I’m Alive

After a long break caused to Work, I restarted to work on three basilar projects:

• Elgamal CryptoReversing Paper
• Gpcode Reversing
• SpyOs – Qt Based

See you to the next post.. 🙂

Felicissimus Dies Natalis Solis Invicti

Felicissimus Dies Natalis Solis Invicti!!!!!!

To all new and old followers of my blog!! 🙂

This is For you! 🙂

🙂

Evilcry’s Dark Cave MOVED!!!!!

Hi,

I’ve moved my Website From Altervista To Netsons

The new link is HERE

Regards 🙂

Smeels like the Past

Hi,

It’s Sunday Morning, today allow me to write some non technical stuff, this blog is a container of all my life, 98% tech 2% human.. so I want to flush my empty head this morning, just because flushing in a file taste as more ordered, and order implies clearty..

There are periods in the life that have a well defined smeel, something that is mixed up with many situations, external and internal factors..

Certain months with a precise weather, temperature, wind, sun or rain..but also time situations, works/study that begins or ends, certain people around you..nice or bad mental predispositions and happenings..

All these factors, prints in you a precise life during Smell..

There are in the life, nice parfumes and bad ones..

Today all around me smeels like a black period of my life, full of orrible torturing uncertainty, all smeels like the past sorrow and doom, but it’s only the mind torturing smeel..

Smeel of the past?

Fear that the past could became present, and the future does not exists?

Fear, fear fear, but also hope, a big full of light hope that as an unpleasant partume it will vanish…

or the one that wil vanish will be again my self?

I Hope that this suffucating parfume will be only the Smeel of the Past, and not the crude Reality of the Present..

Lost lost lost.. Burzum’s Draungen picture represents perfectly this parfume..and this uncertain Sunday of another Spring..

See you to the next post.. I promise..a tech one 🙂

Directions

Hi,

In this little post I want to expose, what should be my future works and topics in which I’ll invest my efforst.

Actually I’m developing a Device Driver Fuzzer for Windows 2k, XP, 2k3.

This DeviceDriver Fuzzer that I’ll call Klystron, is similar to Kartoffel Driver Fuzzer, but it has a GUI based on MFC with the possibility to Mantain Trace of the used IOCTLs by hooking DeviceIoControl().

Particular attention will be revolved to IOCTLs with METHOD_NEITHER, this because the major part of device drivers Bugs come from this kind of ControlCodes that does not performs any check on the received buffer. It’s easy to decode what IOCTL use this method, due to the base encoding algorithm we can see that

0x00000003

0x00000007

0x0000000B

0x0000000F

All catched IOCTLs will be saved and next, parsed and loaded into a ListBox that will be the launcher for the Fuzz part.

The fuzz engine will be essentially based over Kartoffel, but I did not exclude that I’ll insert other fuzz options.

With Klystron its all..

In the next month I’ll be also studing, How the Presence of a Rootkits Could Affect Performance Graphics and if good results come out I’ll publish a little paper about that.

Another target will be a study paper + src code of NtSectionDebug() undocumented function

Surely I’ll also write some new Malware Reversing story, actually I’m working on Silent Banker Trojan which is a really intersting subject for a Rce Paper 😉

Frozen (not Dead) projects are:

MultiCryptoProtector

MultiStegoProtector

StegoDetector

I’ve also in plain to Translate my Elgamal Paper, and in the end of year to write A Reverse Engineering Approach to AES.

In this period I’m also a bit bored of people (cause a ligth touch of Socio-Delusion-Depression) and pointless discussions all over the so called New Internet, or better known Web 2.0, so I’ll limit at the maximum my presence on IRC/MSN and Skype.

My sopportation level is over also about Vulgarity and Obscenity that every day I’ve to hear, one of the great things of internet is the Liberty Real, or for less experienced persons, Apparent..

And for liberty I talk about the possibility to choise, the ambient that make you feel more Relaxed and Serene..and the massive vulgarity, arrogance and egoism with heavy touches of egocentrism, make me feel not so Clear not so Serene.

Surely I’m sociopatic, but now STOP, I want to exist on internet but without hearing 24/24 people that thinks to be God and talks as a porky-pig.

Some channels seems to know who you are, only when you have something to give to the others, but in other hands people is truly attentive to disclose you Resources, Sources or Links (links in all acceptions of the term).

Its really frustrating to see that, and to se how people what (implicitly) you to know that you’re not a part of a Group..

So I think the best cure for my 0Tollerance of people is to disappear a bit from all “Chat” Scenes..

See you to the next post..

Evilcry

Updated

Hi,

ProcessMemoryDumper is available for download on my http://evilcry.altervista.org

See you to the next Post

Forum Opened

Hi,

Here rains, so I’m at home, I’ve opened on my WebSite a little forum

http://evilcry.altervista.org/phpbb/

and this afternoon I’ll publish the Process Memory Dumper.

I’m also waiting for Secunia  response about an advisory written by me and Omni.

See you really soon 🙂

Response From Safe-Mail Team

Hi There,

Safe-Mail Team kindly replied to my previous Blog Post, here is the complete Reply

Hi,

I was amazed to read the message from “First 2008 Thoughts from a Paranoid”. What a strange conclusion…

Safe-mail.net is a private company, located in Israel.
There is no connection, there wasn’t and most likely that won’t be any connection between Safe-mail and NSA or any other agency or government (including the Israeli and American).

NSA.SAFE-MAIL.NET is one of the name servers of Safe-mail.net, just like NSB.SAFE-MAIL.NET.
NSA means: first name server (NS = “name server”, A is the first letter…).
This server, just like most of the Safe-mail.net servers, is located in one of the servers farm of “Smile Internet Gold”, which is one of the biggest ISPs in Israel.

ALL of the Safe-mail.net servers are controlled by the Safe-mail.net team only.
We don’t know/have the users passwords and the users data is strongly encrypted.
I hope that this comment helps to clear this issue.

Have a very best year,
Safe-mail.net team.

My appreciations to the Safe-Mail for the Precisations.

Once upon a time..

Hi,

Its some week that I don’t write on the blog, this not due a lack of time but essentially because I’ve heavly worked on Reversing and Researching about some rootkit, and Vulnerabilities of these drivers.. such as Kernel_Stack_Overflows and relative exploitation, may be some day I’ll publish it, but is not sure.

I’ve also finded a particular vulnerability that afflicts a Microsoft Product, I’ll talk with MS “Security Division” about it and next I’ll release the PoC.

These are also days of heavy coding, the old idea of the Folder Protector, became more complex and changed in DataProtector..or CProtector I’ve to choise a name eheh.. 🙂 These are some of the features:

• File/Folder Data Protection
• Random Password Generator
• Password Manager
• Encrypted Instant Messenger

Surely I’ll add some feature and finally I’ll release a Free Basical Edition and another Full ($) Edition..
SunOS ICMP Crasher is also ready for the release, I think I’ll release it this friday/saturday.

See you soon, I Hope.. 🙂

Reversity Speech Done

Hi,

Just finished  Reversity Speech, on EfNet ON Cryptography Applied to Reverse Engineering. (CryptoRev)

Soon Logs and Guide Lines will be published on http://evilcry.altervista.org

See you to the next post.. 🙂

Evilcry