Mudge

-a moment for the color blind-

What's up here at the l0pht?

Well, hopefully most of the machines. I know mine are up and running guys.

Actually there are a bunch of cool things going on at The l0pht. Check some of them out. Maybe you'll even want to join us!


If you have any questions, exploits, etc. feel free to drop me a line - mudge@l0pht.com

Projects


How to write Buffer Overflows

mudge_buffer_overflow_tutorial.html  (HTML corrected)

S/KEY Cracker's Toolkit

Of course all standard disclaimers apply here. Especially the part about me not being responsible for any misuse of the following programs (do us all a favor an d use these in a mature fashion).

Monkey - a tool for Monito ring keys. Think of it as Crack for s/key.

There are a few more things I want to add to it and a paper I'm working on in regards to the vulnerabilites. Here is a preliminary copy of the s/key insecurities paper.

I've been able to exploit a couple of the other methods mentioned in the paper. If demand is strong enough I might release an entire hack-kit and (yet another) version of the s/key package.

PS using S/KEY is still better than _not_ using skey!


Parrallel version of crack

The l0pht will soon be presenting Alec Muffet's crack program ported to take advantage of PVM and other parallel processing environments. Just a hint... you can run PVM [Parallel Virtual Machines] on just about everything from your Linux box up through Thinking Machine's CM series.


I'm currently looking into three different paths to handle this. Whatever the outcome I will post the source here when finished.


Big 'ol bug hunt!

Empirical testing of software with random input as distributed on various platforms.

I got the idea to try this after browsing through an old issue of Communications of the ACM. Back in 1990 they tested a bunch of the software that shipped from various vendors with random data tests and found that they were able to crash 28% of the applications (in one instance they were able to crash the machine under a non-priveledged account).

Well, a lot has changed since 1990 but with all of the user contributed software being shipped with systems, and knowing some of the systems programmers, I'm willing to bet that a lot hasn't!

[you might just be surprised about how we found some SUID/SGID programs behave]

Here are the testing tools:
fuzzbox
interact
They'll be available for Download soon!

The results will be formatted and made available, upon completion, through l0pht Heavy Industries

mudge@l0pht.com



hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking hacking s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s-key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key s/key hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack hack security security security security security security security security security security security security security security security security security security security security security security security security security security security security