Intel(r) switches backdoor

May 19th, 2008

I recently got an Intel(r) Express 530T switch from eBay. It’s a “Manageable” switch, this means that you can connect to the switch through a null modem cable, telnet or a web interface to modify the switch configuration (Change MAC address filtering, create/delete VLANs, change ports speeds an priority, …).

But when I tried to connect to the switch, I discovered that the switch hadn’t been reseted, and that the seller didn’t gave me the username and password needed to manage the switch.
Read the rest of this entry »

Posted in Cool Stuff | 22 Comments »

Nagios status report in Ion3 statusbar

May 8th, 2008

Here is a little script that permits to report one or more nagios servers status in the ion3 status bar:

statusd_nginfo.lua (Download)
Read the rest of this entry »

Posted in Hacks | No Comments »

Faking fingerprints

April 2nd, 2008

I just discovered this very cool article about faking fingerprints: How to fake fingerprints?.
I love CCC :)

Posted in Bookmarks | No Comments »

Writing exploits for Metasploit 3.0

January 24th, 2008

This article is about writing exploit using the Metasploit Framework, for very secure software: bof-server ;)
Bof-server has been written especially to be exploited during this article, and as you already guessed by looking at it’s name, we will exploit a stack overflow bug. You can find bof-server here:
bof-server source code
bof-server binary for Windows

Before to start I would like to say that I am not a Metasploit expert, so feel free to correct me if something is not done the right way.

Bof-server
First of all, lets see how bof-server works. To start it on port 4242 use the command below: Read the rest of this entry »

Posted in How To | 11 Comments »

x86 calling conventions

January 16th, 2008

This is the first article of a (I hope) long series of articles about ‘The Basics: What everyone should know about’ :)

The calling convention defines the way a function or a piece of code should arrange data before calling a function, and what to do after. It responds to questions like “In which order should I pass the arguments ?”, “Should I clean something ?”, “Where is the result ?”, …

There is a lot of different calling conventions. Here are the 3 I see the most of the time:

  • cdecl
  • stdcall
  • fastcall

cdecl convention

The cdecl convention is the default one used when working with a C compiler like GCC or MSVC. To use the cdecl scheme for a function, you can use this syntax (GCC): Read the rest of this entry »

Posted in The Basics | 6 Comments »

Hell-o World

July 28th, 2007

Welcome to this blog !

Posted in Uncategorized | No Comments »