While I was surfing about Shellcodes in Google, I saw some authors of Shellcodes which shared in Shell-Storm and Exploit-DB , etc., won't include the Disassembly or Assembly codes, After that I curious to see the codes. In this post I will show you how we can get Disassembly codes from Shellcode using GDB, And by the way I used GDB-PEDA.
Sunday, August 2, 2015
Sunday, July 5, 2015
Hello my friends, last night I was working with IDA Pro and I had a problem with applying dif file to my protable executable [PE]file while using this C file from resources.infosecinstitute.com. So I write my own one with python which could be used in Windows/Linux/OSX.
Friday, May 22, 2015
Introducing ZCR ShellcoderHello my friends, ZCR Shellcoder is an open source software which lets you generate your customized shellcode for supported OS. You can find out it at this URL. Keep reading to know more.
Tuesday, May 19, 2015
Hello Guys, After several days I was busy at work, I come back with a new subject which you can see on top of this text. Before I start, I’ve to say my IOS is updated and version is 8.3. Keep reading to know more.
Hello world! [ Including People , Robots, Zombies Dariush & Arash, Alien dudes if they exist, and my friends ], By the way, I decided to write about a Gmail Bug. It’s not a vulnerability of Gmail but it’s some kind of bug let us know if we hack a Gmail, we can login it or not without alert the Gmail owner. I talking about 2-Step verification, Imagine to grab a Gmail password and not be sure to login or not , victim might be use Gmail SMS auth service and when you click login, Google send victim a SMS which include a code to continue login. I got some way to test Gmail account before we login and test it if account have notification or not without any alert SMS. Keep reading to know how to do it.
Monday, May 18, 2015
When security researchers and hackers want to setup a self blog, the biggest stress on their head is what to do to secure their server(s) and site(s). what if someone come and naughty their server(s) ? what if server get DOS/DDOS attack when they don’t have access to fix up their server(s) and they are travelling or go for business or something and they can’t access their server(s) for some reason. After some years that I spent my life on information security I release that nothing can’t be secure 100% , But We shouldn’t give up and let others naughty our server and deface our website or maybe make us a botnet zombie for DOS/DDOS Attack. In past year I decided to do something to remove this stress for myself or make it less and I start to make a mini firewall or something like Robot for secure my server and sure I don’t trust other firewalls. 99% of firewalls bypass easy and it’s really ridicule that firewalls from big companies mostly skip checking the packets on POST requests. So that’s first reason I decided to secure my server by my own scripts, and if you want to know more , keep reading.