Not a big blog, but a quick problem I got solved on IRC that I thought might help others. I have a Gateway LT4009u with an Atom N2600. It’s my “hacker/workshop” laptop. The atom N processors are a bit gimpy so sometimes things don’t run right. One thing is GNURadio on Pentoo. Pentoo runs hardened and this pisses off the Atom N. ...
All right! You read my post SSH Keys on a USB jump drive on Mac OS X (Mountain Lion Edition) and want to take this to the next level huh? Maybe having your config posting back to a jump drive and having to have it plugged in every time you want to log into something is sooooo lame! You often just leave it there, plugged in when you walk away from your work station. There has to be a better way… ...
Here I Address the Eternal Struggle I want to store all my private keys on my jump drive I wear around everywhere. I use Win, Linux, but primarily Macs to do to my work so it needs to be some FAT variant formatted. I want to use the absolutely least hacky way. Windows and Linux were easy to overcome. In short for windows you use putty to make a putty key and in linux you do something shockingly similar to what is below… but I get ahead of myself. ...
Ok… so that is not the best name I’ve every come up with. Sorry, but whatever. This is a quick but fun one. I have been collecting malware with my BunnyPot for a while and have been finding some diminishing returns coming to me. I started thinking that I can set up more of these low interaction server honeypots but how can I get even MORE goods? The ability to grab random files pushed to any server seems like a limited way here… ...
I know this isn’t the most revolutionary tip ever but my google searches pulled up nada when I tried to figure this out. I’m an IDA Pro MAC user. Bastard child of IDA right? Not really, except for plugins usually which is the point of this short tips post. If you are using simpliFiRE.IDAscope to help you dig through malware you are collecting with your bunnypot (and gods why aren’t you?) you will bang against the WinAPI browser whining about the following error while searching for native windows calls1 ...
Since the beginning of the year I have been mildly obsessed with reversing and malware. Studying ASM and low level debugging is put an awesome edge on my understanding of computer science, programming, and hacking in general. A week or so ago I started reading the Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code where they recommend you build up a honeypot to collect malware. Of course I can’t a simple suggestions and set up a normal honeypot; Being a SysAdmin at heart I have to automate the hell out of everything. ...