argp's blog

The new Phrack issue is out at last!

My contribution to Phrack issue #66 is an article on exploiting FreeBSD’s kernel memory allocator, or UMA – the universal memory allocator. The initial inspiration to work on this subject came to me from signedness.org challenge #3 by karl, therefore I felt it was the right thing to do to add karl as a co-author.

Issue #66 contains in total three articles by Greek authors, Exploiting DLmalloc frees in 2009 by huku and Exploiting TCP Persist Timer Infiniteness by ithilgore in addition to mine. And that’s just amazing!

I have updated my last.fm irssi script:

Spiros has recently unveiled his latest pet project; a meta search engine for Perl resources. A very helpful and time saving idea (not to mention the cool logo with the slick font).

I wrote an irssi script that displays the most recent last.fm audioscrobbled track. You can find it here; it is published under a BSD-style license.

The script polls the specified last.fm profile for the most recent audioscrobbled track every $timeout_seconds (default is 120). The track is displayed only in the channels specified in the @channels array or, if @channels is undefined, in the active window. Be careful if you want to change the value of $timeout_seconds; too aggressive polling may get your IP blacklisted.

Put it in ~/.irssi/scripts/lastfm.pl, load it with /script load lastfm.pl and start a new session with /lastfm start your_lastfm_username. /lastfm help outputs usage details.

Suggestions and bug reports are welcome.

This patch I coded against netris version 0.52 allows you to send junk rows to your opponent. The default key to do this is h and the default number of rows to send is 1. You can change the former by remapping the keys (with the -k switch) and the latter with the new -j switch (see the output of netris -h for more details). Have fun and don’t be too mean.

My latest coding project is pykeynote; a Python extension module for KeyNote. It provides a high-level, object-oriented interface to the KeyNote trust management API. From the KeyNote web page:

Trust management is a unified approach to specifying and interpreting security policies, credentials, and relationships; it allows direct authorization of security-critical actions. KeyNote credentials describe a specific delegation of trust and subsume the role of public key certificates; unlike traditional certificates, which bind keys to names, credentials can bind keys directly to the authorization to perform specific tasks.

For more information on KeyNote see RFC 2704, keynote(1), keynote(3), keynote(4) and keynote(5). Also, a nice introductory article can be found here.

Although I have developed pykeynote on Linux, and minimally tested it on OpenBSD, it will probably work on all Unix-like systems that satisfy the following requirements:

• Python version 2.3 or higher.
• Pyrex version 0.9.4 or higher (optional).
• The KeyNote trust management system (tested with version 2.3).
• The OpenSSL cryptographic toolkit (tested with version 0.9.8d).

For the details you can browse the SVN repository; I have included a comprehensive testsuite and a sample application. There is also the epydoc generated API documentation to help you start coding.

I recently ported the Stanford IBE library to Windows and Windows CE. You can get both ports from my software projects page. My Windows port builds natively using the MSVC++ development tools, while the one provided at the Stanford IBE page was cross-compiled for Windows with a Linux port of mingw and only includes the application binaries.

Note: On Windows CE the generation of the Solinas prime in the function IBE_setup (file ibe_lib.c) usually takes a couple of seconds.

Gimpel Software (I have absolutely no affiliation with them) have a nice bug of the month section in their website. Although it mainly serves as a promotion mechanism for their commercial lint utilities, it offers a nice opportunity to test and keep sharp your C (and to a lesser extend C++) bug hunting abilities.

I have ported the elliptic curve cryptography library (ECC-LIB) written by Elisavet Konstantinou, Yannis Stamatiou and Christos Zaroliagis to Windows and Windows CE. The actual package can be found on my software projects page. While you are there also get my port of GMP to Windows and Windows CE, which is required for the compilation and use of ECC-LIB. I have extensively tested both these ports on Windows XP and CE and I am satisfied with their stability. Unfortunately, I only have access to Compaq iPAQ H3630 (ARM) handhelds running the Windows CE (3.00) Pocket PC 2002 operating system. If you have any other handheld configuration running a different version of CE and test these ports, please let me know. At the moment I am working towards a detailed performance analysis of ECC-LIB on WinCE. I think that the comparison with some of my previous results will be very interesting.