February 24, 2008

Windows Communication Protocols (MCPP) or , Holy Crap !

I really couldn't stop myself from blogging about this holy crap :

http://msdn2.microsoft.com/en-us/library/cc216513.aspx

Since release of communication protocols details by MS , everyone is busy reading his/here favorite long awaiting protocol documentation , and I`m not an exception . Most people thought Microsoft has just released few file-format and legacy protocol details, but ... . Here`s how some people react when they notice about the link :)

"" (9:33:58 PM) hdm: there goes my free time.. forever ""

And here`s a short description for those who`ve not understood the link :
Before this BIG release , Microsoft has never released any details nor documentations about it`s proprietary protocols , skipping MSDN poor / missing details and notes. RPC family of protocols are good old & famous samples . So everyone who wanted to implement his own staff working with any of these undocumented protocols had to actively analyze and reverse it by any possible method he were capable of . For complex protocols ( like most of those included in this release ) , reversing means A LOT of time and efforts . So having details of them now , can be considered extremely valuable even for experts . It means faster development , implementation and most interestingly auditing & fuzzing from security geeks point of view .

You can`t imagine how much cool it is , when you`re trying to learn RDP by reading rdesktop project codes line by line every night (sadly looking for never-findable technical details of protocol ) and suddenly you see all of virtual channels are documented and ready for download az PDF files ! The other interesting item is WMF , beeing favorite attack vector for long time , leading to some critical vulnerabilities ...

I guess nobody will clearly thanks Microsoft because of releasing them , cus it should have been released from very first days of every protocol birth . I`ve no idea what`s Microsoft`s plan behind this release but there ae many guesses out there . let`s wait and hear from professionals of the field . Anything related to anti-trust law suites in Europe ?
Btw , some of new protocols introduced with Win Server 2008 / Vista are also released among others .

happy reading protocol details !

February 17, 2008

Been so busy ...

Here`s another dusy Hello to readers.
been so long since my last post , but I`ve not been idle . I`m just posting this to replay as "pong" to some people who`ve pinged me these days .
So , how I`ve passed these long hard weeks ? here`s a very brief report :
Doing deep dedicated research on Citrix and underlying systems for almost 2 months leading to discovering many new tips and tricks on both sides of blade , hacking & hardening the solution . It also opened some research cases keeping me playing the game till end of year . Doing two hardcore and interesting penetration tests leading to unexpected results (from customer/vendor points of view) and also discovering some new vulnerabilities ( the new WebLogic Workshop 0day case worth mentioning) during them . Experiencing some new attack vectors on client side and and 802.11 pen-testing. reading over 2000 pages of books and tens of recent security publications and researches . preparing course materials and training students for a ~60hrs ethical hacking class . Sadly watching some good old 0days getting leaked and happily watching many others replacing them . some Metasploit beta testing leading to MANY bug reports and feature additions ,and the result is new shiny 3.1 release , thanks to HDM . Some minor work on BackTrack3 project , testing and soldiering current release. experiencing some new works with ZDI & iDeffence , some failed and some succeed . coding few tools and scripts for internal use . been the only beta-tester of some other home grown tools or codes by friends . And finally the worsts : dealing with insurance company and repairmen in order to prepare my car for upcoming crash!!! last experience with airbags was so cool that I`m going to test them again :-p
Most of items I`ve mentioned require a full blog post , but honestly I don`t feel fresh enough to write about them now . expect some of them being discussed in coming weeks .
I bet I`ve missed at least 30% of items in above list but these are enough to show how it`s going on.Things are getting better and I`m hopefully not working ~15-18hrs per day like past months. but another storm is in way , and I`ve to charge my batteries for upcoming projects which will begin in few days and will continue till last day of damn 1386 year .
Let me thank all of those who`ve generously helped me pass these hard days directly or indirectly . Ebrahim.S , Sanam.M and others who`ve shown what true friendship looks like.