Navigation
News
Projects
Docs
Pictures
Advisories
Exploits (49)
LSM
Books
Movies
Blog
Fun
Shellcodes
About
Future
Friends
RISE Security
Priv8Security
M00
DSR
RFDS Labs
THC
Hack in The Box Conference
Troopers
Hackito
uCon Conference
Metasploit Project

RISE Security
I'm member of RISE Security

"There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies. And the other way is to make it so complicated that there are no obvious deficiencies."
-- C.A.R. Hoare

"I have always wished for my computer to be as easy to use as my telephone; my wish has come true because I can no longer figure out how to use my telephone."
-- Bjarne Stroustrup

Hackers 2 Hackers Conference I'm one of the organizers of the Hackers 2 Hackers Conference, in Brazil... this is the 11 edition: http://www.h2hc.com.br


News
08-15-2014
Finally published our presentation for Black Hat 2014

If you are interested, here is the paper for 2012
01-28-2014
Hello There All! Long time no see ;) 
Here is a list of latest papers I released, some of them in Portuguese and some of them with English versions:

Article Name: The Lie behind the defense in-depth Date: 01/24/2014 (Portuguese-only)
Article Name: Exploiting a real heap overflow (solaris case) (Portuguese version) Click here for the English version
Article Name: Extending distorm instructions (Portuguese version) Click here for the English version
Article Name: How to really learn security? (Portuguese only)
Article Name: Code Security: Open x Closed Source (Portuguese only)
Presentation Name: Exploitation Notes (English only)
06-15-2011
Multiple vulnerabilities in Shockwave Player and a vulnerability in Adobe Reader released yesterday (see advisories section for details)
02-08-2011
Released the CVE-2010-4435 (finally) with the PoC!
11-20-2010
Updated the docs section to include the paper "Streamed Analysis of Network Files to avoid False Positivies and to Detect Client-side Attacks" written with my advisor Celso Hirata.
11-16-2010
Updated the advisories section again (multiple vulns affecting Shockwave and Apple)
10-12-2010
Released the MS10-071 - CVE-2010-3331 (Internet Explorer Uninitialized Memory Corruption Vulnerability)
09-26-2010
Released the advisory for Synology Vulnerability (CVE-2010-2453)
09-10-2010
Finally I put the Adobe and Apple advisories here in my website...  More are coming :)
08-13-2010
Released the exploit for CVE-2010-0083 rpc.ttdbserverd database parser heap overflow (two exploits, one for Solaris SPARC and another one for Solaris x86).
08-10-2010
Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerability just released, see the advisories section...
07-16-2010
Released the exploits for the CVE-2010-1869 (Ghostscript vulnerability) and CVE-2010-1039 (rpc.pcfnsd vulnerability).
06-07-2010
Updated the advisories section adding the latest two advisories:  GhostScript and RPC.PCNFSD
Updated the docs section adding the advanced payloads presentation
03-15-2010
My talk at Troopers Conference 2010 about Fuzzers and Debuggers Integration
02-02-2010
iDefense released my vulnerability in RPC.cmsd (affecting AIX and VIOS)
09-01-2009
New article about IPS technologies (brazilian portuguese online) in the docs section.
08-16-2009
Updated the docs section with new presentations and articles (finally, after long time without update this website). 
11-03-2008
Finally I released my article (written with Filipe Balestra, my big friend) about Anti-Forensics (published in Hakin9).
06-20-2008
Some site updates - More in the way it's managed then in content itself...

The news are now easily managed for me and also some numbers (like years, ages, etc) are automagically calculated....
06/05/2008 I wrote an overview about Troopers conference and Hack In The Box... See it here

06/04/2008 I forgot to put an advise here, but I'm now working for Check Point as a Security Expert... Good luck for me ;)

06/04/2008 I updated the Exploits & Advisories section, including all RISE Exploits, OProfile bugs and some old crappy too ;)

06/04/2008 My presentation about Kernel Protection (with code samples) in Troopers 2008 is now online

04/20/2008 My presentation about Cell Architecture is now online - Hack in The Box Dubai

04/20/2008 Phrack article finally published! Go check it at Phrack website or in docs section

03/03/2008 A lot of texts and presentations that refer to StMichael project (really old stuff made by different people)

01/02/2008 Happy new year! I have just released a new version of ebizzy (0.3)

01/02/2008 I finally put online the vdpop3d source files...

12/06/2007 ekoparty 2007 presentation

11/21/2007 H2HC III and IV Presentations

10/29/2007 You shot the sherif brazilian conference - Talk about Kernel Intrusion Detection System (containing the talks at VNSecurity, Xcon, HITB Dubai/Malaysia)

10/16/2007 I give an interview to Cezar Taurion (manager of new technologies at IBM) - Portuguese only Mirrored here

09/17/2007 I'm back to Brazil... my OLS paper is now online

09/17/2007 I'm back to Brazil... my Hack In The Box presentation is now online

09/17/2007 I'm back to Brazil... my XCon presentation is now online

09/17/2007 I'm back to Brazil... I'm helping the ebizzy project

08/23/2007 New documents (including my Vietnam presentation with Montanaro)

06/28/2007 Funny

06/20/2007 A lot of pictures from Dubai - Hack in the box conference

05/17/2007 New documents (including my dubai presentation with Montanaro)

05/17/2007 New Pictures

15/11/2006 Blog entry about Copy and Paste security bugs

15/11/2006 I have made some improvements in the md5verify by Richard Johnson

15/11/2006 FreeBSD/NetBSD/TrustedBSD*/DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure
- A patch for this issue

09/23/2006 New RISE Advisory: FreeBSD 5.x Kernel Integer Overflow Vulnerability
- A patch for this issue
- Securityfocus (bugtraq) link
- My blog entry comment this problem

09/02/2006 Two new commented articles in blog

08/22/2006 New commented article in blog

08/15/2006 The Decoders of SCMorphism are almostly open, you can download the decoders (and tests programs for it) here


08/08/2006 I have contributed with this excelent sample of an IDS that "runs" the coding passing thru the network! Congratulations my friend, Aleksandar Nikolic Local file

08/04/2006 I have specially coded for Defcon a StMichael version that works into the 2.6 kernels! This version is really unstable and is intended for developers who wanna help into the project, but doesn't work with 2.4 kernels anymore

08/04/2006 New release of StMichael!! It has lot's of bug corrections and stability improvements

08/04/2006 Presentation about IDS Evasion and how SCMorphism works

07/18/2006 I have been accepted to present at Defcon www.defcon.org. Unfortunately, i cant go to las vegas, because i havent submitted a presentation related to my work, so ill put all presentation materials here: http://www.kernelhacking.com/rodrigo/defcon

06/28/2006 I'm a co-mainteiner of the TLDP book: Linux Kernel Module Programming Guide The TLDP page is here (many weeks can pass without a change in sourceforge CVS be reflected into the tldp page): http://www.tldp.org/LDP/lkmpg

06/27/2006 Interesting article (and sample) about how to code a kernel thread to act as udp server... i have helped to implement the kernel as a client too

06/27/2006 Phearless Zine has published an article (written by BaCkSpAcE) called Advanced Shellcoding referencing my HowItWorks document (part of the SCMorphism Software) - Serbian/Croatian language

06/26/2006 Some of my lessons about Operation Systems at the University (bacharel degree) - portuguese only:
- Presentation
- Presentation
- Presentation
- Presentation
- Presentation
- Presentation
- Presentation
- Presentation
- Presentation
- Presentation
- Challenge
- Exercises
- Home-work
- Home-work
- Home-work
- Fork sample
- Pipe sample
- Setuid sample
- User scheduler sample
- Syscall sample


06/26/2006 Dumb work about SHA-1 (algorithm explanation) - portuguese only, sorry...

06/26/2006 A lot of manpages of suid binaries are missing, so, I write then (IBM work):
- artswrapper.8.gz
- cons.saver.8.gz
- fileshareset.8.gz
- kcheckpass.8.gz
- kgrantpty.7.gz
- killpgrp.8.gz
- kpac_dhcp_helper.7.gz
- ncplogin.1.gz
- ncpmap.1.gz
- ncsa_auth.8.gz
- userisdnctl.8.gz
- wrapper.8.gz

06/21/2006 SCMorphism v1.7 Released
06/20/2006 Patch to compile gcc-2.95.3 under solaris 2.9 running in a UltraSparc 10 machine
06/19/2006 Patch for squid-3.0-PRE3 to add md5 authentication without salts - Tks to Ramon de Carvalho to help on that issue - The Squid bugzilla entry
06/08/2006 Patch for squid-3.0-PRE3-20060608 that correct some compilation problems - The Squid bugzilla entry
06/01/2006 Excelent article about the Extinction of the real Hackers - by fx@phenoelit.de
05/25/2006 Patch for sarg 2.2.1 to test memory allocation (when it fails, sarg segfault without messages)
05/16/2006 If you use 2.4 kernels and would like to compile kernel modules using gcc 4.x, apply the follow patch into your kernel-headers tree/include/asm (for x86 only) to compile without problems
05/08/2006 Nowaday im working @IBM, into Advanced Linux Response Team, goodluck for me!!
05/08/2006 Im not anymore at MD Systems Networking... tks to you guys, i loved to work with you!! Its a great company to work...
04/05/2006 Study about Polymorphic Attacks (course conclusion of my Bacharel Degree)
03/20/2006 Presentation about the problems (Security-related problems) when you are using Linux as a corporate Desktop
01/27/2006 FAQ answer many questions about StJude/StMichael - One can learn a lot of kernel reading it - Please, sent me more questions!
12/05/2005 Im the newest mainteiner of the StJude/StMichael Project. I have released a new version of StJude (0.23)
11/09/2005 Lecture about Backdoors x Application Firewalls - Presented into H2HC 2 Conference
10/25/2005 Im the newest mainteiner of the StJude/StMichael Project. I have released a new version of StMichael (0.12)
10/25/2005 Text about how to install (and fix problems) TCPDump @hpux systems
10/25/2005 .br Translation of TCPDump Manual - old job
09/21/2005 New lecture about Kernel Hacking - Presented in the www.festsol.br conference
05/02/2005 New lecture about Kernel Hacking - Presented in the www.linuxchix.org.br conference
02/03/2005 Thanks Greek Guys that have hosted me
01/23/2005 Happy New Year... Im searching for a hosting to this website and for a KernelHacking.com website, can you help me? Mail-me at rodrigo *noSPAM* kernelhacking *dot* com
12/09/2004 New section Books - The books i have already read and what im reading now
12/09/2004 New section Movies - The mostly loved movies
12/09/2004 New paper - SCMorphism x Sandbox - See here in Docs section
12/09/2004 New lecture about Polymorphic Attacks - Hackers 2 Hackers Conference (www.h2hc.org.br) Presentation - Portuguese Version See here in Docs section
12/09/2004 New lecture about Polymorphic Attacks - Hackers 2 Hackers Conference (www.h2hc.org.br) Presentation - English Version See here in Docs section
12/09/2004 New lecture about Intrusion Detection Evasion Techniques - See here in Docs section
12/09/2004 New lecture about Intrusion Detection - See here in Docs section
12/09/2004 New lecture about Software Analysis - See here in Docs section
12/09/2004 New lecture about LDAP - See here in Docs section
12/04/2004 New SCMorphism v1.4beta - Released at http://www.h2hc.org.br - See ChangeLog
11/25/2004 Changed about section
06/11/2004 New SCMorphism v1.3 - See ChangeLog
05/30/2004 New SCMorphism v1.2 - See ChangeLog
05/20/2004 New SCMorphism v1.1 - See ChangeLog
05/17/2004 Changed the website logo - Thanks FoxTrot- again!
05/17/2004 Added in section Pictures - Some pictures of me and my friends
05/17/2004 Added in section About - My resume and picture
05/17/2004 Added in section Docs - 8 new texts
05/08/2004 SCmorphism - New Project in Projects Section
04/25/2004 New Website, thanks FoxTrot-
04/23/2004 Website of Rodrigo Rubira Branco (BSDaemon) has been released

:: copyleft 2004-2014 - Rodrigo Rubira Branco (BSDaemon) ::