SOLDIERX.COM Nobody Can Stop Information Insemination

The latest tutorial, with the ultimate goal of teaching young, impressionable minds how to highjack control of a vulnerable process has been posted.

Introduction to Debugging has been posted for your learning pleasure!

Learn how to use fuzzing basics and a debugger to find out where your overflows are hitting.

SOLDIERX proudly presents the official 2011 Programming Contest. This contest will run from November 01, 2011 until December 31, 2011. At the moment the winner of this contest will get free VIP and a shirt. If we get enough entries, the prize will be much larger This one looks to be particularly interesting, involving implementing your own AI using a battle framework that Kayin wrote. Please check it out and compete!

Due to the explosive growth of SOLDIERX over the past two years, we've been hearing from more and more of our old friends and crew. After CriticalMass failed to deliver on his promises, we became very hesitant when old crew members asked to get back into the group. Unlike CM, Phantasm put his money where his mouth was and sent us a new tutorial on fuzzing. I must say that this tutorial is an awesome introduction to fuzzing. With that being said, please welcome Phantasm back into the crew (Oh, and read his Fuzzing Basics Tutorial while you're at it).

I think I speak for all of us here at SOLDIERX by saying that it's an honor to have Phantasm back in the group. We look forward to his future works and accomplishments!

Mission 1 has still not been solved, so I have decided to give everybody a major hint. I disclosed this hint to cisc0ninja about a month ago, but he asked that I give him a month to solve Mission 1 before releasing the details to everybody. A month has come and gone, so here is the hint (also located at https://www.soldierx.com/CryptographySteganography-Cracking-Contest-2011):

The stream of data should yield two files.
The md5 hashes (to check your work) are:
62b7f5c4ffb1e3924af9348b1f6f3016
f805668e2e0e7e536b35a00d6626975b

Please submit the files to me when you've solved Mission 1 to get your handle up there!

Due to a massive power outage, our site went down last night around midnight EST and did not come back up until around 9:30am this morning. While we were able to keep the server up due to battery backup systems, our internet provider also lost power. Please bear with us as we do maintenance related tasks and tests to our server to ensure that no data loss occurred. Please note that VIP activities scheduled for today will be delayed until tomorrow. In other news, we're still waiting to hear some ideas on the programming contest. Please chime in!

We are ironing out the final details on our 2011 Programming Contest. If you have any ideas that you think we should use, please contact me or leave a comment on this news post. We are planning to make the 2011 Programming Contest fairly open ended, but we could also make it challenge driven (plus story line) like the Cryptography/Steganography Cracking Contest. Speaking of the Cryptography/Steganography Cracking Contest, nobody has even completed Mission 1 yet. I have had serious submissions from twelve different people on Mission 1, but none of them were correct. Is anybody out there up to the challenge? If you know any ninjas, please tell them about our challenge. I didn't create it so that it could go unsolved...

SOLDIERX proudly presents the official 2011 Cryptography/Steganography Contest. This contest will run from August 30, 2011 until December 31, 2011. At the moment anybody who can complete all of the challenges of this contest will get free VIP and a shirt. If only one person is able to complete the contest, we will be awarding a large prize (to be disclosed in the future). While multiple people may complete the contest, we think there is also the possibility that nobody will complete the challenges. Seriously, this is the toughest contest that SX has ever had. Please check it out by visiting https://www.soldierx.com/CryptographySteganography-Cracking-Contest-2011. If we have enough interest in this contest, we will create similar contests covering other areas of computer security.

Stream Inspector is a code library + example .exe that will detect a file type based on the contents of the file by using "magic bytes". The code library is intended to be used in other applications such as network sniffers to detect file transfers on the wire. Available now in the SX Labs.

I've fixed a bug with 64bit processes. The bugfix changed the main HIJACK structure, so please rebuild your applications when linking with libhijack 0.5.2. If you don't, you could see mysterious bugs. The Makefile is also dynamic, so now you don't need to edit it if you're compiling on 64bit. Download the tarball from its usual spot on GitHub and on SoldierX Labs.

DES_GEN was written as a POC for a specific application that shall remain nameless (cough, major firewall, cough). The belief at the company was that cracking DES requires custom hardware (See EFF's US$250,000 DES cracking machine), so the vendor refused to update to newer methods of password storage. DES_GEN is a single threaded x86 based slap in the face for that company (written in perl none the less). If that company is watching - yes, a dictionary file and some fairly weak mutations cracked your root password in 46 minutes. Available now in the SX Labs.