Monthly Archives: March 2011

“Prezi – The Zooming Presentation Editor”, a review

I ran into a presentation tool called Prezi. The tool is not only easy to use with impressive features, but also generates stunningly impressive presentations. After I used the tool for a few minutes, I was able to make a

Tagged with: , , ,
Posted in Uncategorized

Aurora Heap-Spray

Yesterday, Aproova gave a talk on the details of the Heap-Spray exploit that was used in Aurora. During the presentation a couple of questions came up and so we will try to address them here. 1. Why was 0x0D0D0D0D used

Posted in Uncategorized

Calculating all paths between any two nodes in a graph

[sourcecode language="python"] /usr/bin/python import networkx as nx from collections import deque import matplotlib.pyplot as plt g=nx.MultiGraph() g.add_edge(1,2) g.add_edge(1,3) g.add_edge(1,5) g.add_edge(2,1) g.add_edge(2,3) g.add_edge(2,4) g.add_edge(3,4) g.add_edge(4,3) g.add_edge(5,6) g.add_edge(5,4) g.add_edge(6,3) g.add_edge(8,9) path_queue=deque() def BFS(graph,start,end,q): temp_path = [start] q.append(temp_path) while len(q)>0: tmp_path = q.popleft()

Tagged with:
Posted in Uncategorized

RageAgainstTheCage

This post gives a detailed explanation of the RageAgainstTheCage (RATC) exploit Also commonly known as the “adb setuid exhaustion attack” [sourcecode language="cpp"]getrlimit(RLIMIT_NPROC, &rl)[/sourcecode] If a process tries to perform a fork and the user that owns that process already owns

Tagged with: , , , , ,
Posted in Uncategorized

Welcome to CSL@SU

This is Computer Security Lab led by Dr. Heng Yin in the Department of Electrical Engineering and Computer Science at Syracuse University.   [[Computing Resources]]

Posted in Uncategorized