Hello guys, It’s HolyBugx. I started writing this post after this tweet, as I saw many interested people wanted me to do it. So I decided to share my knowledge with you. Without further explanation let’s get to the point. What is a CDN? A CDN allows for the quick transfer of assets needed for loading Internet content including HTML pages, Javascript files, stylesheets, images, and videos. The popularity of…
Read MoreZDResearch Presents ICS Honeypot Detection Framework at Kaspersky Industrial Cybersecurity Conference
The Sixth Conference on Industrial Cybersecurity Organized by Kaspersky Lab was held on September 19-21 in Sochi, Russia. This year’s theme was ‘Industrial Cybersecurity: Opportunities and Challenges in Digital Transformation’. Event participants included leading experts on the security of industrial systems, as well as specialists and managers representing industrial enterprises from more than 20 countries, including USA, China, Russia, Germany, Denmark, Italy, Spain, France, Lithuania, Saudi Arabia, UAE, Qatar,…
Read MoreNational Collegiate Cyber Defense Competition Writeup
We are Volitech, an advanced biotech company with heavy emphasis on R&D that serves many customers with high-tech bio research and services, from prosthetics to health management. We have recently been hacked by a notorious hacker group, and have fired all of our administration team. You are the new administrative team, you shall maintain our systems, defend them against future hackers, and investigate the old hack. That sums up the…
Read MoreMaintenance Problems
We were facing a few maintenance problems, primarily with our main domain. Some illegal activity was suspected on the main domain, and dns changes were made. We had to transfer the domain, and this process took longer than expected. We apologize for any inconvenience. If you contacted us, we probably didn’t receive your email, so please send it again. Our staff are tirelessly working on the second release of the…
Read MorePool Blade: A new approach for kernel pool exploitation
Abstract In recent years many methods have been discussed regarding exploitation of pool overflow corruptions. Most of these methods are based on the architecture of Pool manager in windows. In this paper I am going to discuss a generic method that is based on kernel objects and not the pool manager and because of the nature of this technic it is possible to exploit pool overflow vulnerabilities easier and more…
Read MoreZDResearch Training Official Launch
Hello All Introduction It is our pleasure to announce that we just released the training material for our Reverse Engineering and Windows Exploitation courses! With your support and help, and our dedication, we finally made this possible. In this short post we’d like to provide you with more information regarding these courses. Reverse Engineering Course Our reversing course is released, and contains ~8 hours of video and 500+ slides,…
Read MoreInternet explorer version detection & ROP genration
Hello all Once upon a time I was writing some exploit for internet explorer. The problem for exploiting IE was that I had no capability to detect exact version of mshtml.dll module. So my ROP gadgets were working only for one exact version of unpatched DLL. To overcome this hurdle and write some exploits that work on every unpatched system I had to solve two problems: – Find a…
Read MoreAnnouncing ZDReseach Online Training
Hello all We are happy to announce, after a long time we finally made it possible! There are lots of public offensice-security training courses around the world, but which of them offers online security training? Which of them offer good quality stuffs with instructors who have done real stuffs? After years of working in the industry and gaining attention of offensive security community we finally decided to offer our online training…
Read MoreZDResearch Binary Challenge One Writeup
Hi everybody! Our second challenge (which was a reverse engineering one) came to its end, as well. This one was solver much faster than our XSS challenge, meaning that either our reversing experts are not as good as our XSS experts, or that reverse engineers out there are much better than XSS experts; or something else. On this challenge, we required the participants to submit write-ups as well, because hackers…
Read MoreZDResearch XSS challenge one writeup
As you may already know, we recently held our very first XSS challenge with the prize being a book of choice in information security. This challenge was a bit tricky and if you didn’t focus on the right path you would end up getting no results. We received around 10k requests (around 2MB of data, thanks for not using scanners) from attendees trying to solve our challenge. The main goal of…
Read More