if (env=ARM) 0xE1A00000

Security

Security | 2007-12-12 05:40:09

An exploit exists in Windows Explorer when processing a crafted GIF file. When read from disk, the file will cause a Denial of Service for explorer.exe

Source code available at: http://milw0rm.com/exploits/4215

Movie of compiling and exploiting:

http://www.ecks90.com/files/explorer.gif.dos.movie.rar


Security | 2007-11-14 11:00:48

For those unfamiliar with rainbow tables check out:
  • http://en.wikipedia.org/wiki/Rainbow_table
  • http://www.antsight.com/zsl/rainbowcrack

Rainbowcrack is typically a windows based package, however as my server runs linux and runs constantly so i thought i would try and use the source package to compile it on linux. My server currently runs Ubuntu 7.04, however varying distros shouldn't matter greatly.

Compiling Rainbowcrack under linux isn't hard, however its not as point and click as win32, and as the default makefile.linux packaged with the source didnt work for me, i thought i would fix it up for others wishing to run it on linux. There are two ways of compiling rainbowcrack under linux, one easy way and one hard way. I chose the hard way not thinking that there was an easy way, however i will only outline the easy way.

Before compiling the source, you must have gcc and/or g++, openssl, libssl and libssl-dev installed. You must also have the source for openssl. Whether these are installed by rpm, a package manager or compiled from source doesn't make any difference, as i successfully did both and worked. Firstly put the unzipped rainbowcrack source in the same directory as the untared/unzipped openssl source. Next vi/gedit the makefile.linux in the rainbowcrack-??-src/src directory so that it reads...

all: rtgen rtdump rtsort rcrack

rtgen:
g++ -I ../../openssl-0.9.8e/include Public.cpp ChainWalkContext.cpp HashAlgorithm.cpp HashRoutine.cpp RainbowTableGenerate.cpp -lssl -O3 -o rtgen

rtdump:
g++ -I ../../openssl-0.9.8e/include Public.cpp ChainWalkContext.cpp HashAlgorithm.cpp HashRoutine.cpp RainbowTableDump.cpp -lssl -o rtdump

rtsort:
g++ -I ../../openssl-0.9.8e/include Public.cpp RainbowTableSort.cpp -o rtsort

rcrack:
g++ -I ../../openssl-0.9.8e/include Public.cpp ChainWalkContext.cpp HashAlgorithm.cpp HashRoutine.cpp HashSet.cpp MemoryPool.cpp ChainWalkSet.cpp CrackEngine.cpp RainbowCrack.cpp -lssl -O3 -o rcrack

Pretty much were just defining the includes for openssl in the compilation process. If your using a different directory structure just adjust the ../ as neccessary. You will most likely receive error warnings like line 2: all:: command not found, and it will repeat that for rtgen, rtdump, rtsort and rcrack, dont worry everything worked, its just the way that the makefile was setup

Also if u receive warnings about /usr/bin/ld: cannot find -lssl and collect2: ld returned 1 exit status it means that you either didnt install the libssl or the libssl-dev



Security | 2007-07-17 01:33:30

An exploit exists in Adobe Photoshop CS2, CS3 and Paint Shop Pro 11.20 when processing a crafted PNG File. The file causes a buffer overflow which can be used to execute shellcode.

Source code available at: http://milw0rm.com/exploits/3812

Movie of compiling and exploiting:

https://www.ecks90.com/files/cs2.cs3.exploit.shell.movie.rar