Posts

Showing posts from 2018

Windows Exploit Development (primer II) : Corrupting Structured Exception Handling and Controlling Memory Pointers

Image
I folks this post is part of a series in which I introduce some good fundamentals in windows exploit development - basically documenting as I learn it myself!

In this post we are going to essentially going to find out how our input breaks certain structures in memory, find different ways to crash the program and discuss the fun things these crashes let us do with out input! Lets get going :)
What you need to get going Exactly the same as last time!
Windows Virtual Machine Debugger Tools for windowsEasy MPEG to DVD Burner (copy available on exploit-db)(optional) python script payloadgen.py mentioned later on in the post Corrupting Memory
I assume you've got everything sorted out in terms of debugging the application. If its broken in you can get it running after a breaking by using the "g" command like this:



It should start running unless for some reason it hits another breakpoint. Hit "g" as many times are you need to get the application running smoothly and re…

Windows Exploit Development (primer) : Debugging Threads and Analyzing Memory

Image
Hi folks I thought its about time to start blogging about the little experience I have in low level exploitation and analysis - so here goes. To start off on your windows exploitation journey you need to be able to get to grips with a tool and some tricks to get you look at your target the right way. In this post I cover somethings that may help a ton! 
Debugging ThreadsTo get started you are probably going to need a couple things sorted out first, namely a simple windows VM setup with debug tools (tons of tutorials out there on the internet) and a target to exploit: A Windows VM (Microsoft made them free which is awesome!)Windows Debug ToolsYou should grab a copy of  Easy MPEG to DVD Burner on exploit db.
Before we can start crashing programs and controlling EIPs we need to make sure we have the right view of the target we are exploiting. Windows debugger is actually pretty useful in this regard so open it up, open the target program and attach the debugger to it like so:




Once you've…

[Software Philosophy] The Hegelian Triad of Software Development

Image
One question that was pretty interesting to think about in recent days was to try and explain what could be an expression of Hegel's Triad (the anti-thesis, thesis and synthesis of ideas or more directly the "Abstract - Negative - Concrete") as it pertains to development/engineering of software.


How to Stomach Hegel's Triad 
Hegel was a ground breaking philosopher who thought up ways to explain our own experience of fundamentally experiencing consciousness and these beasts called "conscious structures" - hyper organizations of collective consciousness experience.

He, in other works not only critiqued history with regards to how it paints a picture of our own experience of conscious structures (allows us today to ask questions in a very enlightening way for instance: "is anonymity the same as it was in ancient rome?" "did the mayans have a concept of privacy- is it different ours" etc etc) - but is credited by inventing the very idea of …

Toward a critical phenomenology of closed source security

In my critical view and by argument here I claim that closed sourcing imposes a limitation of everyone's view of the software and fair determination of its properties. In other words my argument is essentially even though closed source achieves ANY properties in software it does so by maintaining a practice that actually limits fair determination such a property can even be provably achieved. There mere idea that companies who distribute closed source (from the perspective of users and developers) can perform a pantomime convincing people that they ever achieve security at some point (in a way apologetic sincerely to the subjective domain of the user) - does not sway my ability to take crucially the lack of actually evidence for any claim (due to the lack of source code as proof at least!) for achievement of these properties, and the constant and almost publicly accepted complete failure of their security efforts (Mac Root Bug  failures, Oracles notoriously bad patching history e…

Understanding Blockchain : The theory and the threats

Image
In this post I'll break down some key aspects of what makes a blockchain, blocky and chainy. I'll also break out some ideas I have on what threatens block chain applications in design an implementation potentially speaking.

What is the blockchain? Blockchain applications essentially provides a means to orchestrate transactions based on something called a "state-machine" that propagates and maintains global addressable list of all transactions ever.  Essentially folks needed a way for all agreements of a given theme based on the value of something to follow a strict grammar and language i.e. based on principles that "this thing" must appear before "this thing" rules that follow this format are great for language based machines like state machines. After all we designed computers and all formal definitions so far on these properties, they are such powerful means of scrying computation out of nature we are applying them to quantum bodies in profound…

On Forced Open Sourcing of End of Life Software

Recently I heard of a regulation France introduced (or was proposing be introduced internationally at least) in order to force companies developing closed source applications to open source them once end of life is declared for the software. And again I shall state this is almost purely in an effort to be fair to the users of the software. Why is this "fair"? What does it reflect about the rest of the life of the software? i.e. What is the impact on the non-end of life- life of the software and the user?

If it is fair to force declaration of the source code because the users are no longer supported with updates and maintenance of the software. Then this means it is recognized that forcing users to use software that doesn't remain in appreciation of their security needs is seen here as ethically wrong. In essence we recognize here that users cannot be held captive by software they are not allowed to understand or change by the imposition of the company that owns the soft…

On the ontological duality of Software and Hardware II : and What it means for Open Source.

Image
Folks in France had the brilliant idea of requiring software companies to hand over source code for software they have ended support for. Obviously this is done in an effort to protect the users who suffer from needing to use their software. But of course this means much much more for the future of software, and highlights a key insight the French have on the reality of software and how it actually affects society.


Why does Source code matter? Because its all source code!
Computer Scientists have since before the existence of computers argued the break in ontological duality of hardware and software (most recently I think JH Moore's "Three Myths of Computer Science" being the last major blow to it from a philosophical stand point). Essentially they've been screaming at us that there is no difference between hardware and software - no means to actually differentiate them according to the ontological realities. And whats more because of the advent of quantum computing…

[Android Security] Attacking the Android Package Manager from the past.

Image
Hi folks, here's a quick post about something I see very often in android application code. Something that could have pretty devastating effects if taken too lightly. Something that I believe is known about in some Android development circles but according to some of the things I've seen in apps - it doesn't seem this abuse of the PackageManager is as widely understood as it should be.  So in the following post I'm going to lay out a small trust problem folks seem to miss when dealing with Intents and the PackgeManager on Android.

So here's whats up...
When developing applications for Android you often want to take advantage of other applications and services available on the hosting system. For instance you might want to develop an app that opens Google Maps on a given set of co-ordinates , or perhaps opens a browser on a given page. Of course this is very common, its even common to host applications that forward potentially sensitive information to other applica…