blackhat defcon

Http://ddeville.me/2015/08/using-the-vmware-fusion-gdb-stub-for-kernel-debugging-with-lldbHttp://ddeville.me/2015/08/kernel-debugging-with-lldb-and-vmware-fusion79297177https://media.defcon.org/DEF%20CON%2025/DEF%20CON%2025%20presentations/ Defcon-25-min-spark-zheng-macos-ios-kernel-debugging.pdfHttps://theori.io/research/korean/osx-kernel-exploit-1 Method One: Lldb+vmware FUSION+KDK preparation work 1. Install the LLDB on your Mac (install Xcode

surprise, "a digitally signed driver can be loaded by Vista" is not a great defense against the Rootkit class. At last year's Blackhat meeting, a researcher had demonstrated that the VISTAX64BETA2 version of the disk was modified to load an unsigned driver, although the vulnerability was later replaced by Microsoft, However, it has been stated that it is not impossible to break through Vista driver-loading management by technical means. But a better

function 1, Morphologyex Advanced morphological transformation void Cvmorphologyex (const cvarr* SRC, cvarr* DST, cvarr* temp,iplconvkernel* element, int operation, int iterations=1);SrcEnter an image.DstThe output image.TempTemporary images, which in some cases requireElementStructural elementsOperationTypes of morphological operations:Cv_mop_open-Open operationCv_mop_close-closed operationCv_mop_gradient-Morphological gradientsCv_mop_tophat-"Top Hat"Cv_mop_blackhat-"Black Hat"IterationsExpans

Less than 5 minutes! Hackers have cracked the world's safest Android phone Blackphone is called the world's safest Android phone. At the recent DefCon hacking conference, the mobile phone was cracked by hackers within five minutes and obtained the Root permission. Blackphone is a product jointly developed by Geeksphone and Silent Circle. It was designed to provide users with data security services based on Google's open-source Android project. To

, but there must be many people involved in these attacks. DDoS protection provider Radware agrees with the discovery of Qihoo 360. According to Radware security researcher DanielSmith, many of these attacks reach 500 Gbps to 1 Tbps. But the good news is that they seldom continue. He said that Internet service providers and websites began to filter and blacklisted attack traffic because the attack traffic arrived through a specific network port. Other companies like Google and Amazon are designe

1. Introduction to activity hijackingSee the original article published on the DEFCON-19Https://www.trustwave.com/spiderlabs/advisories/TWSL2011-008.txtWhen android is running, it will switch between multiple activities. It maintains the history stack of an activity and is used to restore the previous activity when the user clicks back, the stack top points to the currently displayed activity.The original article is as follows:Http://developer.android

PIN code, which can be used by hackers to eavesdrop on mobile phone calls or even counterfeit mobile phone signal towers. "Hackers and drones can perform flight tasks based on the established routes and then return to the base, We have transformed it to attack wireless networks, Bluetooth and GSM cellular mobile phone communication networks ." Last weekend, Parkins and tacay attended the DefCon hacker technology seminar in Las Vegas, USA. Shows the h

This is a 200 pwn question on defcon this year. It is a 32-bit elf Program in linux. For the program, see the appendix shitsco.I. Static AnalysisFirst, run the program and check the functions of the program. As shown in, this program provides an internet operating system that supports certain commands (enable, ping, and so on ).Use the ida analysis program. main function:The main function has three subfunctions. Analyze the three subfunctions in seque

Security researcher Jonathan Brossard created a conceptual verification hardware backdoor called Rakshasa, which is said to be able to replace the computer's BIOS (Basic Input/Output System) and endanger the operating system at startup, but it does not leave any trace on the hard disk.Brossard is the CEO and security research engineer of Toucan systems, a French security company. He demonstrated how the malware works at the Defcon hacking conference o

to run in Android emulator; The ability to set the Dex file according to the Java source Code package directory structure to build a directory, each class file corresponding to a DDX file; Can be used as a jasmin-like anti-compilation engine; : PortalFino.An Android dynamic analysis tool.: PortalIndroid.The purpose of this project is to verify that a simple debug function on the Nix system a.k.a Ptrace function can be abused by malicious software to inject malicious code into the

, but after the crack can be the same as Vista genuine upgrade services.Flaw: The risk of damage to the motherboard or loss of functionality. "People are smashing windows Vista with a hammer." Jeffermos, the initiator of Defcon, the world's largest hacker organization, is intriguing. In Redmond, a suburb of Seattle, a windowless conference room in building 22nd, a large Microsoft campus, Windows developers gather to solve the system's vulnerabilit

0x00 background The CTO of Bluebox, Jeff Forristal, reported a vulnerability in his official blog called the uncovering android master key, which generally does not tamper with the signature to modify the android code. Link: http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/Blog: I didn't talk too much about the details. Only discrepancies in how Android applications are cryptographically verified installed (Android applications should use signature verification and install

better! [0x03c]-bypass anti-virus software. Many anti-virus software uses signatures to scan and kill viruses. If the software discovers the malicious software pattern, it is isolated or cleared. If no virus pattern is found in the file, the virus pattern is considered safe. Veil, a payload generation tool written by Blackhat security expert Chris Truncer, can help us accomplish this task well. Download the source code: https://www.javasertruncer.com

5up3rh3iblog Today, I saw a blog html "target = _ blank>Http://hi.baidu.com/toby57/blog/item/abec95514dccdc2942a75b96.htmlThe "php parsing encoding" problem mentioned in:$ A = Future is similar;$ B =; phpinfo ();//;?>So I went to ryat to discuss the nature of this issue [although it was a long way to go]. In fact, the security problem caused by multi-byte encoding was very popular around the world in the past 08 years, related Topics have emerged at meetings such as

A Preliminary Study on the high-risk vulnerability of Android Stagefright Collation The Stagefright vulnerability can cause remote code execution, or even sending MMS messages, which may intrude into users' mobile devices. This sounds like a big loophole. As a security personnel, you must take a look at the inside story. Heavy lifting According to the news, for some reasons, the discoverer of the vulnerability has not published relevant details, but has decided to leave it on

Discussion on Stagefright Vulnerability0x00 Last night, Stagefright reported a major vulnerability, which could cause remote code execution or even sending MMS messages, which may intrude into users' mobile devices. This sounds like a big loophole. As a security personnel, you must take a look at the inside story.0x01 According to the news, for some reasons, the discoverer of the vulnerability has not published relevant details, but has decided to leave it on

Android pre-installed plug-in "Certificate door" vulnerability analysis and Restoration 0 × 00 Preface At the 2015 Blackhat Conference, in addition to the Stagefright vulnerability of the Android mobile phone hacked by MMS, many other android vulnerabilities were also exposed, one of which was the "certifi gate" vulnerability, looking at the topic, this is another vulnerability that can control the vast majority of android mobile phones around the wor

Ping An technology mobile development Second Team Technical report (15th issue) @author ASCE1885 's Github book Weibo CSDN Industry News 1) Google reorganization renamed AlphabetGoogle announced August 11 reorganization. Larry Page will start a new holding company with Sergei Brin, Alphabet, respectively, to serve as CEO and CEO positions. Alphabet will replace Google's listing on the Nasdaq, and all of Google's current shares will automatically be converted to the same amount and

open-source search engine open itself up for blackhat search engine optimization? Potentially. Let's say it takes spammers six weeks to reverse engineerClosed-source search engines latest spam detecting algorithm. WithOpen Source engine, this can be done much faster. But in either case,The Spammers will eventually figure out how it works; the onlyDifference is how quickly. So the best anti-spam techniques, open orClosed source, are those that continu

information, see the articles on opencv and morphology in this blog. Http://lh2078.blog.163.comOnly a brief description of the function is provided here.Function: cvmorphologyexVoid cvmorphologyex (const cvarr * SRC, cvarr * DST, cvarr * temp,Iplconvkernel * element, int operation, int iterations = 1 );SRCInput image.DSTOutput image.TempTemporary image, which is required in some casesElementStructure ElementOperationType of morphological operations:Cv_mop_open-open operationCv_mop_close-Close O