sat0ri

Conquering the currency markets, the ultimate programming challenge

sharpe — Wed, 08 May 2013 16:58:08 +0000

The guys at Pipnotic have taken the challenge to make an MT4 indicator to help the price action trader conquer the currency markets. Specialising in Forex, trading psychology and developing Price Action Pro, the only MT4 indicator the price action trader will ever need, Pipnotic have managed to create a tool that appears to have [...]

The post Conquering the currency markets, the ultimate programming challenge appeared first on sat0ri.

UTMessan talk on Social Engineering

sharpe — Wed, 04 Apr 2012 11:45:25 +0000

Conversational Hypnosis is a very fascinating topic, one which has interested me for many years. I have always been interested in knowing how the human mind works, and what it is that motivates us to do act in a certain way. This topic is one I have studied intensely for several years, and one that [...]

The post UTMessan talk on Social Engineering appeared first on sat0ri.

Fixing iOS Security with TrustR

nicko — Tue, 06 Mar 2012 12:10:14 +0000

So recently, after almost a year in development, I finally published my iOS security app called TrustR. Frankly I’m quite surprised that no other security teams beat me to the release of this new type of security app – since it secures the iOS platform in such an obvious and necessary way. For years [...]

The post Fixing iOS Security with TrustR appeared first on sat0ri.

sat0ri RCE challenge/crackme – one/two

sharpe — Sun, 08 Jan 2012 14:55:40 +0000

I just added challenges one & two, as I’ve had a few requests for these. Additionally, I have included the solutions for them as a separate download just to help you out, should this be necessary. The two challenges can be downloaded here: MD5 (one-and-two.zip) = 5f916c6459ffe8c4ca318c76bd368665 The solutions can be downloaded here: MD5 (solutions-one-and-two.zip) [...]

The post sat0ri RCE challenge/crackme – one/two appeared first on sat0ri.

sat0ri RCE challenge/crackme – eleven

sharpe — Wed, 31 Aug 2011 23:34:53 +0000

Welcome back and thanks for considering challenge number 11. Inspired by my last challenge, I made this one simpler yet more difficult. More of an effort has gone into the encryption, which now uses 4 rotating DWORD keys instead of 1 static DWORD key. It should be more of a challenge. I removed all garbage [...]

The post sat0ri RCE challenge/crackme – eleven appeared first on sat0ri.

European Nopsled Team win DEFCON 19 CTF

sharpe — Wed, 17 Aug 2011 14:24:15 +0000

The annual DEFCON Capture The Flag (CTF) competition is over and the winning team has been crowned, Men of 0×90, The European Nopsled Team. Team members Rasmus Petersen (RP) (right). Photograph by Sarid Harper, CSIS What was the best part about winning the DEFCON CTF? RP: Doing something you love with the awesome guys from [...]

The post European Nopsled Team win DEFCON 19 CTF appeared first on sat0ri.

sat0ri RCE challenge/crackme – ten

sharpe — Tue, 09 Aug 2011 20:45:14 +0000

OK, here we are again with a new series of challenges, which will start with number 10. This one isn’t that difficult but it requires that you consider new options. I left half of this challenge easy to help you along, so you can solve this one two ways, the tough way and the easier [...]

The post sat0ri RCE challenge/crackme – ten appeared first on sat0ri.

File Expert “path” Directory Traversal Vulnerability

sharpe — Sat, 16 Jul 2011 09:50:47 +0000

Summary Sarid Harper has discovered a vulnerability in File Expert for Android, which can be exploited by malicious users to gain knowledge of sensitive information. Input passed to the “path” parameter in “/webapps/file/listing” is not properly sanitised before being used to display files and directories. This can be exploited to list arbitrary directories and files [...]

The post File Expert “path” Directory Traversal Vulnerability appeared first on sat0ri.

File Expert File Deletion Vulnerability

sharpe — Sat, 16 Jul 2011 09:21:40 +0000

Summary Sarid Harper has discovered a vulnerability in File Expert for Android, which can be exploited by malicious users to delete files residing outside the FTP root. The vulnerability is caused by an error in the way FTP “DELE” requests are handled. This can be exploited to escape the FTP root and delete arbitrary files [...]

The post File Expert File Deletion Vulnerability appeared first on sat0ri.

Outlook Email File Attachment Denial of Service Vulnerability

sharpe — Fri, 26 Nov 2010 11:56:35 +0000

Summary Sarid Harper has discovered a vulnerability in Outlook, which can be exploited by malicious, anonymous individuals to cause a DoS (Denial of Service). The vulnerability is caused as a result of the improper handling of email file attachments with no extension. This can be exploited to cause a DoS by tricking a user into [...]

The post Outlook Email File Attachment Denial of Service Vulnerability appeared first on sat0ri.