No CodeGate 2010 CTF final for CLGT
March 20, 2010 by vnsec · 6 Comments
Due to the budget problem, we will not join the final round of CodeGate 2010 CTF in Seoul next month.
Good luck to the other teams and enjoy the game.
-CLGT Team
We got 2nd place at CodeGate 2010 Prequal
March 16, 2010 by admin · 3 Comments
Just a quick post to announce that our CLGT CTF team has finished 2nd place at CodeGate 2010 Capture the Flag Prequal. It was a nice game with some very interesting challenges.
The final ranking could be found here
We will post our write up on our blog soon.
Powered by the buggy Wordpress!
November 28, 2009 by vnsec · 2 Comments
As you may notice that vnsecurity.net server has been taken offline since the beginning of last week for the server upgrade. Our new server has a much better HW specs compare to the old one.
We’ve also replaced the great Plone/ZODB/Python with the buggy Wordpress/Mysql/PHP for our website. I myself really like the Zope Workflow and Zope Object Database with the great fine-grained access control but many members doesn’t like Plone and it’s a bit slow especially on a few years old HW with only 1GB RAM (there were 03 Plone’s instances running for vnsec, vnsecon and vithon.org websites which used all of the 1GB memory).
I don’t trust PHP & PHP Apps. Wordpress/PHP, with a massive number of security bugs in the past, makes me feel unsafe :). Secunia has a good list of WordPress 2.x vulnerabilities and 07 bugs are still unpatched.
But on the other side, WP has some really nice plugins and themes which save my time. It’s like replacing the great & responsible old lady babysitter to a new sexy but “dangerous” young college girl. I hope that some additional protection layers and access restriction to the backend would help to save my a$$ from WP’s bugs.
Cheers!
SMM rootkit PoC demo at Black Hat 08
May 13, 2008 by RD · Leave a Comment
Với kiến trúc IA32/64, để thay đổi SMI handler (cho rootkit) có thể patch BIOS code hoặc thay đổi trực tiếp từ SMRAM nếu D_LCK bit không được set hoặc tận dụng lỗi của CPU/Chipset/BIOS cho phép truy cập vùng nhớ SMRAM. ITP (In-Target Probe) cũng có thể được dùng để thay đổi SMRAM hay debug SMI handler. Theo thông tin được biết từ tác giả của SMM rookit sẽ trình bày tại BlackHat 08 sắp tới thì họ tận dụng lỗi cũ được công bố năm 2006 khi BIOS không khóa vùng nhớ SMRAM. Duflot đã trình bày việc tận dụng lỗi này để phá lớp bảo vệ của OpenBSD secure levels tại CanSecWest 2006. BSDaemon cũng đã đề cập một phần về chủ đề này tại VNSECON 07 và viết một bài nghiên cứu về việc này trên Phrack Magazine.
Yuriy của Intel cũng sẽ trình bày tại BlackHat 08 sắp tới một giải pháp để phát hiện virtualization rookit sử dụng bộ vi xử lý riêng nhúng trong MCH. Giải pháp này cũng có thể được sử dụng để phát hiện SMM rootkit.
Links:
- Hackers Find a New Place to Hide Rootkits
- BlackHat USA 08
- Security Issues Related to Pentium System Management Mode
- VNSECON 07
- System Management Mode Hack – Using SMM for “Other Purposes”
GSM Monitoring & A5/1 Cracking
February 22, 2008 by RD · Leave a Comment
Hulton & Steve have presented the new fast & cheap method of cracking A5/1 GSM encryption this week at BlackHat DC Security Conference 2008. This is the result of Cracking A5 and GSM scanner project which has been presented at VNSECON 07 by Steve last year.
FYI, GSM monitoring system has always been there for a long time. However, those devices are very expensive (few hundred thousands to millions USD depends on capabilities, number of channels, antenna,…) and only available to government agents.
Links:
- http://blog.washingtonpost.com/securityfix/2008/02/research_may_spell_end_of_mobi.html
- http://www.blackhat.com/html/bh-dc-08/bh-dc-08-speakers.html#Hulton
- http://wiki.thc.org/gsm
- http://wiki.thc.org/cracking_a5
- http://conf.vnsecurity.net/program
