Exploit Exercises - Nebula 02

2 minute read Dec 3, 2011 Comments
In this challenge, we’re again provided with the source code to the vulnerable program. Only this time, they’re not loading the “echo” program from the environment’s path. #include <stdlib.h> #include <unistd.h> #include <string.h> #include <sys/types.h> #include <stdio.h> int main(int argc, char **argv, char **envp) { char *buffer; gid_t gid; uid_t uid; gid = getegid(); uid = geteuid(); setresgid(gid, gid, gid); setresuid(uid, uid, uid); buffer = NULL; asprintf(&buffer, "/bin/echo %s is cool", getenv("USER")); printf("about to call system(\"%s\")\n", buffer); system(buffer); } What I did initially notice here, is that the “USER” variable is being called directly from the environment.
Read more Nebula wargames linux exploit-exercises hacking

Exploit Exercises - Nebula 01

2 minute read Dec 2, 2011 Comments
Continuing from my previous post, I started tinkering with the next Nebula wargame: Nebula 01. This one gives you some C code, which has a bug in it. You have to exploit that bug. #include <stdlib.h> #include <stdlib.h> #include <unistd.h> #include <string.h> #include <sys/types.h> #include <stdio.h> int main(int argc, char **argv, char **envp) { gid_t gid; uid_t uid; gid = getegid(); uid = geteuid(); setresgid(gid, gid, gid); setresuid(uid, uid, uid); system("/usr/bin/env echo and now what?
Read more Nebula wargames linux exploit-exercises hacking

Exploit Exercises - Nebula 00

2 minute read Dec 1, 2011 Comments
Recently, I’ve been getting more and more back into computer security, one of my favorite topics. Part of this is research, and part is more practical, such as wargames or labs. One newer wargame that I’ve been playing is called “Nebula”, from the guys over at Exploit-Exercises. If you’re interested in security, please check out their site, as well as many other wargames. If this goes successfully, perhaps I’ll start going through my notes of otherwargames, publishing them as well.
Read more Nebula wargames linux exploit-exercises suid hacking

Fogbugz VIM Scrolling

1 minute read Nov 30, 2011 Comments
At work, we use FogBugz for our trouble tickets, and internal tracking. We sometimes have some really long cases, so to make it easier to navigate through them, we wanted to be able to push a button to go to the next action event on the ticket. I started writing a GreaseMonkey userscript, and with some suggestions from coworkers, made one that used the vim up and down navigation keys (j and k) to navigate and highlight through all the action events.
Read more userscript vim greasemonkey fogbugz

Finding DLL files in the GAC

1 minute read Oct 14, 2011 Comments
So last night I was working on a project where I needed a specific version of a .net assembly that was installed somewhere on my system, but I could not locate it by a common search. Whenever I would open up C:\Windows\Assembly\ I could see the file and the multiple versions that I had installed. However, from that window, you can not copy the files out. All I wanted, was to copy the file to my local source branch, and include it in source control.
Read more dotnet gac windows assembly

Sprint iPhone 4S pre-order fiasco

5 minute read Oct 7, 2011 Comments
So like many people, I wanted the new iPhone 4S. Since the wife unit is on Sprint, and I’m on AT&T, we started looking at plans. Sprint offers a nicer family plan and lets her upgrade to a smartphone, while letting me have the iPhone. So we decided to make the switch, and do the pre-order. I called last night to verify the ordering process, and make sure that I could still get the $200 price while not using her upgrade credit.
Read more rant fail ui sprint iphone

Origin of the name "Pentium"

1 minute read Sep 2, 2011 Comments
I was reading about x86 assembly, and stumbled upon the origin of the name “Pentium”. I never knew it was due to course disallowing the trademarking of the term “80586”. Tons of good info can be read here: http://en.wikipedia.org/wiki/Pentium
Read more TIL

Installing Guard gem causes tests to fail - Solved

1 minute read Aug 18, 2011 Comments
I was tinkering with a new rails application, using RSpec2 and Cucumber for my testing. I was able to run all my tests by typing: rake spec rake cucumber This worked perfectly, but every time I’d make a change, I’d have to run both commands. So I looked into the Guard gem, after watching the excellent RailsCast by Ryan Bates. I started by adding to my gemfile: gem 'guard-spork' gem 'guard-rspec' gem 'guard-cucumber' Then to configure guard, I ran:
Read more rspec rails cucumber

Poor UI Experience

2 minute read Aug 17, 2011 Comments
I was recently signing up for about.me because it sounded like a neat little simple blurb about yourself. When trying to sign up, after entering my email address, and password, I was brought to a page asking for some basic info. However, I couldn’t figure out how to submit it. I was given this error: I filled out all the required data, and left the optional parts empty. However, it wouldn’t submit.
Read more browsers testing ui

Cucumber testing woes - spaces

1 minute read Aug 16, 2011 Comments
So I’m working along, writing my tests, and I run into an issue where my Cucumber test is failing. I go to check it out, and see why. This is what I see: I’ve slightly outlined the relevant data in yellow. I went back, and copy/pasted the data from the creation from my factories, to the expectation of text. It still gave the same error. I was dumbfounded, as I can clearly see the exact same text in my “And I should see” as well as the actual results.
Read more fail rails cucumber tdd html
Page 8 of 8 5 6 7 8