- The sample in question is an agent used by hosts who are participating in a peer-to-peer (P2P) botnet;
- The intended purpose of the botnet is to perform distributed denial of service (DDoS) attacks against a randomly selected network;
- Peers within the botnet communicate over a P2P protocol based on UDP; and
- The linking process used by peers within the botnet relies on an iterative technique which can be used to bypass broadcast domain segmentation. In the author’s own words:
Aug 20, 2016
If you think about it, a remotely exploitable heap corruption vulnerability might just make for the best horror story that you could tell around a campfire. With this in mind, let's talk about QubesOS, and Subgraph.
Apr 3, 2016
A botnet is a number of Internet-connected computers communicating with other similar machines in which components located on networked computers communicate and coordinate their actions by command and control or by passing messages to one another. Given that the sample in question contains a well-formed description of itself, we can directly infer the following information:
Mar 13, 2016
RSA-BDH is an asymmetric backdoor for RSA based on the Diffie-Hellman assumption and is suitable for compromising short RSA keys in black-box environments.
Mar 13, 2016
There are two classes of zero-knowledge proofs in the world, and Donald Trump's campaign speeches are an example of one of them.
There are two classes of zero-knowledge proofs (ZKPs) in the world. The first class of ZKP is used by a claimant to attest to the veracity of a given proposition without revealing any information about their solution. The second is used by politicians like Donald Trump to attest to the veracity of a given proposition without revealing whether or not they actually have a solution, or even understand the proposition in the first place.
Mar 3, 2016
Based on the result of 51/56 positive scan results,
VirusShare_0268d86f4bbdfb7ebcfff7f2c0959453.exe appears to be a variant, or mutation of Win32/Winwebsec.
Malware strains in this family tend to masquerade as legitimate software in order to gain the trust of users, and may take advantage of this relationship for financial gain. Once this relationship has been established, malware in this family has the ability to take advantage of a user’s system with, or without their consent.
Feb 7, 2016
Do you remember 'Bangarang', that hit song by Skrillex? Yeah, this is nothing like that.
Jul 18, 2015
A weekend experiment with Minecraft, MySQL, and MayaVi gone horribly right.
Jul 4, 2015
Is that a penetration testing tool in your pocket, or are you just happy to see me? This guide will help you set-up Arch Linux on your old Android smartphone, as well as a handful of your favourite penetration testing tools.
Nov 9, 2014
System calls allow for user space programs to request kernel services such as the scheduler, and device drivers. Let's write one together.
Aug 20, 2014
Berkeley/BSD packet filters can be used for stateless, protocol-agnostic network traffic filtering by examining the headers, and payload associated with packets in a given stream of network traffic.