I quickly developed a dll that kills calc.exe when started from anything else than explorer.exe.
This way, you can mess with all those PoCs that launch calc.exe 😉
nocalcpoc_V0_0_0_1.zip (https)
MD5: 05798543571B45E19536181DC7346330
SHA256: ED0FEDC6096420F6F09F4980A1CE36F7C4BC0A8C9191F4DFC27FA4C77D547976
In response to Bruce Schneier’s latest post, let me explain how you can corrupt your own PDF documents for free. Open your PDF document with a binary editor, search for references to the root object (/Root), and overwrite the reference (36 in my example) with a non-existing reference, like 00.
Of course, be careful and make backups first.
Tested on several PDF readers:
This useless Python program is the result of some lazy Sunday coding. It will create random tweets based on a template file. You could use it to try to protect your privacy on Twitter by disinforming potential data miners.
Will I use it for my Twitter account? No, I don’t need a program to disinform 😉
Each time you run the program, it will post one random tweet. This tweet is generated from a templates file. Each line in the templates file is the template for a tweet. You can use variables (between curly braces, example: {location}) in the templates to increase the number of possible tweets. Variables and their values are also stored in the template file, after the template lines. Your template file must allow the program to generate at least 2 different tweets, because it generates a tweet different from the last tweet.
The program requires the twitter module, itself requiring the simplejson module.
And you need to create a credentials file (disinformational-tweets.cred) with the Twitter credentials of the account for which the program has to generate random Tweets. The first line of the credentials file has to contain the username, the second line has to contain the password.
A Firefox plugin to generate these tweets would probably be more ‘useful’, but hey, it’s a lazy Sunday.
Download:
disinformational-tweets_v0_0_1.zip (https)
MD5: 36CDB584634ED299E7ACE0D64E846003
SHA256: C5FCE76443549C3A8882B799B6F7A754EF6AEE5F11F3E94FF255EE541205C17B
A quiz question for today: what is CALL -151?
Shout-outs to everyone who ever used CALL -151!
Update:
The answer:
My new stickers arrived today:
From now on, winners of my little puzzles can expect a little prize (I’ll contact winners of past puzzles)…
A colleague challenged me, half jokingly, to perform a code review of the Linux kernel. I took his challenge: I downloaded the latest stable kernel sources and used a state of the art static code checker (grep -hEir “hack|crack|backdoor|keygen” *).
I located a couple of backdoors:
Some cracks:
And even some keygens:
And the number of hacks was countless (1000+), here is a selection:
I claim to be the first to practice real warclimbing.
My N800 with Kismet running:
N800 in the pocket:
Starting the climb with Kismet attached to my climbing harness:
Capturing frames at the top:
I followed a link from a comment spam I had on my blog. Turns out my machine is infected:
This is really disappointing, I didn’t expect my brand new Linux-based Nokia N800 to get infected so soon:
Now that Security Monkey has announced his retirement from the blogosphere, I can reveal his true identity:
We all know the problem, you’ve set-up a running light as Christmas decoration, and then a kid starts changing the patterns you’ve programmed.
But not anymore, I’ve made a running light with security: you need a PIN to access the configuration switches!
The movie is hosted here on YouTube, and you can find a hires version (XviD) here.
Joking aside: I got a set of E-blocks from Matrix Multimedia for Christmas.
E-blocks are a suite of small circuit boards each of which contains a block of electronics that you would typically find in an electronic system. Each E-block performs a separate function as either an input sub-system, an output subsystem or a processing subsystem. E-blocks are connected together using 8 wire buses on 9 way D-type plugs and sockets.
My microcontroller is an ARM board. I develop the embedded programs on my laptop in C/C++, and then transfer the executable to the ARM’s flash memory via USB. Once programmed, the ARM executes the program independently, my laptop is disconnected.
To familiarize myself with the E-blocks, I started programming some simple applications, like a running light. And after that, just for fun, I added security…
Didier Stevens 