*CALL FOR PAPER

ABOUT SYSCAN?06*
The Symposium on Security for Asia Network aims to be a very different
security conference from the rest of the security conferences that the
information security community in Asia has come to be so familiar and
frustrated with. SyScan?06 intends to be a non-prod

[ more ]  [ reply ]

We all heard about the new vulnerability in ms outlook, but not much detailed information is availible.

The vulnerability is caused due to boundary error when decoding the Transport Neutral Encapsulation Format (TNEF) MIME attachment. This can be exploited to execute arbitrary code when the user op

[ more ]  [ reply ]

Websense has done a lot of work on WMF since first alerting about it
publically (yep, that was them), and in fact, along with many others,
helped with alerting us to many malicious sites hosting bad WMF files so
that they can be taken down.

Their latest blog entry is:
Reverse Engineering WMF Exp

[ more ]  [ reply ]

The second lecture at the next TAUSEC will be:

19:30 Izik Kotler - Advanced buffer Overflow methods.

The name of the lecture speaks for itself, PPT is available on our site:
http://www.cs.tau.ac.il/tausec/lectures/Advanced_Buffer_Overflow_Methods
.ppt
[You know what do do if the URL breaks]

Nex

[ more ]  [ reply ]

Hi!

Last months I wrote many shellcodes on debian, and they work very well. Now,
I've got gentoo running on my box.
When executing the shellcodes that I wrote in my debian,I gotta "SEG FAULT".
I revised the code and it looks good ! .Guys, do you now why the code crash?

Thanks in advance!

------

[ more ]  [ reply ]

url: http://eusecwest.com
url: http://cansecwest.com
(CanSecWest Call For Papers attached below)

EUSecWest/core06 Conference
---------------------------

Announcing the final selection of papers for the
EUSecWest conference in London, U.K. on Feb. 20/21
at the Victoria Park Plaza Hotel. The follo

[ more ]  [ reply ]

I think this is a sure off topic here but I am going to give you just a
hint on where to start :)

To access the contacts in pocket pc you need to use the POOM (The Pocket
Outlook Object Model)

"Applications access Pocket Outlook data through the Pocket Outlook Object
Model, or as it is more common

[ more ]  [ reply ]

Written by H D Moore, from the MetaSploit project:

http://blogs.securiteam.com/?p=196

Gadi.

[ more ]  [ reply ]

HI list memeber, does anyone know how to read/access/copy the contents of the
address book also called Contacts on a pocketpc ??? Im doing a bit of
research in this area and cannot seem to read the address book
entries, Im thinking they are in some obscure file that i dont know
the name of or in

[ more ]  [ reply ]

Ren and Stimpy do it again. You can find their post here:
http://blogs.securiteam.com/index.php/archives/184

Gadi.

[ more ]  [ reply ]

RECON 2006 - Call for papers - 06/01/06
Montreal, Quebec, Canada
16 - 18 June 2006

We are pleased to announce the second annual RECON conference, which
will take place in Montreal from the 16th to the 18th of June 2006.

We are looking for original technical presentations, in the fields o

[ more ]  [ reply ]

Hello list!

I was trying to find info about WMF Escape record with not much
success. A minute ago I have found that I have a very old VisualC++
somewhere and it contains the Windows 3.1 SDK Help! I tried, and
found!

Search for "Escape Metafile Record" and "Escape function"!

I hope this helps.

[ more ]  [ reply ]

Uninformed is pleased to announce the release of its third volume. This
volume includes 7 articles that cover a wide array of topics including
reverse engineering, exploitation technology, rootkit technology,
fuzzing, and other areas of research. The articles included in this
volume are:

- Engi

[ more ]  [ reply ]

SanjayR wrote:
> Hi Moore et al (and All):
> I was trying to understand the wmf setabortproc exploit code. I got
> confused over one point. In the code, under the point
> "StandardMetaRecord - Escape()", you have given the value of WORD
> function as 0x0026 and other possible values can be (accordin

[ more ]  [ reply ]

Hi Moore et al (and All):
I was trying to understand the wmf setabortproc exploit code. I got
confused over one point. In the code, under the point "StandardMetaRecord -
Escape()", you have given the value of WORD function as 0x0026 and other
possible values can be (according to the code) 0x0626,

[ more ]  [ reply ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Vuln Dev readers,

I wanted to make some quick announcements about upcoming Black Hat
conferences.

Black Hat Federal 2006 Speakers Chosen
Black Hat Federal speakers have now been chosen. Black Hat Federal
focuses on threats and defenses to thos

[ more ]  [ reply ]

having one of those days....im about ready to put my foot through my computer....

writing stack overflow on win32 arc...

i overflow eip with a pop/pop/ret, jump to my bind shellcode and im away.....all works perfectly but....

when i attach to the process with my debugger and step through the expl

[ more ]  [ reply ]

Hi all,

I've released a new version of my binary data encoding tool, which can be used to encode shellcode (among other things) to create strings that you can use in your exploit source code.

Details: http://spaces.msn.com/members/berendjanwever/Blog/cns!1p6fR-x5kssFGVg31l
A_HM3g!119.entry

Source

[ more ]  [ reply ]

Hi,

Does somebody have shellcode for linux-mips (MSB)?

I found this for LSB (Little Endian) Cobalt:
http://www.milw0rm.com/id.php?id=1306

I'd like to play with Broadcom chipset and MSB (Big Endian)...

--

Saludos,
-Roman

PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key

[ more ]  [ reply ]

The Metasploit staff is proud to present the first alpha release of the
3.0 branch of the Metasploit Framework. This release marks a major
milestone in the evolution of the Metasploit Framework and is based on a
complete rewrite of the 2.x series.

The 3.0 branch is designed to provide automation

[ more ]  [ reply ]

Actually, 2600 Magazine has stories on IR all the time. Car remotes and garage door openers have now gone to rotating codes as a security precaution because of programmable remotes. So the articles go, it was possible to aim a programmable remote at someones key or garage door opener. Search 2600

[ more ]  [ reply ]

There was a presentation at Defcon 13 (this past summer) with the title "Old
Skewl Hacking - Infrared" by Major Malfunction that showed a lot of the
possibilities for abuse of infrared setup boxes. It showed how he used
infrared to hijack someone else's email session, view charges of other
people's

[ more ]  [ reply ]

Now, I have this ridiculous question about a topic that is not strictly
infosec-ish (at least not historically); still, this is probably the best
place to ask, so I'll go ahead...

It's not terribly important, but got me wondering while I was doing
research on something just remotely related to that

[ more ]  [ reply ]

Hi List,

I would like to get some feedback on the MCPP program initiated by
Microsoft. They claim to provide very relevant information about
propriety protocols which can be helpful for the development of
third-party applications like IPS. Is it really worth subscribing to,
given the considerable p

[ more ]  [ reply ]

Hi,

I have been looking at stack stuff for a month or two now, so please
forgive my ignorance.

Anyways, I was idly writing some JavaScript last night, when a badly
formed statement crashed my IE (Firefox recognises the bad script and
wont attempt to run it)

I fired up ollydb to take a look at it

[ more ]  [ reply ]

-Exploiting Freelist[0] On Windows XP Service Pack 2-

Windows XP Service pack 2 introduced some new security measures in an
attempt to prevent the use of overwritten heap headers to do arbitrary
byte writing. This method of exploiting heap overflows, and the protection
offered by service pack 2, is

[ more ]  [ reply ]