Security_Guy

Fun with SROP Exploitation

June 19, 2015August 11, 2018 by Reno Robert

Reno Robert

This post is regarding another solution for the same problem mentioned in Return to VDSO using ELF Auxiliary Vectors. So the idea here is to exploit a tiny binary remotely using SigReturn Oriented Programming (SROP) without info leak or bruteforce. Below is the challenge code: section .textglobal _startvuln: sub esp,…

Continue Reading

Fun with SROP Exploitation

June 19, 2015June 19, 2015 by Reno Robert

Reno Robert

This post is regarding another solution for the same problem mentioned in Return to VDSO using ELF Auxiliary Vectors. So the idea here is to exploit a tiny binary remotely using SigReturn Oriented Programming (SROP) without info leak or bruteforce. Below is the challenge code: section .textglobal _startvuln: sub esp,…

Continue Reading

Deobfuscate Javascript using PhantomJS (Headless browser)

June 18, 2015 by hiddencodes

hiddencodes

Recently when i got a chance to analyze Neutrino Exploit kit capture, i noticed that Neutrino EK has a detection and check for headless browser and other JS based frameworks. One thing that is interesting about Neutrino EK is all … Continue reading →

Continue Reading

Update from the GSoC 2

June 18, 2015 by The Official Radare Blog

The Official Radare Blog

As part of GSoC I (dkreuter) and sushant94 have been working the last three weeks on what should become the basis for a decompiler integrated with the radare2 reversing framework. For now it’s a standalone program written in Rust that can read the radare2 code format ESIL. The rough process…

Continue Reading

Update From the GSoC

June 15, 2015 by The Official Radare Blog

The Official Radare Blog

As you know, we have 2 students working on r2 for the Google Summer of Code! As we’re 3 weeks into the Summer, here’s what one of our student, sushant94 has to say about what he’s been working on! It’s been three weeks into GSoC and I’m having an amazing…

Continue Reading

Rebuilding ELF from Coredump

June 6, 2015August 11, 2018 by Reno Robert

Reno Robert

Recovering ELF from memory dumps are not new and are well discussed many times in many places. I have used Silvio Cesare's work [ELF EXECUTABLE RECONSTRUCTION FROM A CORE IMAGE] and code here to rebuild many of ELF metadata along with dynamic linking details. Many of these section headers may…

Continue Reading

Rebuilding ELF from Coredump

June 6, 2015September 4, 2015 by Reno Robert

Reno Robert

Recovering ELF from memory dumps are not new and are well discussed many times in many places. I have used Silvio Cesare's work [ELF EXECUTABLE RECONSTRUCTION FROM A CORE IMAGE] and code here to rebuild many of ELF metadata along with dynamic linking details. Many of these section headers may…

Continue Reading

Radare 0.9.9

June 6, 2015 by The Official Radare Blog

The Official Radare Blog

Today, we’re releasing a new version of radare2, the 0.9.9, codename Almost There. Since you might be a bit too lazy to read every single commit, we’re going to highlight some cool new features! Numbers Thanks to more than 50 contributors who issued something like 1700 commits, here is what…

Continue Reading

Solving ‘int3rupted’ from defcon 2015 qualifier with r2

June 4, 2015 by The Official Radare Blog

The Official Radare Blog

In previous blog posts we’ve shown how radare2 can be useful for exploiting “baby” level challenges. Let’s show how we can use it to find the bug and ultimately exploit a 5 point pwning challenge from the DEFCON 2015 qualifiers! You can find the binary here if you want to…

Continue Reading