27 January 2014
23 October 2013
My Android Metasploit Payload with Meterpreter Android Extension for Metasploit https://vimeo.com/77632331
22 June 2013
23 April 2013
Long time I didn't write on the blog, but I am back with my latest and first paper on Packetyzer, my first packet analysis C++ library.
Packetyzer is a high level library for C++ designed to make easier the forging and decoding of network packets. It has the ability to decode packets of most common network protocols, capture them and send them on the wire. This capability allows construction of tools that can probe, scan or attack networks.
It enables the creation of networking tools in a few lines. A packet is described by its where Fields of each layer have useful default values that you can overload. It has the ability to analyze pcap files or captured packets using Wireshark.
Packetyzer has the ability to capture packets, analyze them and send them over the wire. It analyzes the packets and the connection streams ... from the Ethernet header to the Application layer protocols. Packetyzer is in the form of Dynamic Link Library (DLL) that will help to be included in many tools and projects.
13 July 2012
Welcome back, in part 1 we talked about the definition of the buffer overflows and how they can occur, also we talked about memory and its relations to buffer overflow. In this part we are continuing our series talking about Registers and Shellcodes.
Processors contain memory known as registers. These registers are very small and are used for very fast processing. Registers can be thought of as variables for assembly. Registers are classified according to the functions they perform. High level registers can be categorised in four sections
- General purpose
Registers EAX, EBX, ECX, EDX, ESI and EDI are used for general purpose variables such as mathematical operations and hold data for an operation. These are 32 bit registers on a 32 bit processor. The 16 bit registers for EAX, EBX, ECX and EDX are known as AX, BX, CX and DX. Finally 8 bit registers are known as AL, BL, CL and DL which are the low order bits. High order bits are known as AH, BH, CH and DH. These 16 and 8 bit registers exist for backwards compatibility and are very useful when producing smaller shellcode. The "E" means extended to address the full 32-bit registers.