TUCoPS :: HP Unsorted R :: b06-3993.htm

Research.eeye.com
EEYE: research.eeye.com
EEYE: research.eeye.com


This is a multi-part message in MIME format.

------_=_NextPart_001_01C6B5BC.8268705A
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi,

I am happy to announce to the first incarnation of
http://research.eEye.com. On this site you can find everything from our 
previously released advisories to our previously unreleased research
tools. A lot of these tools are seeing daylight for the first time
outside of eEye so we do expect there to be bugs we have not noticed
before. We definitely encourage your feedback. You can provide such
feedback directly to research via skunkworks@eeye.com. 

Besides the new site, which will continue to be updated, we are also
releasing a few new tools today:

eEye Binary Diffing Suite
You can probably guess what this is... It is a new set of free tools we
are releasing that can be used to perform binary differential analysis.
This is obviously very useful in doing patch reverse engineering and
related tasks. There are still some bugs to be worked out so expect some
more updates over time not only in bug fixes but also as we expand its
capabilities as far as function matching etc... We have released this as
open source so feel free to send email feedback or questions, and if you
so chose, improvements.

Duster
Duster is the Dead/Uninitialized Stack Eraser, an injectable DLL that
causes uninitialized stack and heap memory in its host process to be
wiped over with a specific value. It is intended as a crude tool to
assist in the run-time discovery of uninitialized memory usage problems
by increasing the chances that the host process will raise an exception
when a value in uninitialized memory is used. The Duster DLL activates
automatically upon being loaded into a process. Windows NT
4.0/2000/XP/2003 only.

We also have done some updates to some classics including BootRoot with
the release of the SysRQ.iso so you can subvert the Windows kernel as it
loads and spawn a nice SYSTEM command prompt, equally useful for system
administrators who forget their password etc... We also have posted the
presentation for PiXiE which is a proof-of-concept network boot virus,
for those of you moving to thin clients, you might want to double check
the security of said systems.

And there is of course "the blog" with which we finally have joined the
masses of teenagers and security researchers alike who want to tell you
about every waking moment of their lives. Ours should be a repetitive
mix of 0day, Tequila and of course as you would expect, security rap
lyrics.

Lastly while speaking of blogging I am sure there will be some
interesting things to "blog about" at this years Blackhat in Vegas.

We hope to see all of you out there, and for those that can not make it,
see you next Tuesday!

Signed,
Marc Maiffret
Founder/CTO
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9329
http://eEye.com/Blink - End-Point Vulnerability Prevention 
http://eEye.com/Retina - Network Security Scanner 
http://eEye.com/Iris - Network Traffic Analyzer 
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities 

------_=_NextPart_001_01C6B5BC.8268705A
Content-Type: application/ms-tnef;
	name="winmail.dat"
Content-Transfer-Encoding: base64

eJ8+IjAWAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy
b3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEEgAEAGAAAAEVFWUU6IHJlc2VhcmNoLmVl
eWUuY29tABIIAQWAAwAOAAAA1gcIAAEADwAuACIAAgBHAQEggAMADgAAANYHCAABAA8ALwAvAAIA
VQEBCYABACEAAAA3MDhBRUFGNDI1MjFGNjQxQTQ5RTBDQjFDNzI2QUNFNwBGBwEDkAYAkA0AAC8A
AAALAAIAAQAAAAMAJgAAAAAAAwA2AAAAAABAADkAoHBEV7y1xgEeAD0AAQAAAAEAAAAAAAAAAgFH
AAEAAAA8AAAAYz1VUzthPSA7cD1lRXllIERpZ2l0YWwgU2VjO2w9QVYtTUFJTDAxLTA2MDgwMTIy
NDc0N1otMTA0NjcAHgBwAAEAAAAYAAAARUVZRTogcmVzZWFyY2guZWV5ZS5jb20AAgFxAAEAAAAW
AAAAAca1vFc6D7OLIO4ZRjOpCh7vyiagWgAAHgAaDAEAAAAOAAAATWFyYyBNYWlmZnJldAAAAB4A
HQ4BAAAAGAAAAEVFWUU6IHJlc2VhcmNoLmVleWUuY29tAAIBCRABAAAAaAgAAGQIAAAeDQAATFpG
dTW7dIgDAAoAcmNwZzEyNeIyA0N0ZXgFQQEDAff/CoACpAPkBxMCgA/zAFAEVj8IVQeyESUOUQMB
AgBjaOEKwHNldDIGAAbDESX2MwRGE7cwEiwRMwjvCfe2OxgfDjA1ESIMYGMAUDMLCQFkMzYWUAum
IEgcaSwKogqECoBJIGEEbSAT4HBweSB0Em8d8G5uCGBuY2XJHoJ0aB8wZmkUAAVAhQuAYwrAbmF0
aQIgGCBvZh4gAkBwOi8eLxggFBAKwBPQLmVFCHllLgWgbS4gTzcDoB+ABAAgAJAOsCB5HQhgICBA
A6AfwG5kIJRldgSQeSLhbmcfsKcDYSDQCHAgcBggdiCg2HVzbB5wGCBsIbAUEOkkMGFkJcBzBbAI
kAQgfx6RJV0fACZHIYYegQbwc/kikEEgF7AFQCDhH4EUED8p1B3wGCAjIAngJMJkYfB5bGlnIRAf
sAWxH4j3IJAHgCVBdACQAQAg0iISayMgHqB3HzBkHqAOwHBfBZAtoR+QK7EekWIfMGK8dWcEIC9B
E+AkYCAe4H8FQDGhDeAmoTCgLOEiQCD+Vy9RARALgCNBJhEJ8AWgWQhwYWcjYwXAZgngZGpiANBr
IpBZI5UlkG/7JcAuYXMa0CnANLYsQB/QXy/RJhEekSlXJcBhIyBriR8Aa3cFsGtzQAngeyI1HSpC
B5AuUSdhH5FuewfRIzIsLzAi8CmxA/BsPwMgBaACMAuAClAwZXVw+yxQDrBkPAEfMCuiB0AvEf8m
RCTCOKA0sAfgO4IrRB6Q7SxROh0qLsNCC4AKwB5wzkQGkCQBJOBTdSNBHSTvNVk08AJgHnBnClAE
ETwglyCAItQEAC5F8CBJIAH/K4E7dBQgINIDUAngKzU+Vf8/GB+ARVEjwj2SJpIekS/A9nIs4R4Q
YkI0NzABIDAxbzzxB0AesQdAeQCQKiFUO0WUINBiJcYkYknSZnXfAyALgC9hJMIKsHQpsSWh9wSQ
KxEJ8GcLgAngBRA/gv8kISZBPfIegCaAOUBMojAy/yujIJA8oScQLeEw0zB0ORL/JqEuES8CL6VT
AwRgK7E9xP9NISRhLbQxogIgJhFOoTDR/R+xeAeRMNAFQD7DJoAvMv8voVDSI0AEICBACrBK4CyA
9yCQB5FZAWYKwVriHwEgk+8AwE9RJMIUIGNF8jLhMVP3Jkci41kBby/AA6AnEAhw/x8hLxE0sQMg
R2Ur0SQiAMC3AxE2pwWxcUThIJJzPADfWZMg8COCLxET0G8UEDwAvwdwNdJgsEuxKiAdKkQl8F0O
sHJlCkZSH4JEIbBknC9VAwAzUQcxaXomobZTAZA3AUU0EBQQcmJinSARai/RRIFm4UxMSRb/SeEE
IB8AZ3of8DbyUNIfkP8eQFWQYLAFsFeDWdJjcQVA/zXRHyAEEVOlBSBUQlaCA/D7H4A/oXMvwQaQ
DeA4cAdA/wpQRhYLgA6wJCAmokZyBQD+dS5hKeIegwQQBAAgAh9z+XJAbi0twzcwBPBWch5wfyDh
avxsxSXwNCJEQiZgbf9YUVeCBQBItx8wE9EfETsi/0VTMTFtujyDNBAEAD5hA6D/DsAfIAUwIKI8
IF7BOKBwg/9OknVfbPNq0SaRUeNCgGY0/2nyANAgkHCAVjJqkB6QXBH3DeAHQChycCCxMKAkwhew
fybQJqFxUR6hbeYywSQRbwJ3B6FUIDQuMC+jAdCEgC9YUIRiM1dD/zn7MuE+wzFTL3A7gFL0Vfbb
YDJTEmMLYHMhY3EyiMDrclAkwkIp8HQIACqBb4MPc7MmVCqlFFFzUlEu/ycBLwIjhjZQTVAEkHlk
g4b/VDAEoF+xWQEjQIIDK4EkITlv8GF3fEIDAB8hU1nQU1RFTTzBbQOBJDDrNdFj4HQ8AGVh0IEU
TkS9LOJzTGAOsB4QJtBtM0H/H/A0EB6QFAA8EV9xBbA0MP8v8x/QTyEEEDkRJDFct4aI/4FwZYFe
AnbiIZECMCCELOLgUGlYaUU8FUZjNdG9IOAtmrE80XuSO3F0ORL/MJCKQiXAckBiUSzkY4Eg0v8j
ggRgJcBI8h9iTqGIwAiQ72RhPACdoyyTdwBwLaEeoP8vcI1gacET0AWQNxAfghQQ+mMIcXR1A3aw
LlCTZWSMfkEkITAUTRIg8DPiKxEi4x+CAmBvZyJvdDwlH6L3TDEmETFTak7hl/UAwAQQ/1ZCKsEJ
4TQhlKGPw6GmIYb/qWMsgFQwlMOgBjNxAyAjgu8BoFRyJFOf8WskwgRgZELfKqWVsSyAJGAqIU+l
ASMg/2NwTnAyQj+hGCAvwCCQgAG3VYFYICDSMCxRPABUkkH/AxA4oFDSpLhZASOCORCwAv8vpDwA
qehskSYQBRCJIDn7/kwmgDeCPCFpwW/xrbQg4f+lolAxJOAd4zZQMEIwIzyD/zChUwNxUiGBPQFJ
AiTBJ2P+IqWirNSl4EVWIjAT8UIQjwtgNRBFQk6hVmVnJoD/hY5jcC/AYCQ+ogMgnXVUcv8wE2Jk
nNhJJzGiAMCrYSNAb7SiI2Q7gA7RVEThLFEh3R0qUyyQp+EdFU0hwQXQ1wtwASAYIHQdJEYe8QSB
0C9DVE8dJEMi8AEQ9xzgNQEkwk9CsR8gZbUuw39CkFAwAZADIAZgobQdJFRALjk0OS4zzOE5HDA2
DlDH9MzIMzI5dx0kIRUiFi+9wAuANxAts2iAJCAtUE7hBUBWTnDvO4A0EFpTHnBQT5I88QIg+87f
z+NSsMEgcNCBB8CbtL/L1gYAI8HRgdLfz+NJBRD7BCDUqFQ0EMpCEMBMMmfwx9Y/z9TL02VJSQXw
0JD/aDBeoI6AHuCQMiQhOOHcE13bUnbRaSdCHSR93tAeADUQAQAAAEcAAAA8QTY0MUNFQUREQkFF
QUU0Qzk2RkM1QkY4NTQ2OTUyNjgwMTM5RTM0M0Bhdi1tYWlsMDEuY29ycC5pbnQtZWV5ZS5jb20+
AAADAIAQ/////x8A8xABAAAAPAAAAEUARQBZAEUAJQAzAEEAIAByAGUAcwBlAGEAcgBjAGgALgBl
AGUAeQBlAC4AYwBvAG0ALgBFAE0ATAAAAAsA9hAAAAAAQAAHMAIOZoK8tcYBQAAIMBqDe4K8tcYB
AwDeP59OAAADAPE/CQQAAB4A+D8BAAAADgAAAE1hcmMgTWFpZmZyZXQAAAACAfk/AQAAAG4AAAAA
AAAA3KdAyMBCEBq0uQgAKy/hggEAAAAAAAAAL089RUVZRSBESUdJVEFMIFNFQ1VSSVRZL09VPUZJ
UlNUIEFETUlOSVNUUkFUSVZFIEdST1VQL0NOPVJFQ0lQSUVOVFMvQ049TU1BSUZGUkVUAAAAHgD6
PwEAAAAVAAAAU3lzdGVtIEFkbWluaXN0cmF0b3IAAAAAAgH7PwEAAAAeAAAAAAAAANynQMjAQhAa
tLkIACsv4YIBAAAAAAAAAC4AAAADAP0/5AQAAAMAGUAAAAAAAwAaQAAAAAAeADBAAQAAAAoAAABN
TUFJRkZSRVQAAAAeADFAAQAAAAoAAABNTUFJRkZSRVQAAAAeADhAAQAAAAoAAABNTUFJRkZSRVQA
AAAeADlAAQAAAAIAAAAuAAAAAwB2QP////8DAAlZAQAAAAsAh4EIIAYAAAAAAMAAAAAAAABGAAAA
AA6FAAAAAAAAAwDrgQggBgAAAAAAwAAAAAAAAEYAAAAAAYUAAAAAAAALAPCBCCAGAAAAAADAAAAA
AAAARgAAAAADhQAAAAAAAAMA+oEIIAYAAAAAAMAAAAAAAABGAAAAABCFAAAAAAAAAwABggggBgAA
AAAAwAAAAAAAAEYAAAAAGIUAAAAAAAALACCCCCAGAAAAAADAAAAAAAAARgAAAAAGhQAAAAAAAAsA
IYIIIAYAAAAAAMAAAAAAAABGAAAAAIKFAAAAAAAACwApAAAAAAALACMAAAAAAAMABhB+LbODAwAH
EGwJAAADABAQAAAAAAMAERAAAAAAHgAIEAEAAABlAAAASEksSUFNSEFQUFlUT0FOTk9VTkNFVE9U
SEVGSVJTVElOQ0FSTkFUSU9OT0ZIVFRQOi8vUkVTRUFSQ0hFRVlFQ09NT05USElTU0lURVlPVUNB
TkZJTkRFVkVSWVRISU5HRlJPTQAAAAACAX8AAQAAAEcAAAA8QTY0MUNFQUREQkFFQUU0Qzk2RkM1
QkY4NTQ2OTUyNjgwMTM5RTM0M0Bhdi1tYWlsMDEuY29ycC5pbnQtZWV5ZS5jb20+AABw/g=
------_=_NextPart_001_01C6B5BC.8268705A--

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH