Didier Stevens

Tuesday 9 June 2009

Quickpost: Make Your Own Corrupted PDFs For Free

Filed under: Entertainment, Nonsense, PDF, Quickpost — Didier Stevens @ 14:37

In response to Bruce Schneier’s latest post, let me explain how you can corrupt your own PDF documents for free. Open your PDF document with a binary editor, search for references to the root object (/Root), and overwrite the reference (36 in my example) with a non-existing reference, like 00.

20090609-181712

Of course, be careful and make backups first.

Tested on several PDF readers:

20090609-181538

20090609-181556

20090609-181919

Sunday 18 January 2009

Quickpost: Windows 7 Beta: ROT13 Replaced With Vigenère? Great Joke!

Filed under: Encryption, Entertainment, Forensics, Quickpost, Windows 7 — Didier Stevens @ 23:17

Remember that the UserAssist keys are encrypted with ROT13?

In Windows 7 Beta, not anymore! Weak ROT13 crypto has been replaced with “stronger” Vigenère crypto!

The Vigenère key I found through some basic cryptanalysis is BWHQNKTEZYFSLMRGXADUJOPIVC.

To the Microsoft developer who designed this: great joke! You really made me laugh. Seriously. 8-)

And I thought Easter Eggs were banned in Microsoft products. Maybe you don’t think of it as an Easter Egg, but as a programmer, I do. ;-)

20090118-234944

Quickpost info

Saturday 13 December 2008

Identifying Garbage Men

Filed under: Entertainment — Didier Stevens @ 15:23

My guest post over at Pauldotcom:

“Tis the season for tipping garbage men. Here in Brussels, at the end of the year, garbage men would ring your doorbell during their round, presenting you their best wishes for the new year.

This tradition came to an end several years ago. Nowadays, they present you their best wishes when they’re off-duty. And in came a new ID problem…

Monday 8 December 2008

@TweetXmasTree

Filed under: Announcement, Entertainment, Hardware — Didier Stevens @ 20:07

I won’t produce an anti-virus related Season’s Greetings movie, like I did in 2006 and 2007.

But this time, I’ve made you an Xmas Tree you can control via Twitter. However, you’ll have to find out yourself how to control it. ;-)

Happy New Year!

20081208-204318

Tuesday 23 September 2008

CALL -151

Filed under: Entertainment, Nonsense, Puzzle — Didier Stevens @ 10:22

A quiz question for today: what is CALL -151?

Shout-outs to everyone who ever used CALL -151!

Update:

The answer:

Friday 12 September 2008

Second YAISC cartoon

Filed under: Entertainment — Didier Stevens @ 14:13

It’s silly to post this now, but I forgot to mention in my YAISC post that I wouldn’t post my cartoons in this feed.

Monday 8 September 2008

YAISC

Filed under: Entertainment — Didier Stevens @ 17:39

Today I’m starting a new experiment. I wonder if I’ll be funny enough to entertain you.

Wednesday 3 September 2008

Quickpost: PyroMenagerie

Filed under: Entertainment, Forensics, Quickpost — Didier Stevens @ 15:45

Ever noticed a list of exotic animals (Poweroyster, Firebadger, Hypnotoad, …) in your web site visitors list (user-agent strings)?

One of your visitors certainly uses the Firesomething Firefox add-on!

Quickpost info

Tuesday 18 December 2007

Pocket EICAR Test File Server

Filed under: Entertainment, Hardware, Malware — Didier Stevens @ 7:36

Like last year, I produced an anti-virus related Season’s Greetings movie.

The movie is hosted here on YouTube, and you can find a hires version (XviD) here.

Next week, you’ll get the technical details of this pocked web server.

Happy New Year!

Wednesday 31 October 2007

Warclimbing

Filed under: Entertainment, N800, Nonsense — Didier Stevens @ 7:40

I claim to be the first to practice real warclimbing.

My N800 with Kismet running:

warclimbing1.jpg

N800 in the pocket:

warclimbing2.jpg

Starting the climb with Kismet attached to my climbing harness:

warclimbing4c.jpg

Capturing frames at the top:

warclimbing5.jpg

Older Posts »

Blog at WordPress.com.