Tag: 2014

Modern OSes have a feature that mitigates the exploitation of stack based buffer overflows. It basically works by writing a "cookie" value before the return address in the stack in the prologue of a function and checking it before the function returns (for further information, see [1] and [2]). This article talks about how this mitigation has been enforced in Windows 8.

Eloi Vanderbéken recently found a backdoor on some common routers, which is described on his GitHub here. Basically, a process that listens on the 32764 TCP port runs, sometimes accessible from the WAN interface. We scanned the v4 Internet to look for the routers that have this backdoor wild open, and gathered some statistics about them. We will also present a way to permanently remove this backdoor on Linksys WAG200G routers.

Angular is a client side framework aimed at creating rich web applications. It adds logic declaration to the normally static HTML in order to provide a dynamic user experience. Built at Google, it is a perfect tool for building one page applications, and is made to be really accessible for the standard web developper. But some of the magic going on underneath can be tricky, doing things outside the box can be much more difficult. This article has no tutorial or introduction vocation, it just tries to shed some light on some unexpected behaviours of angular.