Place Holder Products Code
Bash MySQL
Notes Return of the Fed Login
Admin Control Panel Email Control Panel Product Control Panel Debug Info Beacon Create Snippet Tag Control Panel

m7c1

Much by way of discourse, some by way of advice; security from Clausewitz to Fancy Bear.
Buffer Overflow 0x02: Storing Shellcode in an Environment Variable
Buffer Overflow 0x02: Storing Shellcode in an Environment Variable

Last time we visited this topic, we made use of a large buffer to place our shellcode in the process' memory.  This time, we don't have such a large buffer, and so won't be able to simply inject the code we want to execute via the program's input.  Instead, we'll place our shellcode in an environment variable.

Posted by Will - February 17th '20
The 2007 Estonian Cyber Incident: A Digital People's War
The 2007 Estonian Cyber Incident: A Digital People's War

On the night of April 27th 2007, a statue was removed from a busy intersection in the middle of the Estonian capital of Tallinn, and relocated to a military cemetery a short distance away.  Beneath the statue were the graves of a number of Red Army soldiers who perished in World War II.  The incident touched off several days of riots in Tallinn, and sparked what later became known as 'Cyber War I’.[1]  Though for all intents and purposes the relocation of the statue was a classically political move, several factors specific to Estonia and the era made it unique.  We’ll first consider the classical elements, and then unique features, and finally interpret it in terms of securitization.

Posted by Will - January 6th '20
Meuller's Bears: Russian Hacking and the 2016 US Presidential Election
Meuller's Bears: Russian Hacking and the 2016 US Presidential Election

On December 23rd, 2015, nearly a quarter-million Ukrainians unexpectedly lost power.226  In the aftermath of what is thought to be the first wide-spread attack on power infrastructure, US investigators determined that the same BlackEnergy malware that was involved in the Ukrainian disruption was present in “numerous industrial control systems (ICSs) environments”in the US.227  It appeared to US cyber officials that the“sophisticated malware campaign” responsible for the software’s presence had been running since 2011.228  David J. Weinstein, who worked at the US Cyber Command from 2010 to 2013 and was quoted in a recent NY Times article on developments in offensive US cyber activities, likened the 2015 Ukrainian event to crossing the Rubicon.229, 230  In invoking the solidification of Caesar’s power and accompanying death of the republic, Weinstein manages to at once suggest the seminal nature of an attack on power-infrastructure, and the difficulty inherent in identifying any single event as a beginning. The prosecution of a large-scale cyber campaign with potentially lethal capability, fatalistically supports the former suggestion.

Posted by Will - November 25th '19
Buffer Overflow 0x01
Buffer Overflow 0x01

A buffer overflow is one of the oldest tricks in the book.  The NSA was performing them in the 70s, and they continue to be a problem today.  As we'll explore here, they result from an interaction between inappropriate assumptions and the way modern operating systems function.  In this tutorial, we'll cover a very simple example of how the execution of a poorly coded program can be subverted to give control over the system it's running on.

Posted by Will - October 24th '19
The Morris Worm
The Morris Worm

    Robert Tappan Morris, the son of Bell Labs researcher and National Security Agency (NSA) computer specialist and cryptographer Robert ‘Bob’ Morris, was born in November of 1965 in rural New Jersey.  Bob and his wife Anne were pragmatists, growing their own food when it became expensive, preferring to use hand-me-down appliances and repair them instead of purchasing new ones, and accepting television into the living room after determining their then six year-old daughter to be “mass-culture ‘illiterate’” (Hafner & Markoff, 1995, p.272). Young Robert read voraciously, finishing the complete Lord of the Rings trilogy in third grade, and distinguished himself in school: a slump in grades correctly attributed to boredom was remedied by having him skip fifth grade entirely.  Robert continued to excel academically, and soon became interested in his father’s line of work, especially what we might now term ‘systems security.’ As a teenager, his study of the Unix operating system lead him to uncover a flaw that allowed privileged access to one machine to provide privileged access to any networked machine.  After exploring a little, he told the Bell scientists about his discovery and they fixed the vulnerability.

Posted by Will - August 23rd '19

Search

Popular Posts