📚
OpenRCE
is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.
About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Blogs
>>
xipe
's Blog
Created: Thursday, September 24 2009 10:24.43 CDT
Direct Link, View / Make / Edit Comments
Linux kernel 2.6.31 perf_counter_open exploit
Author:
xipe
# Views:
2767
Well, it has been a while since my last technical post � More than 1 year ?!? Wow, time runs so fast :)
So let�s go for a post about Linux kernel exploitation (yeah, I know, sounds cool). We will exploit a quite recent bug in kernel 2.6.31 (still unpatched while writing this) in the perf_counter_open syscall (CVE 2009-3234) to gain root privileges. As real hackers say, f34R.
But, let�s start by the begining: the bug.
Read More ...
Created: Monday, May 19 2008 16:53.19 CDT
Modified: Monday, May 19 2008 17:09.42 CDT
Direct Link, View / Make / Edit Comments
Intel(r) switches backdoor
Author:
xipe
# Views:
3136
I recently got an Intel(r) Express 530T switch from eBay. It�s a �Manageable� switch, this means that you can connect to the switch through a null modem cable, telnet or a web interface to modify the switch configuration (Change MAC address filtering, create/delete VLANs, change ports speeds an priority, �).
But when I tried to connect to the switch, I discovered that the switch hadn�t been reseted, and that the seller didn�t gave me the username and password needed to manage the switch.
After trying to find any reset button around, under, and even inside the switch, I sent a mail to the seller and contacted the Intel support.
As the seller wasn�t responding and the Intel support wasn�t able to give me a reset procedure, I crawled the web, and managed to find a little Intel(r) utility �that does not exists�, according to the russian website that was distributing it...
Read More ...
Created: Thursday, January 24 2008 13:36.33 CST
Direct Link, View / Make / Edit Comments
Writing exploits for Metasploit 3.0
Author:
xipe
# Views:
7499
This article is about writing exploit using the Metasploit Framework, for very secure software: bof-server ;)
Bof-server has been written especially to be exploited during this article, and as you already guessed by looking at it�s name, we will exploit a stack overflow bug. You can find bof-server here: ...
Read More ...
Created: Saturday, January 19 2008 02:28.12 CST
Modified: Saturday, January 19 2008 08:08.38 CST
Direct Link, View / Make / Edit Comments
x86 calling conventions
Author:
xipe
# Views:
2733
This is the first article of a (I hope) long series of articles about 'The Basics: What everyone should know about' :)
The calling convention defines the way a function or a piece of code should arrange data before calling a function, and what to do after. It responds to questions like "In which order should I pass the arguments ?", "Should I clean something ?", "Where is the result ?", ...
Read More ...
Archived Entries for xipe
Subject
# Views
Created On
No archived blog entries found.
There are
31,328
total registered users.
Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Question about memor...
Dec/12
Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...
Recent Blog Comments
nieo
on:
Mar/22
IAT Patcher - new tool for ...
djnemo
on:
Nov/17
Kernel debugger vs user mod...
acel
on:
Nov/14
Kernel debugger vs user mod...
pedram
on:
Dec/21
frida.github.io: scriptable...
capadleman
on:
Jun/19
Using NtCreateThreadEx for ...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}