thoughts and proposals
|
12-12-2007 - new tool released
I wrote this tool to discover the router address of an ethernet
with no dhcp support...
|
09-22-2007 - APPLE SUCKS
Safari 3
is out and it's still
revealing keychained passwords cause Apple doesn't
consider this a vulnerability. So I'd like to outline
some ways to steal such informations. In the following examples we'll steal gmail password:
- If you have phisical acces to the system you can use
this applescript
- If you can execute AppleScripts on target machine you can use
this script
|
09-22-2007 - STACK FETISHISM
There is another way to waste time: the manual conversion of some poetry to pushl calls.
Here is an example of an italian poetry converted to an assembly program.
I felt more relaxed after that.
|
05-14-2007 - THE HUMAN SENSES
Traditionally the senses are considered to be five in number:
sight, hearing, smell, taste, and touch.
I'm wondering why the equilibrium is not considered a sense. Like the other five
senses the equilibrium has an organ (the labyrinth) that produces different
outputs depending on the external ambient conditions and the state of the
subject. The equilibrium let us feel the external pressure, the speed, the
acceleration, and the position of our barycenter and i like to consider it an
active part of our perception system.
comments are welcome
|
| ... |
| ..zzz |
projects ecc..
|
here is a collection of recent, old and very old projects.
|
tripp
is a utility to rewrite incoming and outgoing IP packets.
Since it can rewrite both headers and payload, it can be used to configure
the tcp/ip stack behavior in order to perform various tasks mainly intended
for network tests, simulations and development. [...]
|
|
DIM
(Dirty Instant Messenger) is a php-based instant messenger that can be easly
embedded in websites. It uses MySQL to store accountes and messages and a modern
browser to render its interface.
|
gwcheck.c
is a simple program that checks if a host in an ethernet network is a gateway to internet.
The check is done by sending a tcp syn to an internet host with the mac address of the host to check.
It can take a single ip address or a file containing a list of addresses that can be easly generated
with nmap arp-ping scan.
It may be considered a gateway scanner...
|
arpflood.c
is a small ethernet arp flooder.
it has been written as proof of concept for
CVE-2006-6538
|
|
p0fspoof.txt
A short paper discussing how to use the openbsd-pf's builtin passive os fingerprinter
and a simple spoofing tool to hide open tcp ports.
|
authsyn.tgz
a syn packet replayer that rewrites tcp/ip headers to match against p0f signatures and
bypass the openbsd-pf's os fingerprinter rules.
written as proof of concept for
p0fspoof.txt
|
|
payload-rewrite_exploit.txt
small whitepaper discussing how to use payload rewriting to exploit remote buffer
overflow vulnerabilities
|
udp-scan-ipid-predict.txt
just another abuse of the well-known ip-id prediction vulnerability to discover filtered udp ports.
it's a (relatively) old nmap-devel post. a proof of concept is attached to the document.
|
fk_html
a perl script that act as a proxy server for pop3 connections and it's able to remove
html and scripts from messages and add ssl support for non-ssl clients.
this program is obsolete and it's listed here for historical reasons only. it should not be used!
|
|
srnap.c
is a napster scanner. it has been written when i was a very young guy and it's listed
here cause it's the first program i released. it should not be used as it can contain
an enormous amount of security issues
|