News: Phrack #68 Released!
At last, Phrack #68 is out! As usual, here is a quick personal view of each article of this issue…
by The Phrack Staff
It’s a nice introduction article, I like it. However, although this is not something directly connected to this article, I will write it here since it is about the new issue release. I have mentioned it on the previous issue too. I’m finding it very disgraceful seeing security conferences advertised on Phrack website just because some Phrack editor(s) are organizing or taking part on them (at least it is removed now).
Phrack Prophile on FX
by The Phrack Staff
I personally know and respect FX so this was a pleasant to read Phrack prophile. I don’t have much to say here, well done Phrack Staff! :)
Phrack World News
I personally really liked the way the news are presented in this article. It is written with a nice flow that connects the different news and makes perfect sense as a security world news overview.
This is great news! Linenoise is back with some very good small articles. I guess I have a couple of friends that would highly appreciate the 0x07 one ;)
by The Phrack Staff
A lot of things are said about the reactions of the Greek hacking scene article of the previous issue that I also didn’t find even close to reality (as I know it). Although I do not agree 100% with what this GHS email contains, it has some very accurate points, especially about the Greek Phrack submitters (Slasher, huku and argp) that all of them were, and some still are, owned and also exposed in the past (eg. Slasher). The rest of the Loopback was very fun to read.
Android platform based linux kernel rootkit
by dong-hoon you
A nice article about a poorly documented subject. We all know that such rootkits are backdoring Androids in the wild for quite sometime and h0h0 has even made a presentation on it at DefCon in 2010, but it is always good to have some technical documentation to get started with. Thank you x82!
In the hard times we’re all living in it is nice to know what makes people happier. Very nice article.
Practical cracking of white-box implementations
I’m not that much into crypto stuff so I found this article extremely informative. Congratulations to SysK for the excellent work.
Single Process Parasite: The quest for the stealth backdoor
Backdoors is an old love of mine. In some cases they’re even more interesting than exploits. Based on this article of Crossbower I guess that we will soon see more Linux based malware…
Pseudomonarchia jemallocum: The false kingdom of jemalloc, or on exploiting the jemalloc memory manager
by argp and huku
About 2 years ago I played a lot with jemalloc for a Mozilla Firefox exploit but this does not even compare to the documentation that argp and huku did on this article. Excellent work. Congratulations to both argp and huku for this.
Infecting loadable kernel modules: kernel versions 2.6.x/3.0.x
Very cool idea and really nice implementation. Again this article combined with the Crossbower’s article can result in some advanced Linux malware.
The Art of Exploitation: Exploiting MS11-004 Microsoft IIS 7.5 remote heap buffer overflow
“redpantz” did it again publishing an great exploitation article. As it is mentioned in the article, it is a great example that something that is initially considered a DoS even by experienced vulnerability researchers could in fact result in something much more serious.
The Art of Exploitation: Exploiting VLC A case study on jemalloc heap overflows
by huku and argp
This along with the previous jemalloc exploitation article are the currently best publicly available references for jemalloc exploitation. Once again, congratulations guys. Nice work.
Secure Function Evaluation vs. Deniability in OTR and similar protocols
As I mentioned above I’m not that much into cryptography so all these articles are very interesting and new to me.
Similarities for Fun & Profit
by Pouik (Androguard Team) and G0rfi3ld
I’ll be honest with you. I didn’t read it. I stopped after a few minutes so I cannot comment on it. I will read it when I have a clear head.
Lines in the Sand: Which Side Are You On in the Hacker Class War
Neat article of what’s going on in the hacking world. Not much to say about it. Nice reading.
Abusing Netlogon to steal an Active Directory’s secrets
It’s been a while since we have seen such a high quality hacking article for Windows platform in Phrack. Definitely one of the best articles of this issue.
25 Years of SummerCon
I like security/hacking gatherings, conferences, meetings, etc. but it is not good to see them advertised (even like this) on an e-zine such as Phrack. Anyway…
So, the last article talks about Korea that I happen to have some friends and Greece that I happen to have a few more. I cannot comment or add anything regarding the Korea part of the article but since I’ve been more or less involved in the Greek security world I think I have the right to express my opinion.
Definitely a much better and complete article from the previous Phrack issue. However, it still misses (maybe intentionally) to reference currently active Greek hackers, members of well known foreign underground groups as well as some very skilled (I am personally aware of two) Greek hacking groups that are active for at least the last 10 years. Anyway, I don’t like to be mean. Overall it’s a good article.