iOS中 Web 页面与 Native Code 的一种通信方式
通过 HTML5 的 socket API 实现 Native Code 与 Web 页面的通信。
Aggregator
PM welcomes passing of GCSB legislation
11 years 2 months ago
The third reading of the GCSB legislation in Parliament today will allow our security agencies to get on with the important job of protecting national security.
August 2013 Security Bulletin Webcast, Q&A, and Slide Deck
11 years 2 months ago
Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.
August 2013 Security Bulletin Webcast, Q&A, and Slide Deck
11 years 2 months ago
Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.
Cracking the Perimeter (CTP) + Offensive Security Certified Expert (OSCE)
11 years 2 months ago
g0tmi1k
sse4.2带来的优化
11 years 2 months ago
dieyushi
Linux内核态与用户态通信的常用方法
11 years 2 months ago
dieyushi
最近的一些事情
11 years 2 months ago
dieyushi
QQ2013协议分析(八) 逆推QQ安全传输原理
11 years 3 months ago
有朋友问是否可以不得到密码解析出聊天记录内容,答案肯定是不可以,不然tx设计如此复杂的登陆协议纯粹没事找事闲的了,因此做了一张图来让大家直观的明白其中的奥妙。
CWangChao
使用MachOView辅助破解AppStore应用
11 years 3 months ago
在破解iOS应用的过程中,需要经常使用 otool 获取程序本身的信息(比如:是否启用了PIE),获取加密信息,
但是CLI的程序在直观性上还是不如GUI的,
下面描述使用MachOView来查看到相关信息。
1、加载可执行文件。
运行 MachOView 后,会提示选择文件,选择将要分析的文件,
会在后台进行分析,等待分析完毕,如下图:
2、文件头信息。
Proteas
逆向iOS SDK -- _UIImageAtPath 的实现(SDK 5.1)
11 years 3 months ago
+[UIImage imageNamd:]的实现分析:如果查找图片,查找哪些图片,查找顺序,缓存等。
注释过的反汇编代码:http://pan.baidu.com/share/link?shareid=3491166579&uk=537224442
伪代码(不精确,仅供参考):
NSString* _UICacheNameForImageAtPath(NSString *imageName, NSBundle *bundle);
NSString* ProductSu
Proteas
博客暂时停更
11 years 3 months ago
dieyushi
Advance Notification Service for July 2013 Security Bulletin Release
11 years 3 months ago
Today we’re providing advance notification for the release of seven bulletins, six Critical and one Important, for July 2013. The Critical bulletins address vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer and GDI+. Also scheduled for inclusion among these Critical bulletins is an update to address CVE-2013-3660, which is a publicly known issue in the Kernel-Mode Drivers component of Windows.
Advance Notification Service for July 2013 Security Bulletin Release
11 years 3 months ago
Today we’re providing advance notification for the release of seven bulletins, six Critical and one Important, for July 2013. The Critical bulletins address vulnerabilities in Microsoft Windows, .NET Framework, Silverlight, Internet Explorer and GDI+. Also scheduled for inclusion among these Critical bulletins is an update to address CVE-2013-3660, which is a publicly known issue in the Kernel-Mode Drivers component of Windows.
Commissioner of Security Warrants appointed
11 years 3 months ago
The Governor-General has appointed Hon Sir Bruce Robertson as Commissioner of Security Warrants for a three-year term, Prime Minister John Key announced today.
Intelligence and Security Inspector-General appointed
11 years 4 months ago
The Governor-General has appointed Hon Andrew McGechan as Inspector-General of Intelligence and Security, Prime Minister John Key announced today.
插件实现XSS检测
11 years 4 months ago
dieyushi
sqlmap的一些小技巧
11 years 4 months ago
dieyushi
QQ2013协议分析(七) 00CD Send Message
11 years 4 months ago
1.1 00CD Send Message
1.1.1 [2013/6/8 14:45:02:740] 发送
02 32 59 00 CD 25 02 35 37 BB 44 02 00 00 00 01
01 01 00 00 66 3F AF B4 32 1B 21 76 C4 7E B1 63
D7 04 B6 3E FB 7E 07 67 93 D8 9A EC E1 7
CWangChao
QQ2013协议分析(六)0828 Login GetInfo
11 years 4 months ago
1.1 0828 Login GetInfo
1.1.1 [2013/6/8 14:35:13:780] 发送
原文
02 32 59 08 28 72 F1 35 37 BB 44 02 00 00 00 01
01 01 00 00 66 3F 00 30 00 3A 00 38 1F C4 25 63
9C 49 CF F1 EC 47 3F 04 E3 84 42 3D
CWangChao