Chatsubo [(in)Security Dark] Labs

"... A consensual hallucination experienced daily by billions of legitimate operators, in every nation, by children being taught mathematical concepts... A graphic representation of data abstracted from banks of every computer in the human system. Unthinkable complexity. Lines of light ranged in the nonspace of the mind, clusters and constellations of data. Like city lights, receding into the distance... "
William Gibson.

miércoles, 19 de diciembre de 2012

IOActive Labs Research: Striking Back GDB and IDA debuggers through malfor...

IOActive Labs Research: Striking Back GDB and IDA debuggers through malformed ELF executables

By Alejandro Hernández @nitr0usmx 

Day by day the endless fight between the bad guys and good guys mostly depends on how fast a countermeasure or anti-reversing protection can be broken. These anti-reversing mechanisms can be used by attackers in a number of ways: to create malware, to be used in precompiled zero-day exploits in the black market, to hinder forensic analysis, and so on. But they can also be used by software companies or developers that want to protect the internal logic of their software products (copyright).

The other day I was thinking: why run and hide (implementing anti-reversing techniques such as the aforementioned) instead of standing up straight and give the debugger a punch in the face (crashing the debugging application). In the next paragraphs I’ll explain briefly how I could implement this anti-reversing technique on ELF binaries using a counterattack approach.

lunes, 8 de octubre de 2012

My experience @ Ekoparty 2012

After a 10 hours delayed flight, finally I landed to Buenos Aires. As soon as I could, I went straight to the VIP party to meet with the IOActive team and to prepare some Mexican tacos and quesadillas with Diego Bauche @dexosexo


When the door opened, I saw my friend @XavaDu who started to take some pictures and drink some tequila from the gun-shaped bottle I brought from México XD. 

 After a while, I prepared him a special taco, with Argentinian Asado, Guacamole and Mexican spicy sauce:

Meanwhile, César Cerrudo (@cesarcer) was killing some drunk h4x0rs... 

Also, our boss, Jennifer Steffens (@SecureSun) couldn'd avoid a gun-shot of tequila B-)

After feeding some hungry people, we started to drink just a little bit more (;-D) and even played ping-pong.

The next day, Thursday, I had the chance to be at the Stephan Chanette's talk (@StephanChenette), which was a really interesting presentation about automated malware generation and future expectations. His presentation had a good structure because he started with the current state of malware generation/defense and later he explained the future of malware generation/defense passing through the actual malware trends. 
The same day, I enjoyed the Esteban Fayo's talk (@estemf) because he showed a live demo on how to crack an Oracle password taking advantage of some flaws in the Oracle authentication protocol.

The venue, KONEX, the same as the last year, was really cool, there were vendors booths, old computers, video games (where I spent like two hours playing Super Mario Bros) as well as a cocktail bar, obviously the IOActive booth ;).

In conclusion, I really had a great time with my mexican friends and my fellow workers, drinking red wine and argentine asado, besides amazing conferences.

 Mexicans rocking @ Ekoparty [ ]
Definitely, I hope to be there next year !
Cheers !

viernes, 1 de junio de 2012

Dubstep Warz 2006 - Breezeblock - BBC Radio 1 (REVIEW)

After a couple of weeks in UK, I've been looking (and still looking) for Drum n' Bass and Dubstep parties, 'cause this is the place where it all began... What I've got? FREAKING AWESOME PARTY at FabricLondon ! just take a look:

DJ Hype:


That nite, I met a couple of Londoners very close to the local Dubstep scene. After dancing and listening crushing tunes, we were talking about the early times of the dubstep scene, the most influencing producers, etc. and suddenly, it came to the talk one of the landmarks of the genre. They suggested me to listen to:

(Hosted by Mary Ann Hobbs)

(Mary Ann Hobbs,  even though I consider myself a dubstep phan, I had never heard of her until the last month that my friend hkm shared me a dubstep mix by Kode9 also hosted by Mary Ann H.)

I'm listening "the warz" and throwing these lines at the same time, and after doing some research about that show, I found a couple of URLs that I'll mention bellow: :
"Landmark Show for Dubstep hosted by Mary Ann Hobbs. Sounds of the future feat. Distance, Mala of Digital Mystikz, Skream, Kode 9 & Space Ape, Vex’d, Loefah, and Hatcha. This show is an essential for anyone who hasn't heard it!" :
"Esse especial, que foi ao ar na madrugada do dia 09/01/06 na BBC Radio 1, reuniu os principais expoentes do gênero. Comandado por Mary Anne Hobbs, o programa trouxe sons de Burial, Skream, Benga, Kode 9, Digital Mystikz, entre outros."

Yeah, it was what it was, it is what it is, that nite was a special nite for the DUBSTEP scene ! and sincerely, I was entirely shocked after listening the 2-hours set !..

The INTRO is amazing, from UK, US, Brazil and Canada, dubstep warriors broadcasting dubstep to the masses !

Some of the quotes I heard and really liked:
-- "They're getting the virus, they're being attached to something new and in '06 .."
-- "it's a hard job being a soldier, breaking dubstep to the masses..."

-- "This is the breezeblock dubstep warz special. Tonight you're gonna feel the energy of the most exciting underground scene in the UK. Emerging out the south of London and now... every corner of the planet, from Brighton to Baltimore, from Bristol to Brazil... From 7 of the scene's most gifted players... We've the god fathers ... Hatcha, and Kode9... And we have next generation producers that you'll see blazing on the underground this year, we've got Skream on the place, we've got Loefah, Distance is here...It's January of 2006 and if you're looking for music that's gonna change your life, it's here, it's live, on the Breezeblock tonite..."

-- "his name is Mala... u ready to do this Mala?.." "the sound has space in it... It's not the same frequency as like house music, it's not the same freq as in DnB.. It's its own frequency"

-- "With more of the sonic fire-storms we love so much... this is Vex'd ..."

And obviously, I wouldn't be cool to write too much of the warz without sharing it ! ;-)....

Skream was a KID !!! he was 19 !, and nowadays, pffff, world famous dubstep producer... He played its famous "Rutten" in the min 26:54 (only for connoisseurs: you will realize that it's not as good as the modern Rutten (remixed by himself) ;-D)

Kode9 & SpaceApe , playing the famous "Space Ape" in the min 47:14 (only for connoisseurs: the same, it's not as good as the version with Burial ;-D)

Loefah, definitely I enjoyed his 13:40 minutes set, and if you only want to listen to this part only:

Distance, playing his classic hard-styled dubstep, "Traffic" at 1:50:05 :

If you really enjoy dubstep music, it's a MUST ! (Personally I liked >80% of the tracks). If you're looking for *NOISY* dubstep, this is not the right place dudeee ;-).

List of Dubstep Warriors (lineup):
Mala (Digital Mystikz)
 Kode 9 & Space Ape 
Hatcha & Crazy D
Loefah feat Sgt. Pokes
DJ Pinch
Cheers !!! B-)

- nitrØus