Author Archives: FlUxIuS

The magic of LD_PRELOAD for Userland Rootkits

    How much can you trust binaries you are running, even if you had analyzed them before compilation? With less privileges than kernel rootkits (explained in “Ring 0f Fire”), userland rootkits still represent a big threat for users. To see … Continue reading

Posted on October 31, 2011 by FlUxIuS
Category: elf, Reversing, Rootkit | Tagged , , , | 8 Comments

The Art Of ELF: Analysis and Exploitations

    New systems make attackers life hard and common exploitation techniques get harder to reproduce. The purpose of this article is to be very general on mitigation techniques and to cover attacks on x32 as a reference to x64 architectures … Continue reading

Posted on October 20, 2011 by FlUxIuS
Category: Uncategorized | 6 Comments

RSSIL [captcha]: Des chiffres et des lettres

About RSSIL Two weeks ago, the team HzV was in Maubeuge (France) to attend to the RSSIL[0]. This event was really nice. Moreover, we have seen some interesting talks, workshops and a great Capture The Flag. Among workshops, you could … Continue reading

Posted on June 14, 2011 by FlUxIuS
Category: General, Image Processing | Tagged , , | 2 Comments

Ring 0f Fire : Rootkits and DKOM

Many books and papers cover the subject of Rootkits. I wrote this article to describe my first steps. Here, you will learn what a rootkit is and how does it work. Also you will find an attack using DKOM. For … Continue reading

Posted on January 2, 2011 by FlUxIuS
Category: Rootkit | Tagged , , , , , | 6 Comments

And It Begins, begins Ooh ooh ooh!

Actually, this my first blog dedicated to security. People that know me and maybe you, have heard of some of my projects like : Slashon, Invihertz, and so on. I’ve done also few conferences about Software-Defined Radio and security articles … Continue reading

Posted on January 1, 2011 by FlUxIuS
Category: General | Leave a comment