www.machine.org.uk/meta:: Because shit does happen!

authors | contact | downloads | index | links | meta

[*] timb_machine: $bugs ++; # http://seclists.org/oss-sec/2014/q4/761 TLDR: Running Java apps across a privilege divide can be dangerous, at least on Debian

[*] timb_machine: @postmodern_mod3 In fairness, you still have to run it one day...

[*] timb_machine: @postmodern_mod3 <sarcasm />

[*] timb_machine: @postmodern_mod3 Strictly legit if you use SSL and avoid NOPASSWD. \o/

[*] timb_machine: @neonbunny9 Breaking the Blueray JVM eh? Nice work, I wondered how long it would take someone.

[*] timb_machine: @Bugcrowd On previous form, they need someone to manage it.

[*] timb_machine: @blackswanburst, @ReverseICS It's often the "vendor improvements" that are the problem though.

[*] timb_machine: @windyoona Surely that's illegal though. Therefore noone will do it.

[*] timb_machine: $self->close(2014); # EOF

[*] timb_machine: @0xtero pentest^Wred team engagement

[*] timb_machine: @j0hn__f Nice SGI bugs :)

[*] timb_machine: @i0n1c File a bug on http://github.com/doughnut/i0n1crat/issues

[*] timb_machine: @dwordj :)

[*] timb_machine: @SelsRoger Best CTF ever.

[*] timb_machine: @joedamato Certainly makes for good vulnerabilities.

[*] timb_machine: @tiraniddo We have a good bug hunting team :)

[*] timb_machine: @joedamato Big fan of DT_RPATH :)

[*] timb_machine: open($firmware, ">/dev/usb/barcode0"); # Hurrah. Now I can disable the bluetooth crypto.

[*] timb_machine: $changelog =~ s/CVE-[0-9]{4}-[0-9]+//g; # Mmm, silent fixes

[*] timb_machine: @travisgoodspeed Not available from Digia? :(

[*] timb_machine: sub agile { return undef; } # Even mainframe programmers do standups these days #definitelynotagile

[*] timb_machine: @hubert3 The CIA have opened an egg farm? Beats torturing people for a living.

[*] vlet / p5-Protocol-TLS - GitHub

[*] timb_machine: @hubert3 https://labs.portcullis.co.uk/whitepapers/

[*] timb_machine: @hubert3 That's reminded me to update our paper.

[*] timb_machine: @self->nom(); # Prawn curry starter from weekend becomes prawn and potato chowder

[*] timb_machine: @singe Only dead wood references I'm afraid.

[*] timb_machine: @singe Not new.

[*] timb_machine: @dangillmor Agreed, but there is still time.

[*] timb_machine: @dangillmor It's hardly censorship. It's opt-in at the ISP level. My ISP (as in I own it) doesn't filter (for example).

[*] timb_machine: $r15 = 0x41414141; # Always admired this register!

[*] timb_machine: @bagder Useful for talking to CUPS maybe...

[*] timb_machine: $fun = $usb + $bluetooth + $sap; # Another network sujected to our rigours

[*] timb_machine: @armitagehacker Pretty fun exam, but when will !UK professionalise?

[*] timb_machine: @hackerfantastic Heh. Nice page.

[*] timb_machine: @hackerfantastic Or is it su crashing?

[*] timb_machine: @hackerfantastic I think that's the one I reported a while back.

[*] timb_machine: dontopenURL(); # Should openURL work() from iOS command line apps or not? Either I'm stupid or it doesn't (at least on iOS 8) :(

[*] timb_machine: $ios ++; # Still no systemd support in Cydia. Damn those pesky developers.

[*] timb_machine: @hackerfantastic Or more realistic racing sims...

[*] timb_machine: @homakov I wasn't being particularly serious. Seen it in apps we've tested.

[*] timb_machine: @homakov Yet to see a system that enforces a password policy of 0-9. but I suppose it could happen :/

[*] timb_machine: @i0n1c We don't include any non-F/OSS code though.

[*] timb_machine: @i0n1c Believe there is at least one company in US that uses VulnApp for web training. No idea for SCADA courseware.

[*] timb_machine: @i0n1c Don't think we've ever really considered/cared what happens to our VMs etc after training is complete.

[*] timb_machine: @i0n1c Certainly, the subsequent monitisation certainly wasn't cool.

[*] timb_machine: @i0n1c People attend conferences to learn. Ultimately that knowledge will be shared. Sometimes by assholes and other times more noble.

[*] timb_machine: @i0n1c Noone *owns* vulnerabilities. They belong to the commons.

[*] timb_machine: sub ptpDataIn() { print "A"x int(rand(4096)); ) # In which we create a malicious PTP implementation for the iPod clone

[*] timb_machine: $ipod * 2; # Attack of the clones http://t.co/aPZsa2n0J1

[*] timb_machine: @aionescu Not surprised. Did you see my System V stuff? Developers are *lazy* when it comes to IPC.

[*] timb_machine: @daveaitel Windows shared memory.... cc: @aionescu

[*] timb_machine: 0xff, //bNumInterfaces: Number of interfaces (1) < possibly a lie :)

[*] timb_machine: printk("[40956.419409] usb 1-2.2: config 1 has 1 interface, different from the descriptor's value: 255"); # Damn, spotted :( #nevertrustusb

[*] timb_machine: @BIAS_bfc All of them!

[*] timb_machine: @TheLordNelson Genius.

[*] timb_machine: @markdevlin7 Top notch again. #brentfordfc making me and my bro smile.

[*] timb_machine: @lazytyped Missed this before, but it sounds quite interesting. Nice to see one of the commercial UNIX vendors finally push things forwards.

[*] timb_machine: @4Dgifts http://www.vulnerabilitymarketingboard.com/ :)

[*] timb_machine: @Treesiepops http://en.wikipedia.org/wiki/Birthday_problem

[*] timb_machine: @TheOnlyEvil1 Pretty sure the DELETE etc are being they've implemented a RESTful API, not because they're doing WebDAV.

[*] timb_machine: @nitr0usmx Once upon a time, I crashed the QNX TCP/IP stack process whilst fuzzing. Box wasn't much use till the reboot.

[*] timb_machine: OH: "For setuid programs not run by the superuser, _RLD_ARGS is ignored." < no linker fun to be had :(

[*] timb_machine: OH: "Java 1.3.1 is now the default for the system." < Bug hunting on Tru64

[*] timb_machine: @SelsRoger I'd go further and it is unacceptable not to.

[*] timb_machine: @angealbertini I've done a bit with this: https://github.com/presseverykey/everykey-sdk/blob/master/examples/usbraw/main.c

[*] timb_machine: @angealbertini The NCC stuff isn't bad.

[*] timb_machine: @mainframed767 That's the one, bless 'em.

[*] timb_machine: @mainframed767, @SelsRoger RACF-L? I think I read the same thread...

[*] timb_machine: @tqbf Nope.

[*] timb_machine: @tqbf Evidence? Genuinely curious why you think PHP is a safer choice than Perl? http://ASP.NET not even on the list?

[*] timb_machine: system("gencore " . $pid); # Dump the application core, extract the Oracle RDBMS creds, login directly as SYSDBA #pwningaixapps

[*] timb_machine: @mainframed767 You had a look at the implementation yet>?

[*] timb_machine: $newhash = kdfaes($desstring); # Welcome RACF, to the future^Wpresent: ftp://public.dhe.ibm.com/eserver/zseries/zos/racf/pdf/oa43999.pdf

[*] timb_machine: $bugs += 0; # Always nice not to be credited

[*] timb_machine: @sempf What about numeric injections?

[*] timb_machine: .@matthew_benham My dad's great grandfather helped found the Bees. We lost him to cancer in Sept. Please carry on making us proud. #bees

[*] timb_machine: @iamfrangipan It is. Am there. :)

[*] timb_machine: @sempf What would you encode "1 or 1=1 or 1=" to?

[*] timb_machine: @BrentfordFC Half and half scarves for the glory hunters?

[*] timb_machine: close($week); # Roll on #brentfordfc vs Fulham

[*] tmb-vs-ibm-aix-libodm.c

[*] tmb-vs-ibm-aix-ptrace-PT_LDINFO.c

[*] s_client-vs-cve-2014-0160.diff.txt

[*] NDSA20140311.txt.asc

[*] SAP Transaction Codes

[*] Patch to x3270 to make it ignore protected fields, and allow them to be modified. This provided some significant pwnage on an assessment where the mainframe (IMS) application appeared to pass the username from one field to another. I'm still researching

[*] security - Exploitable PHP functions - Stack Overflow

[*] Retargetable Decompiler

[*] Rechenzentrum Kreuznach - die AS/400-Profis

[*] Configuration of hidden Sendmail SSL/TLS connection options « TriathlonMike

[*] Native Extensions for Perl without Smoke and Mirrors

[*] Deconstructing the Azure Point-to-Site VPN for Command Line usage - Diary Of A Ninja

[*] Volatile Minds

[*] Cryptographic flaws in Oracle Database authentication protocol | Marcel's Blog

[*] A brief look at the Acer ChromeBook #2

[*] A brief look at the Acer ChromeBook #1

[*] Dead bugs society

[*] A brief look at the RIM PlayBook

[*] Breaking cpau, a dummies guide

[*] Bypassing the Android pattern lock

[*] Introducing VulnApp

[*] Exploiting the Linux linker

[*] Dumping Samba hashes

[*] Defcon 18 CTF qualifiers: who is the h4x13st h4x0r of them all

© www.machine.org.uk Web Master, 2006
[del.icio.us - Post this page to del.icio.us] [twitter - Post this page to twitter]