In our “New ways I’m going to hack your web app” talk, one vulnerability example we had was with wordpress. There were three pieces to the attack 1) uploading an xsl file, 2) uploading an XML file that applied the XSL transform and 3) tossing the cookie up to execute script cross domain. Nicolas GrĂ©goire watched [...]
I thought about starting a new blog, it’s been that long. Giving our talk, “New ways I’m going to hack your web app” at Bluehat 2011 was awesome. I practiced so much that everything just went well. Unfortunately I managed to forget a ton of it for 28c3/Blackhat and I spoke way too fast (I [...]
This is an update to http://webstersprodigy.net/2010/07/07/pydbg-reverseme-solution/. I change a register now to circumvent the isdebuggerpresent call.
Last week I wrote a keygen here: http://webstersprodigy.net/2010/06/22/reverseme-windows-keygen/. This is an almost identical problem, but the binary has been patched to allow debugging (I may do this programmaticly as well, but not yet). I wanted to solve this with programmatic debugging. Here is the exe: Ice9pch3. The code simply sets a breakpoint and prints the [...]
No computers were harmed in the 0.184 seconds it took to produce this page.