You allowed this remember?: Bypassing Office Macro Warnings by Leveraging Office’s Poor Memory

Hello paranoids   A couple of days ago i have come across a peculiar behaviour involving Office macros.  You are probably familiar with the "Enable Content" warning whenever you open a document containing a macro. In order to avoid asking the end-user for permission every time he opens the same document, the warning is disabled (i.e. … Continue reading You allowed this remember?: Bypassing Office Macro Warnings by Leveraging Office’s Poor Memory

Advertisements

PympMyBinary: Infecting Binaries

Hello paranoids  This post will be short comes quite late. I would like to introduce you my latest creation: PympMyBinary (GitHub URL). PympMyBinary is a binary infector with the purpose of injecting shellcode into legitimate binaries. The entrypoint for the binary is overwritten so that the shellcode is executed first. The execution is then passed … Continue reading PympMyBinary: Infecting Binaries

Client-side anti-bot mechanism #exerciseinfutility

Hello paranoids Today, i bring a laughable case of input verification and anti-bot measures. Let us get straight to the point, shall we? When checking an online contest , i stumbled across this (the form is from a Portuguese website and was on Portuguese as well): BI is an 8-digits string representing unequivocally a citizen (citizen ID of … Continue reading Client-side anti-bot mechanism #exerciseinfutility

Technicolor TG784n v3 hidden dangers and privilige escalation (made simple)

If you are reading this post: congratulations!, you are reading my first post ever on a blog. I am pretty sure we share (if you like security) some concerns regarding internet-connected devices in your house, specially those you can't understand correctly (in my case smartphones and ISP devices). This post regards the latter since, even … Continue reading Technicolor TG784n v3 hidden dangers and privilige escalation (made simple)