User:Gotcha

From SecurityForest

E-Mail: nuno.morgadinho@gmail.com (mailto:nuno.morgadinho@gmail.com)

About SecurityForest

Computer Security has always been made of zillion of different sites, archives and mailing lists (e.g. the security-focus bid (http://www.securityfocus.com/bid), attrition (http://www.attrition.org), phrack (http://www.phrack.org), bugtraq (http://www.securityfocus.com/archive/1), etc..)

The time has come to maintain a central information point for research and education on the field. More important, freely (http://www.securityforest.com/wiki/index.php/SecurityForest:Copyrights), under no biased corporation controlling who knows what.

"Isn't it great how the community is so nice in supporting the exploitation and misuse of proprietary exploit source code to further the large companies for-profit endeavours?" by Anonymous

Work Queue

• Payload generator for ShellcodeTree
• Search engine for ExploitTree
• ExploitTree

Blog

Gotcha 07:51, 29 Dec 2004 (IST) Yesterday I finished [datafort's level 3 (http://hack.datafort.net/sourcecode3.html)]. I've been learning a lot with these small challenges and recomend them to anyone interested in security.

Gotcha 01:55, 24 Dec 2004 (IST) Been around trying to exploit the vulnerability present in the [level 2 (http://hack.datafort.net/sourcecode2.html)] of the (now ended) [datafort.net hacking constest (http://hack.datafort.net)]. It's a simple buffer overflow but the sexy part of the problem seems to be passing by the strlen condition. blad3 and I had a lot of fun with this one. We even thought about writing our experience on SecurityForest but I guess it would take the fun of it for the reader.

Gotcha 00:36, 23 Dec 2004 (IST) Local brainstorm against myself about a decent search engine for the ExploitTree. The only similar stuff I know is the bid (http://www.securityfocus.com/bid) and even that is pretty restricted. Something would have to crawl the cvs exploit tree and index the information from time to time. Then the search could be done in a relatively fast time. Search can be done by Vendor, Title, Version, Keyword or Date. I think that would be a good start.

Also, completed my first archive for ExploitTree_Update_Phase_1 but I'am having several questions:

1) Should DoS'es go into the tree as well?

2) There are some .zip files and tar.gz archives inside the archive, what should I do with them? I read only {.c, cc, .cpp, .pl, .py, .sh, .bat, .php, .asp, .inc, .txt, .asm} are allowed.

3) some files are just too strange to make any sense from them (e.g. what do they exploit?), should I just put them in _uncategorized and forget about them or what?

4) Shouldn't a list of possible directories exist instead of each user creating a directory structure that they think makes the most sense?

I'am hoping the rest of the gang can elucidate me..

Gotcha 23:38, 20 Dec 2004 (IST) Some brainstorming with Loni about the ShellcodeTree and about other stuff for SecurityForest. Also, been playing around with linux-vserver's (http://www.linux-vserver.org), a nice project for sandboxing for example.