Syncing DLL Load Address between Immunity ...
Monday, 30 August 2010
Syncing DLL Load Address between Immunity ...
Monday, 30 August 2010

Switch on the Symbol Server

We don't want addresses, we want meaningful names, so the first step is to hook up the debugger to the symbol server at http://msdl.microsoft.com/download/symbols. Go to Debug -> Debugging Symbol Options:

Now switch on the checkbox; the URL should already be there:

For the changes to take effect, you need to restart the trace. …

Read more…
Nima Talebi | 0 comments
Shellcode - Part 0x2
Saturday, 29 May 2010
Shellcode - Part 0x2
Saturday, 29 May 2010
Purpose
matrix

To be able to write injectable shellcode to pop a shell.

Popping a Shell

Welcome back shellcode rookie!

Abstract

In order to pop a shell, we would need to write shellcode that effectively executes along the lines of the following bit of C code:

#include <unistd.h>
int main() {
char *shell[2];
shell[0] = "/bin/sh";
shell[1] = NULL;
execve(shell[0], shell,</unistd.h> …

Read more…
Nima Talebi | 0 comments
Shellcode - Part 0x1
Saturday, 29 May 2010
Shellcode - Part 0x1
Saturday, 29 May 2010
Purpose
matrix

The most suitable place to inject and harbour shellcode, is into a buffer, and almost undoubtedly, this will be a character array. This presents a problem which is the focus of this tutorial - character arrays are NULL-terminated, and this means the only the portion of shellcode prior to the very first NULL will succeed in the injection.

To be able to write injectable shellcode, free of the NULL character.

Read more…
Nima Talebi | 0 comments
Shellcode - Part 0x0
Friday, 28 May 2010
Shellcode - Part 0x0
Friday, 28 May 2010
Purpose
matrix

Getting started with shellcode; to be able to write a trivial exit shellcode, and ensure that it's execution is taking place as expected.

So Yewz Wantz 2 Writez Some Shell Eh?

Prerequisites Shellcode, Assembly Language (ASM)

Abstract

The term "shellcode" here has truly been dumbed down; it is not really shellcode at all (i.e., …

Read more…
Nima Talebi | 0 comments
Mainevent
Friday, 14 May 2010
Mainevent
Friday, 14 May 2010

PSIGMATECK Inaugural Mainevent

Wed 26 May, 2010, 1845 to 2000.

Dr. Szilárd VAJDA. School of Computer Science and Engineering UNSW. Pattern recognition, in the context of handwriting. Room 201B, Level 2, Building K17, UNSW.

Speaker Szilárd VAJDA, Szilárd VAJDA's Weblog
Title _Indian Postal Document Recognition (Handwriting, …
Read more…
Nima Talebi | 3 comments
ASM101 - Class 0x02
Sunday, 9 May 2010
ASM101 - Class 0x02
Sunday, 9 May 2010
Purpose
matrix

An absolute beginner's guide to understanding asm: Write (and compile) a trivial bit of C code, then make sure you understand the disassembled asm, line by line.

Welcome back! In the previous post, we covered the compilation of a simple C program without stdlib, simply to gain further (very minimal) insight into the compilation process and (a tiny bit about) the role of stdlib. …

Read more…
Nima Talebi | 0 comments
Wargame - BSD Rootkit Day 0x08
Tuesday, 4 May 2010
Wargame - BSD Rootkit Day 0x08
Tuesday, 4 May 2010

お帰り!

Purpose
matrix

To cover system call hooks once more, this time however focus on those system calls that can be used to intercept networking traffic; specifically TCP/IP.

Intercepting Network Traffic

To get started, read the FreeBSD Communication Protocols page.

Read more…
Nima Talebi | 1 comment
Wargame - Reversing Game 0x3
Friday, 30 April 2010
Wargame - Reversing Game 0x3
Friday, 30 April 2010

Welcome back!

Reversing Game 0x2

Files game3

Tools

For this wargame, we'll be using the following tools:

gdb Finally, some runtime debugging.
objdump For assessing the binaries statically.
[hexeditor] For editing the binaries (as a hex-editor).
[hexchunk] Home-brew helper script.
hexection Home-brew helper script. …
Read more…
Nima Talebi | 0 comments
More
Spaces

Autonomy Digital Scribbles
A collection of howtos pertaining to Operating Systems, Hardware, Programming, and other oddities. Subsets of this howto...
Computer Programming
Specific programming language notes and information to make program development more efficient and secure.
Desecured
Security and Insecurity, Safety and Catastrophes, Blackhat, Whitehat, Motivated Assailant and the Script Kiddy, Nuclear ...
PSIGMATECK
Projects native to the PSIGMATECK world.
PSIGMATECK
Superimpose the myriad sciences and find the special intersection that is intelligence, and the essence of what PSIGMATE...
Python-DMIDecode
Python DMI Decode for Linux; reads /dev/mem, and outputs structured data pertaining to your hardware in both XML form, a...
Recently Updated
Nima Talebi
Sep 05
Page: PAM - Pluggable Authentication Modules (Desecured)
Page: DNS Cache (Autonomy Digital Scribbles)
Blog post: Attaching to a Process in Immunity Debugger (Desecured)
File dbg-3.png (Desecured)
File dbg-2.png (Desecured)
File dbg-1.png (Desecured)
File dbg-4.png (Desecured)
Page: C Jargon (Computer Programming)
Page: Static Analysis (Desecured)
Page: IA32 Function Calling Convention (Computer Programming)
Blog post: Syncing DLL Load Address between Immunity Debugger and IDA Pro (Desecured)
File immunity-ida-sync-addr-6.png (Desecured)
File immunity-ida-sync-addr-5.png (Desecured)
File immunity-ida-sync-addr-4.png (Desecured)
File immunity-ida-sync-addr-7.png (Desecured)
More
Favourite Pages
There are currently no pages on your favourites list. You can add pages to this list by clicking from the Tools menu on the page you're viewing.
Show Show
Tag cloud
Tag cloud information
A tag cloud or word cloud (or weighted list in visual design) is a visual depiction of user-generated tags, or simply the word content of a site, used typically to describe the content of web sites.