Phrack Magazine
http://phrack.org/
#ycombinator #phrack

These #Phrack articles by @saelo are the best primers on attacking #JavaScript engines

A case study of JavaScriptCore and CVE-2016-4622
http://www.phrack.org/issues/70/3.html#article

#Exploiting Logic #Bugs in JavaScript JIT Engines
http://www.phrack.org/issues/70/9.html#article

When did the hacker community decide to stop using the derogatory term "lamer"? 🤔

#hacking #history #2600 #phrack #1337 #31337 #noob #luser #n00b #h4x0r #lamer #HackerCulture #hackers #1337h4x0r #LeetHaxor #d00dz

Look what I just found! #phrack #phrack57 #hal2001

@JohanVonBored uh, I dunno, these are more about hacking and underground, not the (more recent) infosec industry. Also, very much not politically correct.

However, I’d definitely recommend #phrack (from ‘96 onwards at least) and #GOBBLES advisories.

Bookwise, the cuckoo’s egg, takedown, the watchman, underground are some of my personal favorites that come to mind.

Started my day by reading an old Phrack article about buffer overflows http://phrack.org/issues/49/14.html #phrack #coding #hacking

Since #introduction is so cool I will do mine:

- Causing exceptions for fun and profit
- I have got my first #nmap from #phrack
- over two decades of #admin #cybersecurity #hacking related jobs
- I have did some
- #reverseengineering
- #malwareanalysis
- #incidentresponse
- #threathunting
- Currently in #leadership position, #teaching a team on the offensive part of #cybersecurity and also working as a translator between the #infosec (ISO270XX and ISMS world) and real life problems ("Your threat model is not my threat model." // put some @thegrugq memes in here)

I am using this post just to show you my profile picture since it doesn't fit on some displays:

The Fall of Hacker Groups ( https://nfsec.pl/hack/5747 ) #phrack #hackultura #polishversion #twittermigration

About 20 years ago I released OneStep:Zup (Ziggy's Uncapping Program) - my 1st public hacking project (released under a different nickname which I've occasionally used at the time - emc2). It was a tool which was used to hack cable modems with one button click (eg, one step), while abusing Docsis 1.0 to gain unlimited speeds from your unsuspecting ISP.

Once I finished my early POC I joined the #phrack IRC channel and suggested to write a tutorial on the subject of 'Hacking Cable Modems'. I vaguely remember the reply I got from one of the members: "boring. we've been doing this since the 80's".

Needless to say how discouraged I was to hear this, but quickly enough I found a crowd of people with same interest at other IRC channels so I've proceeded developing the tool, added scripting capabilities, more modem configurations, etc etc, all thanks to the community I just found on IRC. At that time I also joined TCNiSO - a Cable Modem Hacking group - and added their name to my program, not knowing they will be charging money for it from our users. Once I found out, I swiftly left the group.

A few months later the FBI arrested some of the group members and the leader was sentenced for three years in jail. IIRC he wrote a book about hacking cable modems, and the Docsis 1.1 was redesigned to prevent OneStep:Zup (and alike programs) to abuse it. So we found other ways, but that's a different story.

#nostalgia #hacking

I've learned a few good things about payphones in the US, UK, and Canada, including relearning my old knowledge of red boxes, and the tones that are used to spoof payphones into thinking which coins have been inserted.

US payphones use dual frequency tone signals at 1700 Hz for the first signal, and 2200 Hz for the second. A 66ms pulse indicates a nickel; two 66ms pulses with a pause of 66ms between each is a dime; 5 rapid 33ms pulses with 33ms pauses in between each is a quarter.

Canada only uses the 2200 Hz frequency (AFAIK), with the same timing as US payphones for each coin.

The UK used a 1000 Hz tone, at 200ms for a 10p piece, and 350ms for a 50p piece.

The ones I'm curious about now, and I can't seem to find much info on, are Japanese payphones. They're still quite the enigma to me, and I'm curious to know about how the old phone system in Japan worked, what tones were used to indicate coin insertion on payphones, and if it was possible to phreak their phone system, and if anyone ever did.

Has anyone ever found anything good or juicy about the Japanese phone system?

#phreak #payphones #phreaking #hack #2600 #redbox #hacking #phrack

@BagheeraAltered oh that's quite a list! The BBSes I was on also had #phrack and #2600 and a ridiculous number of phone company manuals ;)

Did you know? #Nmap an extremely powerful, popular #network #analysis/#portscanner, was originally released in #Phrack magazine/#zine issue? 1997. Issue #51.

Be part of the respected non profit seeking history of #phrack by submitting work there! Great read.

https://twitter.com/todayininfosec/status/1300864278497558528

Working on something #hack/#exploit/sec extraordinary?

Submit it to Phrack #71! 😀They taking submissions *now*.

Don't just become another #infosec cog in a corp wheel.

Phrack #zine, for the ppl.

#Phrack was always one of the best. Read issues & submissions here: https://www.phrack.org/

I'd also suggest looking at more advanced/modern exploit mitigations like forward-edge and backward-edge CFI.

The problem: the #llvm implementation of SafeStack (llvm's version of backward-edge CFI) requires both ASLR and W^X to be effective. SafeStack creates a separate stack for unsafe stack variables. The address of the extra stack must be randomized, else attackers can bypass SafeStack by targeting a deterministic address.

Like SafeStack, Cross-DSO CFI (CFI applied to both libraries and applications) also requires both ASLR and W^X. Non-Cross-DSO CFI (CFI applied ONLY to applications) does not require ASLR and W^X. It stands alone.

Cross-DSO CFI requires ASLR and W^X because of the need to store metadata. Like SafeStack, if the attacker knows the address of the CFI metadata, the attacker can bypass CFI.

With FreeBSD's focus on supporting the llvm toolchain (with the hope of switching to it 100%), FreeBSD has a very unique opportunity to innovate with this modern and powerful exploit mitigation.

But don't worry fam, I've been working on that for the past few years in #HardenedBSD. We have Non-Cross-DSO CFI and SafeStack applied to the entirety of the base OS.

The recent #Phrack article on exploiting #bhyve is an amazing read. The article describes how, if HardenedBSD had Cross-DSO CFI, exploitation of bhyve would've been 100% mitigated. No possible way to exploit.

And even without Cross-DSO CFI, the author of the Phrack article had to re-introduce a many-years-old vulnerability in bhyve in order to exploit on HardenedBSD. However, exploitation on FreeBSD was mostly straightforward with a couple of exceptions (like the work I did (and upstreamed) to use MAP_GUARD pages).

Phrack Magazine: longest running #hacker #community e-zine latest release Oct 5, 2021. First release in about 5 years and taking submissions for issue 71.

Check out latest release here
(Dated Oct 5, 2021):
#Infosec #Cybersecurity #Phrack #ezine #Zine
http://phrack.org/issues/70/1.html

RT @0xdea
It finally happened… I’ve been published on #Phrack! After more than five years since the last issue, #Phrack70 is out, featuring my article “Exploiting a Format String Bug in Solaris CDE”! I guess I can retire now 🐛

http://phrack.org/issues/70/13.html#article

PHRACK 70 HA SALIDO!! ¡Después de 5 anios!!! http://phrack.org/issues/70/1.html legendario e-zine de hacking que empezó en los 80's y la mejor de hacking que aun existe siguiéndole 2600 #phrack #hackerculture #hacking #hackthesystem