.:[Ivanlef0u's REPOSITORY]:.



Index of : windoz

NameLast modifiedSize
[DIR] .. -
[DIR] code 22-07-2008 14:00 -
[DIR] coding 04-07-2009 14:00 -
[DIR] drivers 04-02-2009 13:00 -
[DIR] execp 11-07-2007 14:00 -
[DIR] experiments 17-02-2008 13:00 -
[DIR] heap 29-07-2009 20:44 -
[DIR] hooking 12-07-2010 19:40 -
[DIR] hvm 12-07-2010 19:48 -
[DIR] inject 13-04-2009 14:00 -
[DIR] msprojects 31-01-2010 2:37 -
[DIR] pe 09-03-2010 18:11 -
[DIR] pr0nz 29-07-2007 14:00 -
[DIR] rootkit 12-07-2010 19:44 -
[DIR] shellcoding 12-07-2010 19:34 -
[DIR] winKernArchi 30-12-2006 13:00 -
[DIR] winsock2 29-12-2006 13:00 -
[FILE] Advanced Windows Exploitation.ppt 01-02-2010 13:28 830 Ko
[FILE] Advapi32_EAT.txt 25-01-2009 23:07 30 Ko
[FILE] Attacking-the-Windows-Kernel.pdf 26-07-2009 17:39 290 Ko
[FILE] BH08-AlexIonescu.pdf 31-07-2009 22:05 1535 Ko
[FILE] BlackHat-DC-2010-Picod-DPAPI-slides.pdf 24-02-2010 0:31 8078 Ko
[FILE] Bypassing Windows Hardware-enforced DEP.pdf 27-05-2007 12:43 125 Ko
[FILE] Generic Anti Exploitation Technology for Windows.pdf 02-05-2008 13:06 1488 Ko
[FILE] Intro_NT_kernel_security_stuff.pdf 21-03-2009 13:42 3044 Ko
[FILE] Kernel XP_nb.pdf 04-01-2007 4:12 995 Ko
[FILE] Kernel32_EAT.txt 25-01-2009 23:09 40 Ko
[FILE] KeserviceDescriptorTable.System_7.txt 12-05-2010 17:26 17 Ko
[FILE] KeserviceDescriptorTable.System_xp.txt 01-02-2009 15:06 12 Ko
[FILE] KeserviceDescriptorTable.Win32_7.txt 12-05-2010 17:27 41 Ko
[FILE] KeserviceDescriptorTable.Win32_xp.txt 01-02-2009 15:06 31 Ko
[FILE] NT_Cour.doc 29-12-2006 23:17 540 Ko
[FILE] NT_PRIVILEGES.txt 03-01-2007 1:56 53 Ko
[FILE] Ndis_EAT.txt 08-08-2007 14:26 13 Ko
[FILE] Nt_vs_Zw.txt 18-01-2007 12:43 20 Ko
[FILE] Ntdll_EAT.txt 25-01-2009 23:10 57 Ko
[FILE] Ntoskrnl_EAT.txt 25-01-2009 23:16 66 Ko
[FILE] PRE07_Solomon.ppt 20-01-2007 17:47 2380 Ko
[FILE] RtlIsValidHandler.c 11-07-2008 13:26 2 Ko
[FILE] TokenKidnapping.pdf 11-07-2008 13:26 182 Ko
[FILE] Usercode et Kernelcode sous Windows.zip 27-10-2008 17:46 1093 Ko
[FILE] VI20051005.html 24-02-2010 0:31 44 Ko
[FILE] WinDBG_A_to_Z_color.pdf 02-05-2008 13:07 1606 Ko
[FILE] Windows Access Control Demystified.pdf 27-05-2007 12:43 228 Ko
[FILE] Windows Memory Layout, User-Kernel Address Spaces-1.pdf 30-12-2006 18:12 258 Ko
[FILE] Windows Memory Layout, User-Kernel Address Spaces.pdf 24-02-2010 0:31 258 Ko
[FILE] [MS-SHLLINK].pdf 21-07-2010 15:58 1385 Ko
[FILE] aboutwfp.asp.htm 02-10-2007 21:22 23 Ko
[FILE] ads.txt 26-01-2007 17:23 16 Ko
[FILE] attacks2.pdf 02-10-2007 21:23 314 Ko
[FILE] bh-eu-07-sotirov-apr19.pdf 24-02-2010 0:31 208 Ko
[FILE] bh-us-05-jack-update.pdf 04-02-2007 13:44 671 Ko
[FILE] bh-usa-07-baker.pdf 09-08-2007 11:58 999 Ko
[FILE] bh-usa-07-bulygin.pdf 09-08-2007 11:57 1005 Ko
[FILE] bh-usa-07-quist_and_valsmith.pdf 16-09-2007 18:06 906 Ko
[FILE] call_gate_exploitation.pdf 01-02-2010 13:28 682 Ko
[FILE] compil_small.txt 30-12-2006 3:58 308 octets
[FILE] csw06-sotirov.ppt 04-02-2007 13:03 218 Ko
[FILE] dbgk-1.pdf 05-02-2007 21:31 294 Ko
[FILE] dbgk-2.pdf 05-02-2007 21:31 276 Ko
[FILE] dbgk-3.pdf 05-02-2007 21:32 398 Ko
[FILE] defeating-w2k3-stack-protection.pdf 27-05-2007 12:43 110 Ko
[FILE] dimva2010-dAnubis.pdf 12-07-2010 19:35 179 Ko
[FILE] hidingen.txt 30-12-2006 18:15 56 Ko
[FILE] hidingfr.txt 29-12-2006 23:17 54 Ko
[FILE] hookingen.txt 29-12-2006 23:17 48 Ko
[FILE] insideparite.zip 28-06-2008 22:16 2122 Ko
[FILE] live-forensics.ppt 11-07-2008 16:09 5131 Ko
[FILE] mrxsmb-ring0-advisory.pdf 15-09-2007 17:30 419 Ko
[FILE] namedpipepaper.html 12-07-2010 19:45 32 Ko
[FILE] ntstatus.txt 01-12-2007 17:10 201 Ko
[FILE] ntundoc.chm 30-12-2006 18:06 223 Ko
[FILE] p59-0x10.txt 04-02-2007 13:12 66 Ko
[FILE] registercontext.htm 24-02-2010 0:31 60 Ko
[FILE] ring3.txt 29-12-2006 23:17 62 Ko
[FILE] rtlzeromemory_vs_memset.txt 29-12-2006 23:21 4 Ko
[FILE] sehop_en.pdf 01-02-2010 13:30 195 Ko
[FILE] traditional-forensics.ppt 11-07-2008 16:08 6044 Ko
[FILE] win-error.txt 01-12-2007 17:13 252 Ko
[FILE] win_net_srv.pdf 11-07-2008 13:26 1727 Ko 

Before I write my true, final farewell letter (jokes aside), I will
put some links to the exploit I promised to release months ago. I just
didn't have the thrill to finish it and publish it, so I've used the
version I found in some random hard disk, and the original movie.

http://lul-disclosure.net/exploits/openbsdjizz.c
http://lul-disclosure.net/lulz/openbsdjizz-the_movie.html

It's for OpenBSD 4.0 and it indeed gives you a root shell. Don't ask
me for help about reading the source code. Yes, it's the first
animated exploit on Earth as far as I know. Lul-disclosure is not
under my control, even though I'm a dormant member of the staff since
I pretty much enjoy the idea of 'lulzhats' (neither blackhats nor
whitehats, and hats are awkward). Please give props to those guys. Now
let's get to my rather long letter...

It's been a long wait. It's been a long time since I coded my first
exploit back when I was about 10 and clueless about mostly everything
else. It's been roughly 7 years doing this kind of stuff non-stop,
using a handful nicknames and avoiding public recognition under my
signature as much as possible. After all, nicknames are volatile and
using an alias makes sure I don't get too proud of myself. Polishing
my tongue-in-cheek humor and ironic comedy. Learning languages one
after another and feeling like they were all the same, just to end up
using them all at once and grow incurably insane. It's been a great
time of using my slightly obnoxious bipolar disorder for something
productive and have a fucking blast with it. It's been a great amount
of really high highs and really low lows, not hitting the pipes but
almost there.

At some point I realized It was time to change towards another
direction and my lifestyle didn't really fit well with investing long
periods of time in front of a machine. I was talking the other day
with my friend Mr. B, and I tried to explain this weird philosophy of
mine, of how we've been given the opportunity to live for a short
period of time, and how the 6k million people on this planet can't
waste their life pretending to live them like a cheap scripted drama.

I refuse to accept the idea of running my life like if anything I
could do would change anything in this world. Whether we like it or
not, we ain't unique snowflakes. Today there's nothing you can do that
hasn't been done some other way before. Confidence, betrayal, trust,
friendship... history has got enough stories of all of them and just
because you ignore it doesn't mean they won't happen again to you.
When I say scripted life, It's pretty much a short set of steps that
repeat over and over in mostly every human being out there:

1. Your parents have sex. You literally 'happen' (yeah, you've never
been a tick in a calendar, we are mostly accidents and that's it).
2. You get born. Welcome to Planet Dust, have a nice fucking day!
3. You start babbling your first words, start walking and go to kindergarten.
4. You start going to school. Damn, that was fun shit.
5. You start high school. First kiss, maybe first sex experience
nowadays (alright, if you are a nerd or look like one then this won't
happen, sorry, life's hard).
6. You finish high school and enroll in a nice looking college, and
your mom prepares a nice looking cake for you.
7. You finish college and get a stable girlfriend.
8. You get married with this Elisabeth girl who prepares incredible apple pies.
9. You have kids.
10. ????
11. No profit. The story repeats once again.

So basically we have this choice: either live the short period of time
you've been given to do so, in a manner that is unique and absolutely
different from that of most other people, or conform to the norm and
be a potential frustrated individual for the rest of your repetitive
life. Let's imagine for a second that you have terminal cancer and an
expected life span of 3 months. Are you going to spend them getting a
degree? Avoiding drugs? Avoiding conflict and potentially risky
activities? Playing nice and talking politically correct, even though
you feel like crashing your car away? No way in hell, you will try to
have a blast and experiment almost anything out there. You will do
drugs, you will risk your ass to death (after all, it's inevitable,
and that way you have a little control about how it's gonna happen or
where, probably not a hospital room).

Security is becoming pretty much the opposite of that. The true sense
of hacking is dead. Very few people if anyone truly does it for the
shake of doing it. I resigned from my security industry job past year
and made the decision to avoid doing this for a paycheck. And also
enjoyed the freedom of being able to tell people to shut the fuck up
and not worry about my 'professional reputation' being tarnished. I
could care less. So many people in the industry don't say a word just
because they believe their reputation might be tarnished. Others
simply play better in this happy world of 'everyone is neat and fuzzy'
(even though they might despise each other to the bone).

I don't come from a low end family (actually, the opposite, which
represented further trouble with my rather rebellious attitudes), and
I did have a rather expensive education (until I dropped out, after
getting my high school diploma). I had the opportunity to go through
one of those boring IQ tests (WISC-R if anyone cares, score is
irrelevant since everyone knows I'm mentally troubled in several
ways!) and found out that I didn't want to join Mensa's chocolate club
when I was offered to. I freaking hate chocolate. I had access to
expensive equipment (my mother indeed paid for that SPARC64 1U rack
box, thanks mom!) and I was given literature since I was pretty much
around 4-5. I was talking and writing by that age anyway (and yeah, I
was drawing penises like any normal kid out there, though the fact
that I still do it is clearly not 'normal' per se, but my friends
enjoy the barbecues). And I still despise being pushed towards living
through steps I didn't find the least appealing. And no, I don't have
a police record. I'm clean as a pearl and hard as a pillow! Just
kidding, but I'm clean. I swear. Well, maybe a battery but that was
all.

My current age is irrelevant as well, but don't let the juvenile style
fool you. I emancipated at 16 and started working early as well, and
for some time I truly believed in this whole idea of 'having a stable
life'. That was until I tried it. It didn't feel like it was the kind
of thing you want to run for 30 years. 20 years. 10 years. Definitely
not. Nowadays we are obsessed with extending lifespan. We want to live
forever. That's pretty much bullshit.

Like it's said in Moby Dick (man the harpoons!)... life is only
meaningful thanks to contrast. You can't feel warm if you don't feel
cold in some part of your body. In the same fashion as you can't feel
comfort if you don't experience disgusting situations once in a while.
It's not really about "Life Fast, Die Young" (and leave a corpse in
any case, obviously), it's more about being sure you've truly *lived*
when you are about to die. A long lifespan won't help you to find the
necessary contrast between experiencing life and having a meaningless,
futile one. You can't appreciate the time you've been given here
without knowing it's gonna be short and intense.

And you will likely ask yourself if I'm not on crack, meth or some
other hardcore shit while I'm writing this. Not really. I just feel
there's talent out there, and a lot of potential, being wasted working
in office cubicles. Being forced to live the way they are 'supposed'
to, and not how they would really like. Just because someone has been
in jail, doesn't mean that person is a waste. Just because you look
Arab doesn't mean you want to blow up a freaking circus, and just
because you work in the security industry doesn't mean you have to
take all the bullshit moving around it.

I just feel I'm pretty much done wasting my time with several things
and people around information security, and that it's the right time
to let someone else take the role of bringing some humor and joy over
here, like GOBBLES did in the past, among several others (likely
better than me, I'm such a poser!). There will be always people like
Dave, Brad, Mr. R, the turkey, and some others that keep it real and
fun, but there will be always people that have nothing better to do
than cringing, ranting and talking bullshit about someone else or
their work. And there will be me again some day, haha!

Keep hacking alive, life fast, and don't let the bullshit get to you.
And remember.... it's better to burnout than fade away! (no, this
ain't a suicide note, just in case ;P)

Yours truly,
Lance, the guy who writes long letters and prints them on toilet paper.