Finally published our presentation for Black Hat 2014
If you are interested, here is the paper for 2012
Hello There All! Long time no see ;) 06-15-2011
Here is a list of latest papers I released, some of them in Portuguese and some of them with English versions:
Article Name: The Lie behind the defense in-depth Date: 01/24/2014 (Portuguese-only)
Article Name: Exploiting a real heap overflow (solaris case) (Portuguese version) Click here for the English version
Article Name: Extending distorm instructions (Portuguese version) Click here for the English version
Article Name: How to really learn security? (Portuguese only)
Article Name: Code Security: Open x Closed Source (Portuguese only)
Presentation Name: Exploitation Notes (English only)
Multiple vulnerabilities in Shockwave Player and a vulnerability in Adobe Reader released yesterday (see advisories section for details)
Released the CVE-2010-4435 (finally) with the PoC!
Updated the docs section to include the paper "Streamed Analysis of Network Files to avoid False Positivies and to Detect Client-side Attacks" written with my advisor Celso Hirata.
Updated the advisories section again (multiple vulns affecting Shockwave and Apple)
Released the MS10-071 - CVE-2010-3331 (Internet Explorer Uninitialized Memory Corruption Vulnerability)
Released the advisory for Synology Vulnerability (CVE-2010-2453)
Finally I put the Adobe and Apple advisories here in my website... More are coming :)
Released the exploit for CVE-2010-0083 rpc.ttdbserverd database parser heap overflow (two exploits, one for Solaris SPARC and another one for Solaris x86).
Microsoft Office Word HTML Linked Objects Memory Corruption Vulnerability just released, see the advisories section...
Released the exploits for the CVE-2010-1869 (Ghostscript vulnerability) and CVE-2010-1039 (rpc.pcfnsd vulnerability).
Updated the advisories section adding the latest two advisories: GhostScript and RPC.PCNFSD 03-15-2010
Updated the docs section adding the advanced payloads presentation
My talk at Troopers Conference 2010 about Fuzzers and Debuggers Integration
iDefense released my vulnerability in RPC.cmsd (affecting AIX and VIOS)
New article about IPS technologies (brazilian portuguese online) in the docs section.
Updated the docs section with new presentations and articles (finally, after long time without update this website).
Finally I released my article (written with Filipe Balestra, my big friend) about Anti-Forensics (published in Hakin9).
Some site updates - More in the way it's managed then in content itself...
The news are now easily managed for me and also some numbers (like years, ages, etc) are automagically calculated....
06/05/2008 I wrote an overview about Troopers conference and Hack In The Box... See it here
06/04/2008 I forgot to put an advise here, but I'm now working for Check Point as a Security Expert... Good luck for me ;)
06/04/2008 I updated the Exploits & Advisories section, including all RISE Exploits, OProfile bugs and some old crappy too ;)
06/04/2008 My presentation about Kernel Protection (with code samples) in Troopers 2008 is now online
04/20/2008 My presentation about Cell Architecture is now online - Hack in The Box Dubai
04/20/2008 Phrack article finally published! Go check it at Phrack website or in docs section
03/03/2008 A lot of texts and presentations that refer to StMichael project (really old stuff made by different people)
01/02/2008 Happy new year! I have just released a new version of ebizzy (0.3)
01/02/2008 I finally put online the vdpop3d source files...
12/06/2007 ekoparty 2007 presentation
11/21/2007 H2HC III and IV Presentations
10/29/2007 You shot the sherif brazilian conference - Talk about Kernel Intrusion Detection System (containing the talks at VNSecurity, Xcon, HITB Dubai/Malaysia)
10/16/2007 I give an interview to Cezar Taurion (manager of new technologies at IBM) - Portuguese only Mirrored here
09/17/2007 I'm back to Brazil... my OLS paper is now online
09/17/2007 I'm back to Brazil... my Hack In The Box presentation is now online
09/17/2007 I'm back to Brazil... my XCon presentation is now online
09/17/2007 I'm back to Brazil... I'm helping the ebizzy project
08/23/2007 New documents (including my Vietnam presentation with Montanaro)
06/20/2007 A lot of pictures from Dubai - Hack in the box conference
05/17/2007 New documents (including my dubai presentation with Montanaro)
05/17/2007 New Pictures
15/11/2006 Blog entry about Copy and Paste security bugs
15/11/2006 I have made some improvements in the md5verify by Richard Johnson
15/11/2006 FreeBSD/NetBSD/TrustedBSD*/DragonFlyBSD all versions FireWire IOCTL kernel integer overflow information disclousure
- A patch for this issue
09/23/2006 New RISE Advisory: FreeBSD 5.x Kernel Integer Overflow Vulnerability
- A patch for this issue
- Securityfocus (bugtraq) link
- My blog entry comment this problem
09/02/2006 Two new commented articles in blog
08/22/2006 New commented article in blog
08/15/2006 The Decoders of SCMorphism are almostly open, you can download the decoders (and tests programs for it) here
08/08/2006 I have contributed with this excelent sample of an IDS that "runs" the coding passing thru the network! Congratulations my friend, Aleksandar Nikolic Local file
08/04/2006 I have specially coded for Defcon a StMichael version that works into the 2.6 kernels! This version is really unstable and is intended for developers who wanna help into the project, but doesn't work with 2.4 kernels anymore
08/04/2006 New release of StMichael!! It has lot's of bug corrections and stability improvements
08/04/2006 Presentation about IDS Evasion and how SCMorphism works
07/18/2006 I have been accepted to present at Defcon www.defcon.org. Unfortunately, i cant go to las vegas, because i havent submitted a presentation related to my work, so ill put all presentation materials here: http://www.kernelhacking.com/rodrigo/defcon
06/28/2006 I'm a co-mainteiner of the TLDP book: Linux Kernel Module Programming Guide The TLDP page is here (many weeks can pass without a change in sourceforge CVS be reflected into the tldp page): http://www.tldp.org/LDP/lkmpg
06/27/2006 Interesting article (and sample) about how to code a kernel thread to act as udp server... i have helped to implement the kernel as a client too
06/27/2006 Phearless Zine has published an article (written by BaCkSpAcE) called Advanced Shellcoding referencing my HowItWorks document (part of the SCMorphism Software) - Serbian/Croatian language
06/26/2006 Some of my lessons about Operation Systems at the University (bacharel degree) - portuguese only:
- Fork sample
- Pipe sample
- Setuid sample
- User scheduler sample
- Syscall sample
06/26/2006 Dumb work about SHA-1 (algorithm explanation) - portuguese only, sorry...
06/26/2006 A lot of manpages of suid binaries are missing, so, I write then (IBM work):
06/21/2006 SCMorphism v1.7 Released
06/20/2006 Patch to compile gcc-2.95.3 under solaris 2.9 running in a UltraSparc 10 machine
06/19/2006 Patch for squid-3.0-PRE3 to add md5 authentication without salts - Tks to Ramon de Carvalho to help on that issue - The Squid bugzilla entry
06/08/2006 Patch for squid-3.0-PRE3-20060608 that correct some compilation problems - The Squid bugzilla entry
06/01/2006 Excelent article about the Extinction of the real Hackers - by firstname.lastname@example.org
05/25/2006 Patch for sarg 2.2.1 to test memory allocation (when it fails, sarg segfault without messages)
05/16/2006 If you use 2.4 kernels and would like to compile kernel modules using gcc 4.x, apply the follow patch into your kernel-headers tree/include/asm (for x86 only) to compile without problems
05/08/2006 Nowaday im working @IBM, into Advanced Linux Response Team, goodluck for me!!
05/08/2006 Im not anymore at MD Systems Networking... tks to you guys, i loved to work with you!! Its a great company to work...
04/05/2006 Study about Polymorphic Attacks (course conclusion of my Bacharel Degree)
03/20/2006 Presentation about the problems (Security-related problems) when you are using Linux as a corporate Desktop
01/27/2006 FAQ answer many questions about StJude/StMichael - One can learn a lot of kernel reading it - Please, sent me more questions!
12/05/2005 Im the newest mainteiner of the StJude/StMichael Project. I have released a new version of StJude (0.23)
11/09/2005 Lecture about Backdoors x Application Firewalls - Presented into H2HC 2 Conference
10/25/2005 Im the newest mainteiner of the StJude/StMichael Project. I have released a new version of StMichael (0.12)
10/25/2005 Text about how to install (and fix problems) TCPDump @hpux systems
10/25/2005 .br Translation of TCPDump Manual - old job
09/21/2005 New lecture about Kernel Hacking - Presented in the www.festsol.br conference
05/02/2005 New lecture about Kernel Hacking - Presented in the www.linuxchix.org.br conference
02/03/2005 Thanks Greek Guys that have hosted me
01/23/2005 Happy New Year... Im searching for a hosting to this website and for a KernelHacking.com website, can you help me? Mail-me at rodrigo *noSPAM* kernelhacking *dot* com
12/09/2004 New section Books - The books i have already read and what im reading now
12/09/2004 New section Movies - The mostly loved movies
12/09/2004 New paper - SCMorphism x Sandbox - See here in Docs section
12/09/2004 New lecture about Polymorphic Attacks - Hackers 2 Hackers Conference (www.h2hc.org.br) Presentation - Portuguese Version See here in Docs section
12/09/2004 New lecture about Polymorphic Attacks - Hackers 2 Hackers Conference (www.h2hc.org.br) Presentation - English Version See here in Docs section
12/09/2004 New lecture about Intrusion Detection Evasion Techniques - See here in Docs section
12/09/2004 New lecture about Intrusion Detection - See here in Docs section
12/09/2004 New lecture about Software Analysis - See here in Docs section
12/09/2004 New lecture about LDAP - See here in Docs section
12/04/2004 New SCMorphism v1.4beta - Released at http://www.h2hc.org.br - See ChangeLog
11/25/2004 Changed about section
06/11/2004 New SCMorphism v1.3 - See ChangeLog
05/30/2004 New SCMorphism v1.2 - See ChangeLog
05/20/2004 New SCMorphism v1.1 - See ChangeLog
05/17/2004 Changed the website logo - Thanks FoxTrot- again!
05/17/2004 Added in section Pictures - Some pictures of me and my friends
05/17/2004 Added in section About - My resume and picture
05/17/2004 Added in section Docs - 8 new texts
05/08/2004 SCmorphism - New Project in Projects Section
04/25/2004 New Website, thanks FoxTrot-
04/23/2004 Website of Rodrigo Rubira Branco (BSDaemon) has been released