Shellcode :. IT Solutions & Security Research

SECURITY RESEARCH TEAM

MAIN | CONTACT US | CORPORATE

MAIN

ABOUT

SHELLCODES

PROJECTS

ADVISORIES

DOCUMENTATION

Projects

Here you will be able to find our security related projects, generated from personal initiative and developed within a project along with other members of the team.

There are certain projects that are derived from what we call "Heads-Up". These are documents describing a problem generated by our corporative area and offered to our clients.

Considering the difference between "vulnerabilities" and "weaknessess", we believe it's best to deal with the later, along with the related documentation and proof of concept, in this section; and leave the former to the advisories section.

The individual efforts that do not yet have an assigned project and team are published in the st0ff directory list (where you can also find older tools).

Follow our projects :.

01, 2007 Registration Weakness in Linux Kernel's Binary formats (Poluting sys_execve)

Weakness found in the handling of simply linked lists used to register binary formats handled by Linux kernel, and affects all the kernel families (2.0/2.2/2.4/2.6). That's demostrated using root privileges with a POC project, and you could patch preventive using the patches exposed in that document.

2006-11-20:. The detail document publicated	Document (english)
2006-11-20:. The detailed document published	Document (Spanish)
2006-11-20:. Presentation made in H2HC	Presentation (English)
2007-01-20:. The proof of concept source	Proof of concept

12, 2006 JempiScode (Polymorphic shellcode generator)

The way to make shellcodes anti-IDS, and test your execution. Included Linux and *BSD examples.

2003-02-20:. The detailed spanish text	Readme (Spanish)
2006-12-07:. Last source	Version 0.4r3

04, 2003 komahayown (The great commander)

Shellcode client for the remote execution of commands through an inverse connection by random ports on TCP

2003-04-20:. The detailed spanish text	Readme (Spanish)
2003-04-20:. The Workflow	Workflow
2003-04-20:. Last source	Version 0.2b

GOODFELLAS Security Research Team