Recent articles

  1. Ghost in the Shellcode 2014 - fuzzy

    tl;dr - fuzzy is a "super secure parsing engine", that includes a histogram function. The histogram ascii text uses a buffer on the stack, but will increment buckets past the end of the buffer if non ascii text is provided, allowing us to rop. Binary and exploit available here. Cross …

    read more
  2. Ghost in the Shellcode 2014 - gitsmsg

    tl;dr - gitsmsg is a messaging server. A heap overflow led to arbitrary read / write and eventual code exec after circumventing RELRO. Binary and exploit available here. Cross post from PPP blog.

    The program

    First, we reverse engineered much of the binary. You "login" as a user, then can compose …

    read more
  3. Exploiting a Go Binary

    Earlier this year, tylerni7 showed us a proof of concept for a 32 bit Go exploit using this issue. geohot and I had a wager over who could get the first remote code execution on he won, but just barely ;-). Props also to ricky for helping to find the underlying cause/writing the patch. Here is a summary of how we did it.

    read more