Difference between revisions of "Summerschool Aachen 2005/Challenges"
m (Reverted edits by Oxudocopaj (talk) to last revision by 134.130.246.232) |
|||
(12 intermediate revisions by 10 users not shown) | |||
Line 1: | Line 1: | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== Open Challenges == | == Open Challenges == | ||
+ | *[http://ilja.netric.org/chall/ formatstringbug and race condition challanges (more challanges on the way)] | ||
*extend p0f to fingerrprint ScaPy (default) packets | *extend p0f to fingerrprint ScaPy (default) packets | ||
*find a way to fingerprint | *find a way to fingerprint | ||
Line 17: | Line 12: | ||
*Build a minimal DHCP Server on ScaPy | *Build a minimal DHCP Server on ScaPy | ||
*Build an Fingerprinting Tool for | *Build an Fingerprinting Tool for | ||
− | ** | + | ** dhcp |
** rsync | ** rsync | ||
** ssh | ** ssh | ||
− | |||
* Look into timing/fingerprinting SSH | * Look into timing/fingerprinting SSH | ||
** (avoidance) | ** (avoidance) | ||
− | * Write a | + | * Write a chapter for [[/TheBook]] |
+ | |||
+ | == Challenges in Progress == | ||
+ | |||
+ | * Daniel & Yves - glibc 2.3.5 look at how to exploit heap-based overflows (avoiding the checks) | ||
+ | * Typo & Ilja - 0wn putty | ||
+ | ** Update: We found some exploitable bugs. --[[User:Typo|Typo]] 18:10, 20 Sep 2005 (CEST) | ||
+ | * Max feat. Christian: [[/SSL fingerprinting]] | ||
+ | * Chris - Fake driver to replace Apple's IOI2CMotionSensor for further reverse engineering of the motion sensor driver | ||
+ | * Lorenzo | ||
+ | ** Pick Ilja's challenges up (didn't look at labsession.pdf yet; it should contain more challenges) | ||
+ | ** Just started a glibc function fuzzer (even if I guess it will take long time, tho :-) | ||
+ | ** "Genetic exploit" [to try] to fight against real address space layout randomization. Is it feasible/worth working on? I don't know yet :-) (I'm just starting to think about it; lot of hypotheses and scenario. main issues: fitness function, little knowledge about genetic algorithms :-\) | ||
+ | * Emin | ||
+ | ** A Bluetooth-device scanner based on ScaPy | ||
+ | |||
+ | == Finished Challanges == | ||
+ | |||
+ | * Max: Exif_Thumb finish last years project - '''done''' see [http://lufgi4.informatik.rwth-aachen.de/projects/hiddendata/show] [http://lufgi4.informatik.rwth-aachen.de/news/show/demonstration-of-jpeg-exif-thumbnail-information-disclosure-available] | ||
+ | * Max: RSS fuzzer - '''done''' see http://blogs.23.nu/disLEXia/stories/9928/ | ||
+ | * Christian feat. Max - [http://lufgi4.informatik.rwth-aachen.de/projects/robots verBOTen] - a bot that mirrors only that stuff that is protected by robots.txt see also [http://blogs.23.nu/disLEXia/stories/9963/] | ||
+ | [[Category:Summerschools]] |
Latest revision as of 17:36, 24 November 2010
Open Challenges
- formatstringbug and race condition challanges (more challanges on the way)
- extend p0f to fingerrprint ScaPy (default) packets
- find a way to fingerprint
- Build an HTTP-Infrastructure Fingerprinting Tool
- Scan our strange network, fingerprint the stuff in there, modify existing fingerprinting tools to do so
- Find out how httprint works
- Build a minimal DHCP Server on ScaPy
- Build an Fingerprinting Tool for
- dhcp
- rsync
- ssh
- Look into timing/fingerprinting SSH
- (avoidance)
- Write a chapter for /TheBook
Challenges in Progress
- Daniel & Yves - glibc 2.3.5 look at how to exploit heap-based overflows (avoiding the checks)
- Typo & Ilja - 0wn putty
- Update: We found some exploitable bugs. --Typo 18:10, 20 Sep 2005 (CEST)
- Max feat. Christian: /SSL fingerprinting
- Chris - Fake driver to replace Apple's IOI2CMotionSensor for further reverse engineering of the motion sensor driver
- Lorenzo
- Pick Ilja's challenges up (didn't look at labsession.pdf yet; it should contain more challenges)
- Just started a glibc function fuzzer (even if I guess it will take long time, tho :-)
- "Genetic exploit" [to try] to fight against real address space layout randomization. Is it feasible/worth working on? I don't know yet :-) (I'm just starting to think about it; lot of hypotheses and scenario. main issues: fitness function, little knowledge about genetic algorithms :-\)
- Emin
- A Bluetooth-device scanner based on ScaPy
Finished Challanges
- Max: Exif_Thumb finish last years project - done see [1] [2]
- Max: RSS fuzzer - done see http://blogs.23.nu/disLEXia/stories/9928/
- Christian feat. Max - verBOTen - a bot that mirrors only that stuff that is protected by robots.txt see also [3]