Friday, September 23, 2011


Hi Folks,
today I want to share a very nice plugin made by Tamaroth, called IDA2Latex. As many researchers I do have the problem of converting "IDA codes" (in other words, what IDA disassembles ) into Latex source code to print out a nice paper. I always used screenshots and then applied the resulted PNG (JPEG or PDF) images in the documents, but I hadn't perfect results. Indeed, the  resolution (especially on the printed versions of the papers) was pretty poor and it was pretty hard to read. Today thanks to IDA2LateX everything is better. Following the result:

From IDA by using the plugin you can save a .tex file like this one:

Once compiled it becomes :

Which is great ! Acoording to Tamaroh the plugin is is still a little bit bugged (it's on its first release), but I am confident in seeing it pretty soon in a stable version. Now I am just waiting for something like that applied to Blogs :D .... specially for blogger  .... 

Thursday, September 22, 2011

Bug Hunting

Sometime people (often it happens with good students) asks to me how to find vulnerabilities. This is a great question but unfortunately the answer might take forever. The short answer is to look for bugs. Indeed, a vulnerability is a specific bug. A vulnerability is a particular bug which affects the security of the entire system. So usually I say,  find a bug, then come to me and I will show you how it's possible to transform some kind of bugs in vulnerabilities.

Well, the second question comes automatic, how do I find a bug ? Even this answer could fill up a whole book but usually I say: you might find a bug by doing fuzzing. Today I wanna introduce to you BAD: the Bruteforce Exploit Detector.

BED is a program which is designed to check daemons for potential buffer overflows, format string bugs et. al. BED simply sends the commands to the server and checks whether it is still alive afterwards.
Of course this will not detect all bugs of the specified daemon but it will (at least it should) help you to check your software for common vulnerabilities.
BED is particularly good for remote fuzzing while if you need "something more local", testing local parsing file bug I do always suggest gruba. I know ...  those are pretty old and now there are "universal" fuzzers including PE, MACHO, ELF, HTTP, FTP, UDP, SNMP and so forth and so on... but both BED and gruba are pretty easy to analyze and, eventually, to expand.

Monday, September 19, 2011

IEEE Malware 2011 two research papers accepted !

Hi folks,
I know .... during the past month I didn't update often my blog. I am traveling a lot between conferences and I find very few time for posting in my little piece of Internet. Anyway I am glad to announce that I'll present at IEEE Malware 2011 in Puerto Rico the next October.

As usually, if someone will be attending Malware 2011 or if someone of my readers want to have a beer with me (like happened in California last year) just email-me I'll be glad to have a beer with you guys talking about our favorite security topics. ;) See you in Puerto Rico.

Wednesday, September 14, 2011

Misha Glenny: Hire the hackers!

Hi Folks, today I want to share this amazing TED's talk. Finally information is coming true and people starts to talk bout cyberterrorism. In the USA there are plenty organizations founded for fighting cyberterrorism or, at least, to study it. What about Europe ? Somebody knows any European Organization against cyberterrorism?

Thursday, September 8, 2011

PARADISO conference

After a couple of days in PARADISO (this makes me laugh a lot) I saw a lot of interesting topics a lot of interesting project a lot of innovation on the future of internet. Well at the beginning I was a little bit skeptical about "the future of internet", who's able to predict future ? Well these guys can :D !  The future of internet will go where the EU will put founds. Again, in this money-driven society the european commission will founds only some kind of researches planning the way to our future. Fortunately it seems that security and privacy is a hot topic in the future of Internet, and I am glad to hear that directly from commission' members. 

Internet becomes always more important infrastructure for our daily life, we learn from internet, we play with internet, we meet people over internet, we work on internet, we live with it ... we are a internet societies ...

Lets see what kind of Security projects will be financed ... 

Saturday, September 3, 2011

Brusseles 7-9 September

Just back at home and it's again a moving time. I'll attend PARADISO ( The Future of Internet) conference at European Commission during 7th, 8th and 9th of September. Our research group is going to join EINS one of the initiatives born from the PARADISO group.

What is PARADISO ?

If it is today well acknowledged that the world has profoundly changed during the last decades, it has to be acknowledged too that the world will probably have to profoundly change in the next decades in order to avoid major risks of breakdown. Industrialized, emerging and developing countries will need to agree, sooner or later, on an alternative way forward based on a true sustainable development, more sustainable economic and financial models, more equally shared resources. What is at stake is of course, ultimately, the wellbeing of all citizens of the world, to be measured by new indexes going beyond GDP (Gross Domestic Product). 

The PARADISO initiative, launched during the first half of 2007 (before the present financial and economic crisis) by Sigma Orionis and the Club of Rome has been exploring this paradigm shift concerning global societal developments and the role that Information and Communication Technologies (ICT) could play in this envisioned future (PARADISO is an acronym formed by the two words PARADIgm and SOcietal, and an obvious reference to a better world). The support from the European Commission through its FP7 research funding programme has made it possible to develop substantial activities since 2008. 

These activities mainly consisted during the period 2008-2009 in the organisation of open events (including a high-level conference in Brussels in January 2009) and the release of first reference documents. They had an important impact since they appeared quite visionary and timely when the present worldwide crisis started to expand. During the period 2010-2011, PARADISO activities have been further exploring how might or should our societies evolve in the next decades and how can ICT, and the Future Internet in particular, contribute to making this future better. Outputs will be detailed in successive versions of the “PARADISO reference document”, that will include specification of the envisioned Future Internet, and recommendations concerning research to be developed in the framework of EU-funded programmes. Two open events are organised in Brussels: a “PARADISO scientific workshop” (on November 23, 2010) to discuss the draft version of the PARADISO reference document and collect inputs from any interested stakeholders and the PARADISO conference “Internet and societies – New innovation paths” (on September 7-9, 2011) to promote final results and enhance the media and political impacts of the project. All project activities are open to any organisations interested in project approach and expected outputs. External contributions are welcomed, particularly through the project web site. The PARADISO initiative can count on the involvement of a multidisciplinary high-level expert panel (presented here) composed of around 40 representatives of leading institutions, companies, research institutes, and NGOs from Europe and the rest of the world.