Forgot your password?
typodupeerror

Comment: Re:WordPad exploitable? (Score 3, Informative) 292

by Surreal Puppet (#26065663) Attached to: Oops! Missed One Fix — Windows Attacks Under Way

This type of bug relies on "glitches" in the memory management (simplifying it a bit...) of the program, not on any high-level misses in the actual mechanisms of the code. Any program written in a programming language without automatic memory management can be exploited in this way, if the programmer "misses his step" somewhere. They can also be devilishly hard to find, because data can be structured and handled in memory in very complex and abstract ways.

Hardware Hacking

An Open Source Coffee Machine 99

Posted by timothy
from the quite-entirely-unlike-tea dept.
An anonymous reader writes "The Open Source Coffee Machine [video link] is a recycled coffee machine, controlled by a PC running Beremiz, and using some MicroMod CANopen I/O nodes from Peak-System. This machine have been prepared by Peak-System and Lolitech for SCS-Paris-08 exhibition. It served free coffee during four days at Peak-System's booth, and has been donated to IUT of Saint-Dié-des-Vosges, France, so that students can have fun practicing automation."

Comment: Re:It's not just miles ahead of the competition... (Score 1) 125

by Surreal Puppet (#26038795) Attached to: Nmap Network Scanning

A point is that one of the more useful basic features of NMap, the SYN partial-handshake scan (default when run as root) can't be replicated by nc. It always leaves marks in connect logs. Hping can replicate that feature though: "hping -8 -S known host.com" will SYN scan all ports listed in /etc/services on host.com

Comment: It's not just miles ahead of the competition... (Score 2, Informative) 125

by Surreal Puppet (#26038229) Attached to: Nmap Network Scanning

NMap is the best there is, period. There's not even specialist scanners that can up it's features, especially since you can set packet flags manually in the more recent versions. It really, really fills it's niche. I use it all the time in my daily life just for benign remote service discovery, and I assume many people do too. I've never had anyone complain about it either.

Comment: Re:Idiotic (Score 1) 320

by Surreal Puppet (#26034809) Attached to: Is There a Cyberwar, and Is the US Losing It?

Okay, i stand corrected. The attack described in that article is obviously a professional targeted heist, especially considering the 0day. Just out of curiosity, how was the attack discovered? It should be quite possible to pull off that kind of attack without discovery even considering the spamming (injecting rookits with steganographic connect-back using dual-stage shellcode and making the website look like harmless viagra spam, assuming that the "unknown vulnerability" is a normal client memory corruption class of vuln). How do you know more subtle attacks aren't passing under your radar?

Comment: Re:Wireless attack platform, yessire. (Score 1) 219

by Surreal Puppet (#26032811) Attached to: Google To Sell Truly Open Android Dev Phone

This and it's descendants is going to be really useful for hacking/pen testing. It's the perfect platform model for wireless attacks. Imagine walking through a crowd with one of these in your pocket, compromising computers and phones as people stream around you. Or, you could use it as a deniable relay, penetrating a 802.11 network via a cell connection to the phone. Or as a http://en.wikipedia.org/wiki/Jack_Box, enabling control of a rootkited server via a cell connection. That kind of stuff will be a lot easier to pull off with this kind of platform. Yes, i have a perverted mind. *sigh* But i think people with similiar minds will put this one to some real clever uses. I mean, all the heavy computing can be moved to a host behind TOR hidden service, or in a "bulletproof" country.

Whoopsie, I posted anonymous for some reason?

Comment: Idiotic (Score 5, Insightful) 320

by Surreal Puppet (#26031861) Attached to: Is There a Cyberwar, and Is the US Losing It?

The "masses of probes" are just normal automated botnet attacks, and the "unidentified attacks" are probably just unwashed masses of skiddies. If you want me to believe that a real cyberwar (in this case more aptly named "computer espionage") is up and going you better give me or assure me that you have some sort of evidence (like captured transmissions showing that the attackers know what they are looking for in terms of intercepted/exfiltrated data) showing that you're actually being attacked by foreign governments or skilled people with an actual terrorist agenda. There is nothing in TFA except buzzwords, hyperbole and "x declined to comment".

For every bloke who makes his mark, there's half a dozen waiting to rub it out. -- Andy Capp

Working...