Jump to content
Nytro

Phrack #70

By Nytro, in Tutoriale in engleza

Recommended Posts

Nytro Mentor

Nytro

Posted
Posted 
                              ==Phrack Inc.==

                Volume 0x10, Issue 0x46, Phile #0x01 of 0x0f

|=-----------------------------------------------------------------------=|
|=-------------------------=[ Introduction ]=----------------------------=|
|=-----------------------------------------------------------------------=|
|=----------------------=[    Phrack Staff    ]=-------------------------=|
|=-----------------------=[ staff@phrack.org ]=--------------------------=|
|=-----------------------------------------------------------------------=|
|=-----------------------[   October 5, 2021  ]=-------------------------=|
|=-----------------------------------------------------------------------=|


--[ Introduction

Phrack! We're back! It was only five years ago that issue 0x45 was
released. It may sound bad, but it is also, indeed, quite bad. Issue 0x45
was released four years after issue 0x44. And we are now five years after
that. Just trying to set the context here. The world is so different and so
many things have happened in these five years that it makes no sense trying
to make any point. Phrack has always been a reflection of the hacking
community, and guess what, the community is moving away from itself. By
this we don't mean that there are no talented hackers, because there most
definitely are (just take a look at our authors). We also don't mean that
there is no exquisite public hacking, because there is (again, our articles
as proof). However, there is a clear move away from the collective hacking
mindset that was most prevalent in the past. The word "scene" brings only
smirks to people's faces. There are many reasons for this, and we are all
to blame [1].

So where is the community right now, and, most importantly, where is it
going?

We are all ego-driven, more so nowadays we would argue, and this has
definitely made collectives much harder to thrive. We expect direct payback
from our hacking, in many forms, including reputation. While it was quite
common to receive anonymous papers, in the past five years we got almost
none. Where is the new Malloc Maleficarum? Quality isn't the question here,
we have high quality hacking, we covered that. The question is about the
community and how it has changed in the last 10-15 years. And about Phrack.

Phrack started as a community zine of exchanging technical information and
hacking techniques in a time that it was hard to find it. It later changed.
It became a symbol of achievement, eliteness, and honor to be published in
Phrack. A slight but significant change happened afterwards. Phrack
gravitated (willingly or not is the subject of another discussion) towards
an academic medium. Academia noticed the high quality of Phrack papers,
started citing them, and basing their offensive and defensive work on them.
Did that alienate the underground that Phrack represented for so many
years? Yes, we think it did. But the underground also changed. Some of it
became involved in malware, spyware, and also the "infosec" industry. And
this mutated the underground. Of course we don't judge. Shouldn't Phrack be
the reflection of the community, whatever the community is? Or should
Phrack be a beacon of the old school underground? Well, it remains to be
seen. Phrack will always be alive as long as the community is alive,
reflecting it. If the hacking community becomes "infosec" in its majority,
then probably so will Phrack. If the heart of the community is CTF, Phrack 
will reflect that. If the community focuses on malware, so will Phrack. 
Isn't that what Phrack has always done? It always was and always will be 
"by the community, for the community". If the community has decided that 
Phrack has a five year release cycle, then that's where we are.

Unfortunately, this issue is again an issue of eulogies; we have lost
hackers that have had an enormous impact on our community. Phrack would
like to say goodbye to them. Their loss saddens us deeply, and makes our
community poorer in talent, ethics, and intellect. We also mourn lost
communities. Segfault.net has been our home/hosting in the past and is now
gone.

But we also have some good news! You might have come across Phrack
merchandise [2], well, yes, we have resurrected it! The original 2003 art
work has been found on a backup drive. All profits go to the Electronic
Frontier Foundation. The EFF is a rare example of good and simple advise
for the ordinary citizens. Plus a defender of our rights online and of the
freedom of information. A beacon of light to say the least. The EFF used to
run one of the three FTP servers to download Phrack as well. And let's not
forget that the EFF paid for the attorney of Phrack's co-founder Knight
Lightning in the 1990 court case and supported him all the way. They
defended against the US Secret Service, a ruthless adversary with no
respect for the freedom of information or the hacking scene in general.
With EFF's help the case against Knight Lighting collapsed and the US
Secret Service looked like a pissed on poodle.

The merchandise has the Phrack Gnome on the front and the Hacker's
Manifesto on the back. And ships worldwide.

[1] http://www.phrack.org/issues/69/6.html
[2] https://phrack.myspreadshop.co.uk/


$ cat p70/index.txt

--[ Table of contents

  0x01  Introduction ........................................ Phrack Staff

  0x02  Phrack Prophile on xerub ............................ Phrack Staff

  0x03  Attacking JavaScript Engines: A case study of
        JavaScriptCore and CVE-2016-4622 .................... saelo

  0x04  Cyber Grand Shellphish .............................. Team
                                                              Shellphish

  0x05  VM escape - QEMU Case Study ......................... Mehdi Talbi &
                                                              Paul Fariello

  0x06  .NET Instrumentation via MSIL bytecode injection .... Antonio
                                                              's4tan'
                                                              Parata
                                                              
  0x07  Twenty years of Escaping the Java Sandbox ........... Ieu Eauvidoum
                                                              & disk noise

  0x08  Viewer Discretion Advised: (De)coding an iOS
        Kernel Vulnerability ................................ Adam
                                                              Donenfeld

  0x09  Exploiting Logic Bugs in JavaScript JIT Engines ..... saelo

  0x0a  Hypervisor Necromancy; Reanimating Kernel
        Protectors .......................................... Aris Thallas

  0x0b  Tale of two hypervisor bugs - Escaping from
        FreeBSD bhyve ....................................... Reno Robert

  0x0c  The Bear in the Arena ............................... xerub

  0x0d  Exploiting a Format String Bug in Solaris CDE ....... Marco Ivaldi

  0x0e  Segfault.net eulogy ................................. skyper

  0x0f  YouTube Security Scene .............................. LiveOverflow


--[ Greetz

    - dakami:             pure passion for hacking, will be greatly missed
    - navs:               our condolences for this brilliant hacker
    
    - accepted authors:   thanks for your work, you keep Phrack alive
    - rejected authors:   we hope our reviews helped you in some way


    - past Phrack Staff members:      now we know ;)


--[ Phrack policy

phrack:~# head -77 /usr/include/std-disclaimer.h
/*
 *  All information in Phrack Magazine is, to the best of the ability of
 *  the editors and contributors, truthful and accurate.  When possible,
 *  all facts are checked, all code is compiled.  However, we are not
 *  omniscient (hell, we don't even get paid).  It is entirely possible
 *  something contained within this publication is incorrect in some way.
 *  If this is the case, please drop us some email so that we can correct
 *  it in a future issue.
 *
 *
 *  Also, keep in mind that Phrack Magazine accepts no responsibility for
 *  the entirely stupid (or illegal) things people may do with the
 *  information contained herein.  Phrack is a compendium of knowledge,
 *  wisdom, wit, and sass.  We neither advocate, condone nor participate
 *  in any sort of illicit behavior.  But we will sit back and watch.
 *
 *
 *  Lastly, it bears mentioning that the opinions that may be expressed in
 *  the articles of Phrack Magazine are intellectual property of their
 *  authors.
 *  These opinions do not necessarily represent those of the Phrack Staff.
 */


                      ----( Contact )----

       <  Editors           : staff[at]phrack{dot}org   >
       >  Submissions       : staff[at]phrack{dot}org   <


    Submissions may be encrypted with the following PGP key:

    (Hint #1: Always use the PGP key from the latest issue)
    (Hint #2: ANTISPAM in the subject or face the mighty /dev/null demon)

 

Link: http://www.phrack.org/issues/70/1.html#article

 

❤️ 

  • Like 1
  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...