Automated FreeBSD (with ASLR) Nightly Builds

I've started doing nightly builds of my FreeBSD ASLR work. The nightly builds are FreeBSD 11-CURRENT/amd64. I also have a pkgng repo with quite a few commonly-used packages (packages that I use on a daily basis). I'm announcing today the public availability of the nightly builds and the pkgng repo. The build runs at 1AM Eastern every night and at the end, the status of the build steps are tweeted to my account. I cannot guarantee the reliability, stability, or security of either the base system or the packages. Run them at your own risk. I run them on four different boxes.

The distribution sets and ISO images can be found here. The pkgng repo can be found here. Please be nice to my limited bandwidth.

jip Retires From SOLDIERX

Effective immediately, jip is now retired from SOLDIERX. I talked to him in great detail the past few weeks and he has requested that I notify the rest of SX that he is retiring. He has desired to take his work further underground and away from the general public. As a result, I will be taking over his work on the VDB and Tutorial Curation for the time being. We wish him the best and hope that he returns to us someday.

HDB Reaches 1,000 Entries

We are proud to announce today that the HDB (hacker database) now has 1,000 entries. Back in January of 2013 when Infosec Institute ran an article about us having the largest database of hackers, we had around 700 entries. We are proud to have grown our database by more than 30% in under a year. Out of the 1,000 entries - 800 of them have photos and 838 of them have real names. We feel it is a great accomplish to have real names and photos for 80% of our entries. We are very thankful to scryptz0 and the rest of the crew that have contributed to make this happen.

Crew Changes

This is a bit delayed due to other priorities, but was decided after our last public IRC meeting. First - Phantasm and neotek will be retiring. Nu11By73 is being removed from the group with cisc0ninja returning to take his place as Tools Curator. Amp has decided to stop being the Presidential Advisor and be the Special Projects Curator. He is going to be taking a stab at OFACE with the help of Jerbo and Kohelet. We're sad to see our numbers reduced by three, but happy that cisc0ninja has finally decided to return to computers.

The Future of libhijack

I was given the opportunity today to purchase a Raspberry Pi. I of course took that opportunity and I'm now a proud owner of a Model B. I've been thinking a lot about how best to use my spare time. I'm burnt out on trying to get shared object injection (without reliance on the RTLD) working. It's a very hard task, one that I simply can't seem to figure out. I've decided to let someone else finish that work. I hope that SoldierX will rise to the task (winking at you, jip) of working on a fun, exciting, but extremely challenging project.

With the insemination of ARM-based devices into consumer electronics, my goal for libhijack is to port it over to ARM with initial support for Linux, then support for FreeBSD. Once that is done, I will retire from the project with the hopes that someone else will take the reigns. I would love to see two things: full shared object injection support and support for Android. Getting generic ARM support is the first step towards the latter goal. I will still act as the project maintainer and will gladly accept and merge in patches and pull requests (albeit with modifications if need be). As always, if you submit a patch or a pull request, you will be recognized and given proper credit, if desired.

To align my spare time with my career goals, I will be focusing on the goals I outlined in my long-term plans blog post. The plans pertaining to libhijack still stand (finishing libhijack), but take on a slightly different meaning. I will consider the port to ARM as a finished product. I plan to also do extensive research into the ARM architecture and dive into Android malware analysis.

xAMNESIAx Promoted to Inductee

Congratulations to xAMNESIAx for being promoted to the rank of SOLDIERX Inductee. After weeks and weeks of hard work on two different proxy projects, he has made enough progress to make it to the next step. He's currently working on "suggest an HDB entry", recruiting, and hacking challenges for training. We hope to see him make it to full blown crew in the near future!

Syndicate content