viernes, 30 de enero de 2009
Back in the time, when I was a still doing linux exploits and thought that real man infoleak/bruteforce themselves to shellcode, that client-side where for pony tails nymphets and denial of service on hoolios where for lonely guys that drinks fruit daikiris, Dave came to me with a new project that he wants me to manage: Visualsploit
At first though "I prefer to write advisory for Antivirus vulnerabilities" rather than working on a Visual Language for exploits, who in the world would ever use that?.
And as it happen with smart people vision, time gave you always the response to that. We hired Damian Gomez full time to work on the project, I helped a little bit with the core but most of them it was just Dami, all the nice icons and the cool features.
Visualsploit was never focus on selling it, as i though, but rather as a swiss knife for Trainnings. The visual language gives -great- advantage of avoiding dealing with programming at all on a class, obviously, we encourage people to modify the scripts and learn the python, but for classes such as Basic Stack Overflow or even Heap overflow, whats the need of forcing someone to learn python? In the end, is as we always said... Exploiting is nothing more than smart debugging.
Today I spent an hour adding two modules that communicate with my exercise server, one for allocating memory and the other one for overwriting information. Because, if you have 4 days to explain how to exploit Windows 2000, XP-2003 and Vista, you certainly don't want to make your students spent time debugging the protocol.
PS: Yes, the icons for Allocate/Overwrite were also made by dami!