onHacks » Random Chatter

Recent Updates From Log0

log0 — Mon, 18 Jan 2010 15:08:29 +0000

Hi guys this is Log0, not that I’m dead, but I’m very well alive.

For the whole December and some January, I’ve been working for OWASP China on some projects – thus taking my full attention. And I have been busy on picking up some bits of life and my side project – yes! Working on it! It’s coming in this January!

The 2009 is a fantastic year! I am aiming well for 2010 and will aim to advance fully into my interests. More to that next time… meanwhile, stay tooned. =)

An interesting DoS attack story

.hac — Sun, 29 Nov 2009 03:11:22 +0000

Last night, I was waken by a call that a server was not working. This server is hosting an online judging system (similar to uva.onlinejudge.org, which has algorithmic problems that users can solve). I took a quick look at the compilation process and web pages, everything looked good except it always return “Compilation Error” no matter what was the content in source code (even a HelloWorld!). By manually compiled the source code, the compilation error message gave more detail information about the root cause…Not enough space to link the object files! When I did a “df”, it said that the data partition was used 100%!!

After a deeper investigation, I discovered that one of the user was preparing questions on the machine, and generated a 12GB test data unexpectedly. Since this is a very old machine, it only has a 14GB hard disk for data storage and it already had 2GB data on it. This is kind of DoS attack since no one can submit sources to the judging system even though they can navigate to it.

Lesson learned: We should have restriction on storage usage of each user instead of unlimited.

Any other suggestion to prevent this happen again?

我将会在 ISF2009 作个演讲

log0 — Sat, 31 Oct 2009 15:54:41 +0000

对，我突然决定做讲者而非暖席者。

题目是 “A DIY Botnet Tracking System”. 我将会分享一下自己建的殭尸网络监控系统。我将会分享一下自己对于殭尸网络监控系统的心德，有机会会碰上的问题。

如果你打算出席 ISF 2009，一定要来聊聊及饮兩杯！

OWASP(China)2009 & ISF2009年会

log0 — Wed, 28 Oct 2009 12:12:57 +0000

OWASP简介：

OWASP是一个开源的、非盈利的全球性安全组织，致力于应用软件的安全研究。我们的使命是使应用软件更加安全，使企业和组织能够对应用安全风险作出更清晰的决策。目前OWASP全球拥有130个分会近万名会员，共同推动了安全标准、安全测试工具、安全指导手册等应用安全技术的发展。　　近几年，OWASP峰会以及各国OWASP年会均取得了巨大的成功，推动了数以百万的IT从业人员对应用安全的关注以及理解，并为各类企业的应用安全提供了明确的指引。作为OWASP中国的第一届年会，OWASP安全专家将为大家带来精彩的演讲

CISRG简介：

CISRG是一个活跃的技术研究团队，团队成员都拥有自己特定的技术研究方向，目前的研究方向主要有：操作系统内核、逆向工程、漏洞挖掘、WEB漏洞挖掘及漏洞利用、渗透测试、信息搜集与社会工程。

议题征集范围（不限于以下范围）

应用程序威胁建模及其防御技术
WEB2.0方向的安全技术
WEB应用程序漏洞挖掘及分析
数据及数据库安全
浏览器安全（Firefox、IE、Safari、Chrome等）
操作系统研究（Vista、Windows7）
逆向工程
反恶意代码前瞻性技术
漏洞挖掘技术
智能移动设备安全研究
硬件设备安全性研究
取证分析
入侵检测
点对点网络
渗透测试

参会者票价

10月31日前报名：￥300
10月31日后报名：￥500

付款方式

户名：杭州安恒信息技术有限公司
账号：77818100000385
开户行：杭州银行科技支行
交款事项：写明姓名，注明年会

会议时间安排

2009年11月12日
2009年11月13日
全天两日

会议地点

中国上海
详细地址：待定

联系我们

联系人：刘彦俊（小姐）
联系电话：+86 137 1380 7300
电子邮箱：rip@owasp.org

===

I should be there. Are you coming? =)

安全教学 SecurityTube

log0 — Sat, 05 Sep 2009 13:23:00 +0000

SecurityTube – 有关安全的影视教学, 有兴趣者去忙一下!

I am still working on Botnets!

log0 — Tue, 11 Aug 2009 16:15:02 +0000

Log0 here, lately my main posts are a bit sparse. That is because I am busy in my nightly studies and also my day job work. Yes, I am a day job software developer developing enterprise security software, and at night I am a security enthusiast on botnet tracking, honeypots, and other stuffs. So with regard to “Who is Hacking Me?“, I am progressing with infiltration into certain botnets, and built a tool to extract botnet info automatically (woo, just finished just now). I hope to port it to windows, of course. If you got suggestions, please send me an email, love to chat. I’ve added my email to the “Who are We?” page.

Yea, hac.ka is also very busy. So spam him! =)

I will release and talk more in details in the coming few posts, also going into more technical too. I will clean up and document any useful tools I’ve built/used.

是时候分享了

log0 — Sun, 21 Dec 2008 08:35:10 +0000

第一页。OnHacks 小队。我们是一班专门研究及创新于电脑安全，范围包括网页应用程式安全、网络、操作系统、加密、恶意代码、等等、等等及等等。小队成员都觉得知识是应该分享给有兴趣的人、正如歴代分享给我们的伟大黑客。名字多的很，不能尽列，故在此衷心感谢他们，并希望我们也能为像他们一样分享并令读者得益！

我们将会以英文为主，但亦会写上广东话以及中文，希望远至中国的朋友也能一起参与分享。