Rodney Campbell's Blog

2006.10.31 Daily Security Reading

by on Oct.31, 2006, under Security

User tricks, security treats

Thirteen malevolent spirits may haunt the halls and cubicles of your company, and if you’re going to scare them into security compliance you may need to get a little bit spooky yourself.

Metasploit Version 2.7 Released

The Metasploit Framework is an advanced open-source platform for developing, testing, and using exploit code. This project initially started off as a portable network game and has evolved into a powerful tool for penetration testing, exploit development, and vulnerability research.

USB Hacksaw and USB Switchblade from Hak5

The USB Hacksaw is an evolution of the popular USB Switchblade that uses a modified version of USBDumper, Blat, Stunnel, and Gmail to automatically infect Windows PCs with a payload that will retrieve documents from USB drives plugged into the target machine and securely transmit them to an email account.

Future-proof your IT security

Small, targeted incursions are the next wave of attacks compromising enterprise networks.

Backdoors and Holes in Network Perimeters (pdf)

A Case Study for Improving Your Control System Security.

How Encrypted Binaries Work In Mac OS X

By now we know that OS X uses encrypted binaries for some critical apps like Dock, Finder and LoginWindow. Amit Singh explains the implementation of this protection scheme which makes use of the AES crypto algorithm and a special memory pager in Mach. The so called Do Not Steal Mac OS X (DSMOS) kernel extension helps along the way by decrypting things for the special pager when apps get executed. A funny thing is that if you print the pointer at address 0xFFFF1600 in your own app you get as output Apple’s karma poem for crackers! According to the article there are 8 protected binaries in OSX including Rosetta and Spotlight meta data demon. Interestingly Apple’s window server is NOT one of those.


Comments are closed.

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Copyright © 2015 Rodney Campbell

Images contained on this web site may not be used or reproduced in any way without prior permission.