Blog
Uncategorized
3

Creating the Ultimate Tor Virtual Network

Although the methods in this article can be used for proper anonymity outside of the tor browser, the main focus is creating a secure tor based research environment. As most security researchers know there’s always a big decision with analyzing malware or exploits in a VM, most people would prefer …

Read More
Uncategorized

User Mode Hook Scanner (Alpha)

I finally decided to write my first security tool based on an idea I had for advanced hook detection, I couldn’t find any evidence of the method being used so I based a tool around it. It’s still a working progress but I’m posting so I can get some feedback …

Read More
Uncategorized

David Cameron Wants Porn Sites to Require Banking Information

It would seem that David Cameron doesn’t have a tech advisory or even knows anyone who uses browser other than Netscape, but that doesn’t seem stop him with his endless stream of proposals and laws to govern our internet. The latest idea in a long list of terrible ideas is …

Read More
Uncategorized

Darkode Returns Following International Raids

When I was contacted asking for a comment about the darkode raid, I’d said that the main administrator was not arrested and that’d I’d be surprised if it wasn’t back within a week; well It’s been a little more than a week (I’ll put on my surprised face), but as …

Read More
Uncategorized
4

Windows 10 System Call Stub Changes

Recently I installed Windows 10 RTM and while I was digging around I happened to notice some changes to the user mode portion of the system call stub: these changes appear to break the current methods of user mode system call hooking on x86 and WOW64 (Recap: here). Windows 10 x86 …

Read More
Uncategorized
2

MalwareTech SBK – A Bootkit Capable of Surviving Reformat

Since i got into firmware hacking, I’ve been working on a little project behind the scenes: A hard disk firmware based rootkit which allows malware to survive an operating system re-install or full disk format. Unfortunately I can’t post a proof of concept for many reasons (people have even contacted …

Read More
Uncategorized
14

Hard Disk Firmware Hacking (Final)

Core 2, I choose you. Less than 5 minutes after posting the last article, i discovered the final piece of my puzzle: a second CPU core. I was looking through my OpenOCD configuration when I realized it had a single tap definition hardcoded, so i decided to comment it out …

Read More
Uncategorized

Hard Disk Firmware Hacking (Part 5)

“Discovery requires experimentation” This weekend I made a pretty big breakthrough which lead to me making a few smaller breakthroughs and ultimately negating most of my previous research. I’ve also learned that “not reinventing the wheel” isn’t always the best option, especially when it comes to trusting other people’s research. …

Read More
Uncategorized
7

Hard Disk Firmware Hacking (Part 4)

It seems that the bootstrap code is just scattered around various memory addresses and there’s no simple way to dump all of it, so i decided to just dump a chunk of memory from 0x00000000 and look for any reference to addresses outside of that chunk (allowing me to build …

Read More
Uncategorized
1

Hard Disk Firmware Hacking (Part 3)

Before we get started with part 3, I have a few updates regarding part 1 & 2. I’ve found that the reset pad on the JTAG header is not actually a system reset (SRST) but a TAP reset (TRST), which isn’t very useful for debugging. Here is the updated layout …

Read More