Archive for the 'Uncategorized' Category

Wednesday, October 22nd, 2008

House Keeping

It’s been a crazy couple weeks! Some quick housekeeping:

ChicagoCon – I’ll be in Chi-Town next week giving one of the Keynotes at ChicagoCon. If you’re going to be in the area, hit me up and we’ll grab a few drinks.

Bluehat – I’m glad to see all the young blood in the scene. It’s going to be scary to see what Kuza55 and Sirdarckcat are up to in 10/15 years (they’re already tearing stuff up as it is…). As for us old guys, we can’t drink like we used too… but we still try :)  As usual, the Bluehat parties ROCKED and it was great meeting everyone.  We topped off all the Bluehat debauchery with a night at the shooting range, shooting AR-15s and various handguns…

MBA – I actually took a Midterm during the WAF discussion panel at Bluehat (no wonder I was soooo quiet). Once this class is over, I’ll have 3 more classes to go and I’ll have completed my MBA! The coursework isn’t too bad, but the time commitment is pretty high. It definitely cuts into my “pwnage time” and I can’t wait till it’s all over. Don’t ask me why I need another Masters degree and don’t ask me how many times I’ve XSS’d my online class discussion forums. I promise to practice responsible disclosure after my classes are over… but for now, its the only thing that keeps class bearable :)

Grey Goose – This was an AWESOME project and I’m glad Jeff Carr asked me to participate. Jeff basically assembled enough Intel brain power to rival an Intel agency of a small country. Jeff put out a couple reports and if you need more info on the project, you can find it here. I studied warfare as an Officer in the Marine Corps (Maneuver and Expeditionary) and I’m interested in anything related to cyber warfare. We’re living in a time when the tactical, operational, and strategic thinking surrounding cyber warfare is being defined.  We can already see striking similarities between cyber capabilities and air power. Just as air power added a new dimension to modern warfare, so do cyber capabilities. Many typically view Computer Network Attack (CNA) and Computer Network Exploitation (CNE) as solitary events, but they can also be used in “combined arms” scenarios (much like targeted air strikes vs close air support).  One day doctrine related to cyber warfare will be required reading for young military officers, just like Sun-tzu, Clausewitz, and Jomini.

Apple Pwnage – Nitesh and I reported a vulnerability to Apple (CVE-ID: CVE-2008-3638). I’ll go over the details on the blog as soon as some loose ends get tied up.

Win7 – I finally took the advice of Rob Hensing and Dave Weston and switched to Win7 as my primary OS…. So far, it absolutely ROCKS.

Great talk by a respected haxor….

Posted by xssniper | Filed in Uncategorized | 1 Comment »


Friday, July 11th, 2008

Married in Maui!

I’ve been Maui for the last two weeks and it was AWESOME.  My girl and I had our wedding ceremony on a beach in Kihei and our reception “upcountry” in Kula.  It was great being back on the islands, catching up with friends and family. 


For some reason, I feel energized… Maybe it was the Hawaii sun or may all those late night hacking sessions were finally catching up…  or maybe I’m just getting old :p … but I feel good now! 


I was pretty much offline for the entire time, so if you’ve sent me an email within the past week  I’ll eventually catch up on my email and respond, otherwise I’ll SEE YOU IN VEGAS!!!

Posted by xssniper | Filed in Uncategorized | 5 Comments »


Saturday, June 21st, 2008

Clarification for “BK on Safari, hunting Firefox…”

Is Safari 3.12 affected by the vulnerability you mention in, BK on Safari, hunting Firefox?  The “carpet bomb” behavior COULD have been used in conjunction with Firefox to steal user files.  This specific scenario has been patched.
Can an attacker use other, non-obvious ways to abuse the Safari (3.12)/Firefox interaction to steal files from the local file system?  Yes, I know of three separate methods to accomplish this (Firefox 3 lessens the risk).  Vendors have been informed and no details will be provided to the public.  Don’t ask for additional details, I won’t give them until all this is straightened out.  


Whose fault is this?  That’s the whole point of the post.  We have interaction between different software from different vendors.  In isolation, the behaviors that are being abused here are not a high risk.  It’s only when you combine the behaviors does it constitute a risk.  Who should we blame?  I don’t know, I don’t think anyone really knows… lots of people have their opinions though. :)




Posted by xssniper | Filed in Uncategorized | 7 Comments »