«
Expand/Collapse
43 items tagged "analyzer"
Related tags:
spectrum [+],
tool [+],
spectrum analyzer [+],
logic [+],
firewall [+],
cross [+],
buffer overflow vulnerability [+],
wireshark [+],
visual c [+],
visual [+],
manageengine [+],
eventlog [+],
logic analyzer [+],
world writable [+],
vulnerability [+],
linux systems [+],
glyptodon [+],
file [+],
audio [+],
weakness [+],
travis goodspeed [+],
source [+],
network analyzer [+],
network [+],
microcontroller [+],
memory allocator [+],
im me [+],
heap allocations [+],
heap [+],
digital [+],
denial of service [+],
classic [+],
chaos communication congress [+],
channel logic analyzer [+],
channel [+],
Wireless [+],
vulnerabilities [+],
unsniff [+],
ti 84 [+],
test frequency [+],
surface [+],
superprobe [+],
software vulnerabilities [+],
simon inns [+],
signal generator [+],
signal [+],
service vulnerability [+],
security science [+],
sandbox [+],
safer use [+],
ronald de bruijn [+],
rightmark audio analyzer [+],
rightmark [+],
read [+],
radio enthusiasts [+],
radio board [+],
radio [+],
python script [+],
portable spectrum analyzer [+],
pic [+],
pcb artwork [+],
ossman [+],
oscope [+],
oscilloscope [+],
open workbench [+],
open source tool [+],
opamp [+],
nokia 5110 [+],
multitasker [+],
multimeter [+],
miguel a. vallejo [+],
microcontrollers [+],
michael vincent [+],
michael ossmann [+],
michael ossman [+],
macgyverism [+],
logic analyzers [+],
linux network [+],
linux [+],
link transmitter [+],
ism band [+],
ian lesnet [+],
hobby electronics [+],
hackaday [+],
graphic calculator [+],
goodspeed [+],
fred [+],
doo dads [+],
domxss [+],
dominator [+],
couple handfuls [+],
christian weichel [+],
cellphone [+],
catalogue changes [+],
calculator [+],
cahoots [+],
bugtraq [+],
ben ryves [+],
based buffer overflow [+],
audio signal [+],
attack [+],
arduino [+],
analyzer tool [+],
analog signal [+],
amateur radio operators [+],
alton brown [+],
Software [+],
Countermeasures [+],
hacks [+]
-
-
7:01
»
Hack a Day
Sooner or later, you’re going to need a logic analyzer. If you don’t have a Bus Pirate or Logic Sniffer lying around, [Joonas] has a great MacGyverism that turns an oscilloscope into the simplest logic analyzer ever. The basic premise of the build is tying four digital lines to the analog input of an oscope. This [...]
-
-
21:37
»
SecDocs
Authors:
Julien Vanegue Tags:
heap overflow heap Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: The dynamic memory allocator is a fundamental component of modern operating systems, and one of the most important sources of security vulnerabilities. In this presentation, we emphasize on a particular weakness of the heap management that has proven to be the root cause of many escalation of privilege bugs in the windows kernel and other critical remote vulnerabilities in user-land applications. The problem is not specific to any operating system and is present in both user-land and kernel-land allocators. The presentation is divided into three parts. First, we will reveal the exact nature of the weakness and provide a taxonomy of all tested operating systems (both in the Windows and UNIX world, most of them are exposed). We then present a custom static analyzer for this class of defects based on the HAVOC framework, a heap-aware verifier for C programs, developed in the RISE team at Microsoft Research. We have deployed the analyzer on multiple kernel components, some of them reaching one million lines of C code. The analyzer produces a reasonable amount of warnings without any complex configuration. Finally, we generalize our analysis technique by characterizing what happens when the size of heap chunks is in the neighbourhood of zero (e.g. near-zero allocations) and give another example of fixed remote bug. We emphasize that this weakness should not be considered as a new class of vulnerabilities (such as buffer overflow), but rather a new type of code defect in the same style as integer overflows, as many occurrences are legit and do not lead to a bug.
-
21:37
»
SecDocs
Authors:
Julien Vanegue Tags:
heap overflow heap Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: The dynamic memory allocator is a fundamental component of modern operating systems, and one of the most important sources of security vulnerabilities. In this presentation, we emphasize on a particular weakness of the heap management that has proven to be the root cause of many escalation of privilege bugs in the windows kernel and other critical remote vulnerabilities in user-land applications. The problem is not specific to any operating system and is present in both user-land and kernel-land allocators. The presentation is divided into three parts. First, we will reveal the exact nature of the weakness and provide a taxonomy of all tested operating systems (both in the Windows and UNIX world, most of them are exposed). We then present a custom static analyzer for this class of defects based on the HAVOC framework, a heap-aware verifier for C programs, developed in the RISE team at Microsoft Research. We have deployed the analyzer on multiple kernel components, some of them reaching one million lines of C code. The analyzer produces a reasonable amount of warnings without any complex configuration. Finally, we generalize our analysis technique by characterizing what happens when the size of heap chunks is in the neighbourhood of zero (e.g. near-zero allocations) and give another example of fixed remote bug. We emphasize that this weakness should not be considered as a new class of vulnerabilities (such as buffer overflow), but rather a new type of code defect in the same style as integer overflows, as many occurrences are legit and do not lead to a bug.
-
-
11:01
»
Hack a Day
If you’re just getting into hobby electronics chances are there are lots of tools you’d like to get you hands on but can’t yet justify the purchases. Why not build some of the simpler ones? Here’s a great example of a 4-channel logic analyzer that can be your next project and will add to your [...]
-
-
9:01
»
Hack a Day
[Camilo] built a spectrum analyzer to use with his audio system (translate). The hardware is quite simple, using an op-amp, microcontroller and LCD display. He chose an LMV324M low-voltage op-amp which connects to the incoming audio signal and feeds its output to the microcontroller’s ADC. In this case, he chose a Freescale microcontroller from the HCS08 [...]
-
-
4:04
»
Hack a Day
[Fred] dropped a note in our tip line to let us know about arduino forum user [bilbo]‘s latest project: A 3-in-one spectrum analyzer, oscilloscope, volt-meter combo. The build consists of an Arduino, radio board and Nokia 5110 LCD breakout board. The (thin) video after the jump shows the rig in action. Though soldered to a [...]
-
-
11:21
»
Hack a Day
One thing we learned by watching [Alton Brown] on all of those Good Eats episodes is that a multitasker is way better than a unitasker. [Joost] is thinking along the same lines by taking a fantastic tool and adding a useful function to it. His software project turns a USB Saleae Logic Analyzer into a signal [...]
-
-
15:32
»
Packet Storm Security Recent Files
Glyptodon is a little file-system analyzer for Linux systems. It is written in bash and it comes with an installer to make it run everyday automatically. This script writes some general information about file permissions, socket, ownership, etc. It also verifies the file-system for potential risks, such as set-uid files, world writable files, symlinks nouser files, etc.
-
15:32
»
Packet Storm Security Tools
Glyptodon is a little file-system analyzer for Linux systems. It is written in bash and it comes with an installer to make it run everyday automatically. This script writes some general information about file permissions, socket, ownership, etc. It also verifies the file-system for potential risks, such as set-uid files, world writable files, symlinks nouser files, etc.
-
15:32
»
Packet Storm Security Misc. Files
Glyptodon is a little file-system analyzer for Linux systems. It is written in bash and it comes with an installer to make it run everyday automatically. This script writes some general information about file permissions, socket, ownership, etc. It also verifies the file-system for potential risks, such as set-uid files, world writable files, symlinks nouser files, etc.
-
-
7:10
»
Hack a Day
[Debraj] wrote to us describing a project he recently completed – a simple, compact spectrum analyzer using a 16-bit dsPIC microcontroller. The analyzer is fed an analog signal, which is passed through a large resistor followed by an opamp. A DC offset is then applied to the signal, after which it is passed through a [...]
-
-
7:35
»
Hack a Day
This spectrum analyzer project seeks to improve the quality of tools available to amateur radio operators. A lot of thought has gone into the design, and those details are shared in the verbose project log. The case was originally a CATV link transmitter, but most of the controls seen above have been added for this [...]
-
-
9:58
»
Hack a Day
[Simon Inns] just rolled out his latest project, a PIC based spectrum analyzer. He’s using a Fast Fourier Transform routine crafted in C to run as efficiently as possible on the 8-bit chip. The video after the break shows that the results are quite pleasing, with just a bit of noticeable lag between the sound [...]
-
-
6:30
»
Hack a Day
A small, cheap spectrum analyzer with an LCD can be a fun thing to play with. But to be truly usefully you need access to raw data, and lots of it. [Travis Goodspeed] set out to make that possible by pulling data with a GoodFET and a Python script. He started with [Michael Ossmann's] IM-ME [...]
-
-
7:51
»
Hack a Day
[Michael Vincent] turned his TI-84 Plus into a spectrum analyzer. By running some assembly code on the device the link port can be used as an I2C bus (something we’ll have to keep in mind). After being inspired by the cell phone spectrum analyzer he set out to build a module compatible with the calculator [...]
-
-
11:10
»
Hack a Day
[Christian Weichel] has been hard at work developing LogicAnalyzer, an open source tool that may interest you. It is designed with SUMP Logic Analyzers in mind but a main goal is expandability. What this means is that it plays nicely with things like the Open Workbench Logic Sniffer or you can do a bit of [...]
-
-
9:30
»
Hack a Day
The Superprobe is a logic analyzer, multimeter, and much more rolled into a fun to build project. [Ben Ryves] didn’t come up with the original idea, but he definitely took a good thing and made it better. You can use it to test logic, inject logic into a circuit, read capacitors and resistors, test frequency, [...]
-
-
12:30
»
Hack a Day
If you’ve got a graphic LCD lying around you can build this four-channel logic analyzer with a couple handfuls of cheap components. [Ronald de Bruijn's] design uses a PIC18F4580 to sample up to four logic inputs at a maximum resolution of 2 MHz. He’s included the PCB artwork so that you can etch your own [...]
-
-
9:00
»
Hack a Day
[Michael Ossmann] rolled out some firmware that makes his IM-ME into a Spectrum Analyzer. He met up with [Travis Goodspeed], who authored the IM-ME flashing guide, at SchmooCon and spent some time hacking wireless doo-dads in the hotel bar. Once he arrived home the new firmware was just a few coding sessions away from completion. [...]
-
-
15:28
»
Hack a Day
Hackaday alum [Ian Lesnet] has been working in cahoots with a dedicated team of developers to produce the OpenBench Logic Sniffer. This caseless logic analyzer can operate at 100MHz and sample 32 channels at once. Better yet, a digital oscilloscope add-on is in the works. The pre-order comes in at $45, that’s a lot of [...]
-
-
12:41
»
Hack a Day
[Miguel A. Vallejo] wanted a portable spectrum analyzer for the 2.4GHz ISM band. No problem, there’s modules for that are easy to interface with a microcontroller and LCD screen. But carrying around a black project box doesn’t exactly scream ‘cool’ so he fit his spectrum analyzer inside of a cell phone. This made a lot [...]
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution