Stream Inspector 0.1 Released

Stream Inspector is a code library + example .exe that will detect a file type based on the contents of the file by using "magic bytes". The code library is intended to be used in other applications such as network sniffers to detect file transfers on the wire. Available now in the SX Labs.

Libhijack 0.5.2 Released

I've fixed a bug with 64bit processes. The bugfix changed the main HIJACK structure, so please rebuild your applications when linking with libhijack 0.5.2. If you don't, you could see mysterious bugs. The Makefile is also dynamic, so now you don't need to edit it if you're compiling on 64bit. Download the tarball from its usual spot on GitHub and on SoldierX Labs.

DES_GEN Proof of Concept Released

DES_GEN was written as a POC for a specific application that shall remain nameless (cough, major firewall, cough). The belief at the company was that cracking DES requires custom hardware (See EFF's US$250,000 DES cracking machine), so the vendor refused to update to newer methods of password storage. DES_GEN is a single threaded x86 based slap in the face for that company (written in perl none the less). If that company is watching - yes, a dictionary file and some fairly weak mutations cracked your root password in 46 minutes. Available now in the SX Labs.

Libhijack 0.5.1 Released

I absolutely love the nature of opensource: anyone can check your code for errors and patch any bugs. After talking a little with a random developer who's interested in libhijack, he found a bug where I'm accessing a variable after calling free() on it. The fix was simple and he provided a patch for it. I'm releasing version 0.5.1 of libhijack today to fix the bug. It's a minor release. I'd recommend everyone to use this release rather than 0.5 formal.

You can find libhijack at its usual spot on SX Labs.

Libhijack 0.5 Released - Live From Defcon 19

Libhijack 0.5 has been released! This is an exciting major milestone release. The major features in this release include:

Uncached function searching
Hijacking within shared objects

This release has broken two external API calls:

MapMemory
FindFunctionInGot

You'll need to pay attention to any code you've written to make sure it still works. The above API calls are completely working, but the function prototypes have changed. I've worked very hard for this release and I hope it's bug-free. I've plugged quite a few memory leaks. Check out the Texts page on 0xfeedface.org's site for the Defcon presentation slides.

Amp Releases Introductory Programming Tutorials

Amp has started to release the first parts of his Basic Programming Concepts Tutorials. I would advise anybody interested in programming (but not familiar with) to check them out. His goal is to keep them language neutral, which I personally feel he has done a good job with. He welcomes suggestions/gripes/etc, so please contact Amp with any comments you may have.

In other news, there is a major VIP release this Wednesday. Please check the VIP forums for more information.

Syndicate content