I've been extremely busy these past few weeks to bring SoldierX a slice of awesomeness. Early on in the ASLR project, SoldierX graciously donated a sparc64 and later a BeagleBone Black. We've been able to identify a few (still outstanding) issues on ARM with our ASLR implementation. Our implementation would not be as stable, robust, or feature-complete today if it weren't for SoldierX's sponsorship and donations. It is with tremendous excitement that today I'm announcing the launch of the HardenedBSD project.
The HardenedBSD project aims to enhance FreeBSD's security by adding many exploit mitigation technologies and upstreaming those enhancements directly to FreeBSD. You can think of HardenedBSD as more of a staging area for bleeding-edge development of exploit mitigation, hardening, and other security-related technologies for FreeBSD. Once ASLR is feature complete and fully upstreamed (including integration with the Ports tree), I'll port certain security features from the Grsecurity Linux kernel hardening patch.
Please keep in mind that we're still in the early stages of getting everything set up. I'm building our first official package repo as we speak (with more than 20,000 packages, it takes a lot of time). Please give it a spin.
Amp here, I figure I should give a quick update and mention that DEF CON is this week and as mentioned before, we will be firing on all cylinders. Blake and cisc0ninja will be presenting this year and covering practical DDoS defense. In addition, I will once again represent our crew as a part of the Hackers Against Humanity tournament. For those attending, look for the SX shirts as they may lead you to one of the crew members.
Introducing ASLR For FreeBSD
10 July 2014
[ 1. Introduction ]
Security in FreeBSD is based primarily in policy-based technologies. Existing
tools such as jails, Capsicum, vnet/vimage, and the MAC framework, can make
FreeBSD-based systems quite resilient against attacks. FreeBSD lacks basic
low-level exploit mitigation, such as Address Space Layout Randomization
(ASLR). ASLR randomizes the address space layout of an application, making
exploitation difficult for an attacker. This paper and the associated
implementation aim to provide a secure, robust, extensible, and easily-managed
form of ASLR fit for production use within FreeBSD.
Kohelet has just posted his first tutorial, Teach Me How To Reverse (Part 0). It covers patching an unpacked binary to bypass a password requirement. This should be the first of a series of reverse engineering tutorials from Kohelet. If you're interested in reverse engineering - you should definitely give it a look. It even has pictures
In other news, we've created a "SX Archives" section and will be moving old content there in an effort to reduce site clutter. We will also be adding old content that has previously been removed to this archive section as well. Overall, this should be a great way to access content that is no longer relevant or up to date enough to be on the main sections of the site.
It is with great honor that I would like to announce the New Order's decision to promote lattera to the status of High Council member of SOLDIERX. He will be taking Kayin's position of High Council member in charge of Research and Development. During the past year, lattera has worked night after night getting ASLR support on FreeBSD. He's also spent considerable work planning and delivering speeches about his research. He's done all of this in the name of SOLDIERX, which has really helped to give us a more positive public image. As a result, we feel that lattera is the perfect replacement for Kayin in the High Council. We hope to see even more positive changes come to SOLDIERX as a result of this organizational change. As with all members promoted to the status of High Council, we hope that lattera will continue his efforts and show the same enthusiasm and workmanship that he showed during his regular crew status. Congratulations lattera!
Kayin will be retiring from the crew rather than stepping down to regular crew. We wish him the best on his endeavors and thank him for his years of service to our group.
xAMNESIAx has posted his first tutorial, Buffer Overflow Exploitation for Beginners. It's not near as extensive as jip's Stack Smashing on a Modern Linux System Tutorial, but it's a nice tutorial for people who aren't interested in modern exploitation and would rather have a simpler look at older unprotected systems. It's worth a look if you're interested in buffer overflows, but have found previous tutorials to be a bit too challenging or involved. We hope to have xAMNESIAx work with other members of our crew to revamp and expand the Neophyte's Guide. In other news, OFACE has been released to all VIP members.