Back from the grave: VMWare Host Clipboard Grabber

Another post from the past ( 2007, wow time passes so fast :S ), a proof of concept I made to demonstrate how to grab clipboard data of a host machine from within a VMWare guest machine exploiting a backdoored hardware port the vmware team used to ... well, I have no clue…

Back from the grave: ELF32 Universal Command Injector

Just a post about a small software I wrote years ago, I don't want it to be lost. The concept itself was quite simple, you give to it any ELF executable as input and the software will search for space to inject a shellcode of its own, which will execute…

How TELCOs are bullying researchers, an italian story.

Those of you following my blog from the beginning, know that I was actively involved in the router hacking scene, mostly during the period in which I wrote the very first implementations of both Telecom Alice ( and this ) and Fastweb routers WPA key calculators and unlockers after the great reversing…

Why reinventing the wheel isn't always wrong

Recently I was talking with one of my colleagues about computer science and the skills of those who have just taken their degree in Italy. We both agreed that the kind of knowledge you get attending the college is indeed more theoretical than practical ( and trust me, "informatic engineering" courses…

About (re)distributing open source apps ( dSploit )

It's a while I see compiled dSploit versions pop up on Google Play Store, most of the times the actual changes are just a matter of icons, other times are merely compiled versions of one of the nightly releases. Altough I can not ( and really don't want to ) avoid this…

Programmatically identifying and isolating functions inside executables like IDA does.

Even though it's one of the tools I use on a daily basis, Hex-Rays IDA always fascinates me for its completeness and the huge amount of informations it is able to extract using just a "simple" static analysis approach and being myself a "make yourself the tools you need" guy…