Archive for August, 2008

XSS in zenbe.com

Sunday, August 24th, 2008

I have just found a very silly xss flaw in the zenbe webmail. You can inject html code in the search field … The problem is that this webmail uses a lot of AJAX and so you can’t use this xss in the normal way.

Here a screenshot

Posted in All days | No Comments »

Virtual Disks infector

Sunday, August 17th, 2008

I have just finished to write an infector for the virtual disks of VirtualBox. Check it and my article.

Posted in All days | No Comments »

A cool exploit

Sunday, August 17th, 2008

I have just seen this exploit on milw0rm.
This trick can be used to run code in ring0 mode …

Posted in All days | No Comments »

Ettercapping …

Friday, August 8th, 2008

I have just finished to code my ettercap dissector to log myspace.com sessions. Check misc section

Posted in All days | No Comments »

Wednesday, August 6th, 2008

From Peter Ferrie:

It’s when a VX group folds, and it has happened again. Twice, even. The day before the “much anticipated” ;-) EOF-DoomRiderz-rRlf group zine was released, rRlf announced that they were disbanding. This is something that we could have guessed anyway, based on the comment in Latin that was posted on their website a few days prior. While I didn’t get a good translation for it, I understood it to mean something along the lines of “I must think about things”.

These days, VX groups are little more than a distraction from our real work. Customers, for the most part, don’t care if – or even that – they exist. With the more strict laws that have come into effect in several countries recently, the binaries have generally disappeared from the sites, leaving nothing for people to submit to us. Of course, there have been occasions when new techniques, developed by the authors within those groups, have been used outside. Consider exceptions as an anti-debugging method, and file mapping for fast infection. Pop quiz: can you name the first virus that used both of those techniques, and when it was written? Answer below.

So rRlf is gone, that was one group. The other? On the day of the zine’s release (which was, incidentally, about the level that we expected from those who remain), DoomRiderz announced that they were disbanding, too. Technically speaking, it was WarGame, as the only remaining member, who made the announcement. However, he is not quitting, he’s just moving back to EOF.

In effect, that leaves EOF as the only “active” group, along with a couple of freelancers like herm1t. With luck, they will run out of ideas to surprise us, and they will quit, too.

The answer to the quiz? Come on, it’s a quiz. This whole entry fits on one screen, it would be even easier than looking in the back of the book. No answers for you.

- Peter Ferrie

Posted in All days | No Comments »