Articles – S3lab

Blockchain. ¿revolutionary technology or hype?

Igor Santos — Fri, 09 Nov 2018 13:45:32 +0000

I am convinced that if you follow the technological world, you will have heard during the last year or maybe before, about that wonderful technology known as blockchain destined according to many to revolutionize the world of cybersecurity and not any technological company or not. But how much is true in this?

The post Blockchain. ¿revolutionary technology or hype? appeared first on S3lab.

Loading binaries in Linux

Oscar Llorente — Sun, 14 Oct 2018 16:36:44 +0000

Executables are a static representation of a program and that at the time they are executed, the kernel uses the information included in those files to create a dynamic representation, better known as the process images. Before being able to execute…

How hacking could change history

Iskander Sanchez-Rola — Thu, 06 Sep 2018 09:57:06 +0000

Although hacking began as simple entertainment for a group of enthusiastic young people, much has changed since then. Today, all countries have, to a greater or lesser extent, a response or attack group of this type. The clearest examples would be the NSA and the CERT / CC (in which I had the luck to be able to work temporarily) of the United States. We are living what will be remembered as the beginning of digital wars, where soldiers use keyboards instead of automatic rifles.

The post How hacking could change history appeared first on S3lab.

Dynamic binary instrumentation

Oscar Llorente — Fri, 06 Jul 2018 12:53:23 +0000

In the previous post we talked about the possibilities to implement programs and carry out all kinds of tasks such as profiling or vulnerability detection. We also introduced Intel Pin, a dynamic binary instrumentation tool (mainly for IA32 and x86_64), which we are going to talk about in this installment. Like a debugger, Pin can launch an application or can be set to a running process, intrument it as necessary, collect the information of interest and separate at any time so that it can continue with its normal execution. To have control over the instrumented process uses calls to ptrace () (in Linux) that we saw in a previous post. The general architecture of Intel Pin is shown in the figure but for more detail I recommend reading the original article.

The post Dynamic binary instrumentation appeared first on S3lab.

VPNs are not online invisibility cloaks

Iskander Sanchez-Rola — Tue, 29 May 2018 09:31:41 +0000

It is possible to access any content through a different network than the one we initially encountered. With a simple example, if we were initially in Spain, we could access a certain web page as if we were really in…

Program instrumentation options

Oscar Llorente — Mon, 14 May 2018 13:00:52 +0000

Many of the methods of software testing and dynamic analysis of programs (not necessarily related to security) require inserting some additional instructions in the text of the program to obtain added information, that is, to instrument the program. For example, one of the options when measuring the performance of an application is to add statements to read the clock at the beginning and end of each function so that you can calculate the time it takes to run each and then optimize the that take longer than necessary.

The post Program instrumentation options appeared first on S3lab.