Qo[w|m|?]
QoW: Software Reversing and Exploitation
I’ve developed a FTP like multi-threaded server application as a target for this challenge of the month. It has been coded in c and compiled by VC++ 2008. This is a three step challenge: Step 1- Find the correct “passphrase” format to logon to the server and get the “Access Granted” message. (You may use a debugger like Ollydbg to do Live RE for this step). Step 2- Do vulnerability…
Sorting your shoes like a whore!
(my first X-Rated blog post.. i should hook up ad-words and watch the money roll in!) Ok.. our Zimbabwean recruit was posed the following question by some international academics: Q:”How would you sort your shoes?” He answered: A: “I make the assumption that the shoes are positioned such that I can see their sizes, and that they are in a row of boxes. I would randomly pick a pair of…
HTTP-Mangler QoW…
Many people took a crack at “what tool will work to replace mangler, out of the box” and so we have a bunch of new tools to play with.. Steven’s answer of MS-Word or PowerPoint left us scratching our heads a little, and rezn threw in the added complexity of the app requiring valid certs.. (to answer rezn, i think you could avoid the SSL complications with judicious use of…
QoW 1 answered; Qow 2 released
A little while back we published our first public QoW for your abuse and enjoyment, and the time to close it is ………. now. The new QoW is available here. Thanks for the efforts; we received a fair number of answers and are still figuring out how to go about recording your submissions. For now, we’ll publish the first correct answer, and discuss the answer in brief. Over to Haroon:…
Page 1 of 1