|
Projects+ acr+ activewall + wistumbler2 + mksend + rss2html + youterm + 0xFFFF + radare + gdvb + pvc + mesure + screws > exploits Rss2: 20070821Hostswww.nopcode.orgradare.nopcode.org cvs.nopcode.org news.nopcode.org blogs.nopcode.org git.nopcode.org pvc.nopcode.org Blogs+ brainstorm+ pancake + pof + wzzx  |
| |
|
These days one of our members where into Defcon15 to participate with the panda team at the CaptureTheFlag competition. Few months ago a group of friends participate on the kenshoto prequals, which is a prequalification wargame with different categories and complexity. After the 48h we got qualified to participate at the DefCon final on a CTF. This time we go there without a good preparation, we are wearing cheap network switches with broken RJs, and there was a long time most of us make an exploit or so, we had to remember all this things there O:) We are 7 and decided to split the team in 3 groups: One doing server administrative tasks, exploiting automatism scripts and working together with the other two (reversing and exploiting). The list of rules of a CTF are: - you have two network cables and a table - one of the cables reaches the gateway and the other one your server - kernel patches are not allowed/permitted - reverse engineering applications to find bugs to exploit - patch your services (in binary) - sniff the trafic to find other's exploits - exploit them and take profit - each service per each team has a token (key file with hex number) - you should steal tokens from other teams and overwrite them with your own - there are private and public tokens - keep up your services The first day of the ctf we were maintaining the first position, this is because we were focusing our time in the easiest ones, trying to get them rapidly and be able to steal as much points as possible from the rest of teams. The second day there was some problems with the counters and we was unable to use the three breakthrougths we do during the night, and we had to spend all the day to finally exploit another because of another team constantly overwriting its key file. So we fall into the third position. The third day was just the half of it, and this wasn't enought time to raise from the yestedays crackdown, but we were able to maintain the position and as a final note, We were able to exploit a 3-years old bug in about two hours before the end, but...we were too nervious and didn't look at the correct terminal O:). Finally I will like to congratulate to Kenshoto and all the teams of the CTF for this great wargame and for having such a fun in a plastic city on the middle of a desert. Hope to get classified next year and back to the CTF..This time with a 70% more of network switches  + pandas/blog/report + Kenshoto + 48bits + cutaway-security + news.livedoor + atlas.blog  * pandas is a trademark of Osu Tatakae! Sexy Pandas wargaming team. * 'we' in this article is refered to the panda team |
| |
|
Yay! we're getting closer to the web 2.0! No, Seriously. Lot of things are changing, and this blog does not reflect what's really happening. We dislike to make presentations, definitions or expectations of anything, we are a dead generation. But instead i'll enumerate a list of some of the projects we are currently involved, feel free to join the development mailing list. We are opened to new ideas, developments, hacks and challenges! 0xFFFF - A Free reverse engineered flasher for the Nokia Internet Tablets HTCflasher - A flasher for the HTC devices PVC - Most of our software development is moving from cvs and git to the branding new pvc version control radare - an advanced commandline hexadecimal editor (really interesting for rce) One of us is reverse engineering a proprietary router to run linux. Other projects like mksend and acr are going to grow soon. We will try to open the blog a little bit more, so we hope to get more editors (>1) to feed you better :) Welcome again and have phun! |
| |
|
Today i've published the 'radare 0.4.2' package into the debian nopcode repository. I'll publish some more packages soon. Stay tuned! |
| |
|
The YouTerm project is out. It has been leaked from meneame and deepbit. Feel free to submit your own termcasts. We need more f00d. |
| |
|
Thanks to TripleDES now, we have a new FTP mirror of nopcode. >> nopcode mirror at bytezero |
| automatically generated by doblog 0.3 |