I am reading on Source Code Auditing in the Shellcoder’s Handbook ed. 1 — Off-by-One vulnerabilities. in SPARC’s big-endian systems, they are not a real threat according to the handbook. They are still part of my research and apply to little…
I am reading on Source Code Auditing in the Shellcoder’s Handbook ed. 1 — Off-by-One vulnerabilities. in SPARC’s big-endian systems, they are not a real threat according to the handbook. They are still part of my research and apply to little…
After patching my /bin/bash with https://shellshocker.net/ scripts, I noticed some odd things. When I did an ssh -X, I would see this: Then X would start up after performing an X app, and I would get this in XQuartz: Then, quartz…
Okies, so if you haven’t heard, I am hacking the Sun Blade 150, it’s a machine at school they still run that’s 10 years old. Pathetic. But it’s a good challenge for me to conquer and learn about operating systems…
I am reading the book Solaris Internals 1st edition where majority covers Solaris 7. I maintain this blog post as a place to show the differences I have found along the way. Solaris 7 data structure for an address…
Some grep things that I found handy: Seriously. So yummy. Some handy things that I’m using right now. -A, -B, -C print an arbitrary number of lines After, Before, or Before/After the matched string line. Super cool. –no-filename, -h Handy…
I am learning from the first edition of Solaris Internals, where the following is stated, talking about a user process: “Initially, a single page is allocated for the stack, and as the process executes and calls functions, it pushes the…
Find all Suid programs on disk Example Output I love it!! It led to me find this gem on the server: FMI: we notice that some binaries are different size: The added module.. What’s gecos? Turns out that this is…
2 References have been doing me wonders for learning about Solaris kernel hacking. I definitely am leaning towards looking for exploit in the Solaris 8 kernel. A slab overflow. Learning about the Solaris memory architecture is important. The following: 1)…
The hype around the ShellShock bash exploit is circulating everywhere. Some have proven methods of: BAD DHCP server Remote code execution in CGI scripts However, most research suggests that the SSH daemon is only susceptible to the shell shock exploit…
I designed this during my activity analyzing exploiting a sensitive buffer overflow on the SPARC architecture. It suits my needs, and I like publicizing to my blog posts. It makes backup of my data and knowledge base. So I like…