2009
*sigh* alas poor kindle…
my wife might have a kindle, which i might have bought in the US, which she might have loved dearly.. Buying books might have been possible using the “gift card hack” or the “US Postal Address hack” – but alas! It seems as if i can no longer transfer my money from me to Amazon this way.. Must our beautiful friendship end this way amazon? Will this geofilter come between…
SensePost again accredited as a PCI ASV
SensePost is proud to announce that they have retained their status as an Approved Scanning Vendor for PCI DSS purposes. This letter of acknowledgement was gladly received: Truth be told, we did pop the bubbly for this one.
MS Threat Modeller
Just arbitrary coolness regarding Microsoft’s Threat Modeller. It’s XSS-ible… Since this all works in file:///, not overly sure what the benefits of these things will be, but I suppose since different folks may have different privilege levels for different protocol handlers (ie: file:// http:// etc), one might be able to instantiate previously unusable OCX’es, or even redirect to site for exploiting browser vulnerabilities. Never happened unless there are pictures, so refer…
2 pieces of coolness…
a) was the politely dropped kaminsky firefox bug [http://lists.grok.org.uk/pipermail/full-disclosure/2009-September/070620.html] It still requires a click for command execution, but considering its multi platform firefox ownage sans shellcode, i think its cool.. i think its even cooler that dan dropped it sans any fanfare.. b) has to be Pusscat‘s attack on the SMBv2 Remote bug published on [the VRT blog..] From the post: “we get lucky here as well in that there…
Fasm2009 – Videos online..
The “Fasm conference is an informal meeting of coders interested in x86 assembly programming.” Some of the videos can be grabbed [sp_local|Other] /mh
About:SnowLeopard
Sure it only cost $29, but when you consider the number of people bowing down and thanking our Cupertino overlords you have to consider the following: If the Emperor was given his new clothes today, #emperors_clothes would be trending on twitter (with ppl thanking the tailors for reduced closet space requirements) /mh
MonSoen.py
I was recently playing with a Wingate Proxy server, came across some arbitrary interestingness. So, WinGate proxy includes a remote management agent which is accessed via a client utility called GateKeeper. This allows one to configure the WinGate server across the network. However, its not enabled to listen on the network by default, and only listens on 127.0.0.1:808. From my perusal of the documentation, the remote administrative facility should only be available to…
John Viega’s “the myths of security”.. Really??
i go through a ton of books. Over the past 10 years, this has been dominated by books on computer security, computer science, programming (and some sprinklings of management classics). I generally stay away from writing reviews, but was genuinely suprised at the number of 5 star reviews Viega’s new book had received and felt i had to chime in. I picked up “the myths of security” (what the computer…
BlackHat presentation demo vids: MobileMe
[part 5 in a series of 5 video write-ups from our BlackHat 09 talk, summary here] The final installment of our BlackHat video series showcases weaknesses in the password reset feature for Apple’s MobileMe service as well as publicizing an XSS vulnerability in the application. At first glance the choice of MobileMe may seem arbitrary, but it was useful for a number of reasons. MobileMe is one of the more…
BlackHat presentation demo vids: Amazon
[part 4 in a series of 5 video write-ups from our BlackHat 09 talk, summary here] In the fourth installment of our BlackHat video series, we turned our attention to Amazon’s cloud platform and focused on their Elastic Compute Cloud (EC2) service specifically. Theft of resources is the red-headed step-child of attack classes and doesn’t get much attention, but on cloud platforms where resources are shared amongst many users these…