Hi all,
I've updated my GnuPG key because the previous one was getting too old.

New key:
pub 1024D/0B60BC5F 2009-08-29 Marco Bonetti (sid77) <marco.bonetti@slackware.it>
Primary key fingerprint: E357 A480 17E2 482D E599 703A 4D8B C9F6 0B60 BC5F

Revoked key:
pub 1024D/86A91047 2005-04-02 Marco Bonetti <marco.bonetti@slackware.it>
Primary key fingerprint: 90D9 1E9C 2840 2B63 CBF2 9B02 C8F2 B0F9 86A9 1047

The new key has been signed with the old one:

uid Marco Bonetti (sid77) <marco.bonetti@slackware.it>
sig!3 0B60BC5F 2009-08-30 [self-signature]
sig! 86A91047 2009-08-29 Marco Bonetti <marco.bonetti@slackware.it>
sig!3 0B60BC5F 2009-08-29 [self-signature]
uid Marco Bonetti (sid77) <marco.bonetti@gmail.com>
sig!3 0B60BC5F 2009-08-29 [self-signature]
sig! 86A91047 2009-08-29 Marco Bonetti <marco.bonetti@slackware.it>
uid Marco Bonetti (sid77) <sid77@slackware.it>
sig!3 0B60BC5F 2009-08-29 [self-signature]
sig! 86A91047 2009-08-29 Marco Bonetti <marco.bonetti@slackware.it>

so I hope everything will be fine :-)
You can get my new key at the following sites:
+ slackware.it: http://slackware.it/files/keys/sid77.asc
+ livejournal.com: http://www.livejournal.com/pubkey.bml?user=sid77
+ on the keyservers: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4D8BC9F60B60BC5F

Looks like lj users can post from a jabber client, this is going to be interesting :)

PDP updated the jeriko trunk with some of the fixes I wrote (the small bug squashes, mostly) and some new interesting features.
Time for an upgrade! Grab the sources and the patch here and there.

If you read GNUCITIZEN blog you should probably already known of PDP Jeriko framework: it's a shell script based framework to help with the automatic pen testing stuff.
It's a nice idea in an preliminar stage, I've written a patch against the current svn release (r31 at the time of writing) which adds some extra functionality like the ability to run OpenVAS instead of nessus or the ability to load your preferred Metasploit Framework db plugin. I've also fixed some glitches while I was at it and added a bigger jerikorc.

So, go grab a copy of both the project and my patch and give the framework a spin: it surely is something intersting to play with!

Via DNA - Mauro Biani, vignette, comics, satira

La notizia sta qui, intanto ci si dimentica degli altri eventi.

Da RaiNews24: "Il Vaticano non recepira' piu' automaticamente, come fonte del proprio diritto, le leggi italiane; innanzitutto per il "loro numero esorbitante", in secondo luogo per "la loro instabilita"' e , infine, per il contrasto "con troppa frequenza evidente, di tali leggi con principi non rinunciabili da parte della Chiesa".

Lo spiega l'Osservatore Romano, presentando la nuova legge della Santa Sede sulle fonti del Diritto, gia' firmata da Benedetto XVI, e che entrera' in vigore il primo gennaio 2009."

Significa che da gennaio possiamo esportare anche a loro un po di pace e democrazia a suon di bombe?

Linus wrote: "It's that magical time of year when I actually play video games. I have one rule for christmas (and bday, for that matter) gifts for Tove: she should buy me toys. No practical gifts, no soft packages with sweaters or socks. I didn't enjoy them when I was little, and I don't enjoy them now. I refuse to grow up."
Raise hand who actually want sweaters or socks or ties for christmas or the birthday, sometimes I feel that every Linux nerd has been built with the same presets of ideas :D
Speaking of presents: my girlfriend gave me a cool iPod radio remote control for this holiday, no more tampering with the jacket in these cold mornings just to change a song, huzzah!

"Altrimenti potremmo provare a spiegare alla Chiesa che, nel seppur sempre più complicato e faticoso rispetto della sua imbarazzante versione della società, c’è anche della gente frocia, e che se ne facessero una ragione."
via Macchianera

Post to LiveJournal bookmarklet
Finally! (posted with the same bookmarlet linked above :-p )

From here:
"The patches greatly broaden hardware support of the XNU kernel, allowing it to run on Pentium M, Pentium 4, Turion 64, Athlon 64 and Phenom. Like the XNU kernel itself, the patches are released under the Apple Public Source License (APSL), which makes them suitable for inclusion in Darwin-based distributions like the one the PureDarwin project is working on."
I'm greatly tempted to try it out on the EeePC :)

c: "ti ricordi la newsletter sulla tipa biotta?"
me: "ah si
cioè, dai, non era sulla tipa biotta
era con la tipa biotta"
c: "beh com'è come non è ha battuto tutti i record di click"
me: "internet is for porn
internet is for porn
grab your dick and double click
for porn porn porn"

Another UCSB iCTF is about to start. Go Tower 0f Hanoi!

...because cleaning it up, I discovered that almost a year ago I made my name into Tor sources: https://www.torproject.org/svn/trunk/contrib/linux-tor-prio.sh
From the svn log:
r16269@catbus: nickm | 2007-10-29 15:41:16 -0400
Apply linux-tor-prio.sh patch from Marco B by way of Mike.

One year and not knowing it: I'm too lame! Especially because it was even announced in the ChangeLog: http://archives.seul.org/or/talk/Nov-2007/msg00247.html :^)

Well, thanks to Mike Perry for taking the patch into account! All of you: go grab a copy of Tor and try it out with the super-duper priorization script!

By the way, speaking of Tor: I'll be again at SMAU eAcademy this year, talking about the common exploitation techniques used against Tor, see http://smau.it/event/eventview/1118/1/0,0/peeling_the_onion___attacchi_alla_rete_tor

Hope to see you there!

From here and here:
"Worm.Win32.AutoRun.nox has a payload that restores the original function pointers back to the kernel's System Service Table (SST). The usual motivation for malware to do this is to remove any SST hooks installed by security software or other malware that might affect its successful operation.

As noted, normally a special driver or the physical memory device is used to get access to kernel-mode memory to restore the pointers. AutoRun.nox is different — it uses "GDI Local Elevation of Privilege Vulnerability (CVE-2006-5758)" to do the job. For malware, its rather unique to see such a technique being used."

Actually, backpatching existing software with an old, vulnerable, version is not that new. It's nice to see this kind of exploit in the wild, though, and good luck to any anti-virus vendor which now has not only to check if a patch is installed, but also if corresponding files are correct :D

No, it's not a cheesy joke on my last post, it's the announcement that http://sidbox.homelinux.org/ is back on the road thanks to the help of Spiff Francesco who brings me a (almost) new ups :)

Thanks my friend!

http://sid77.slackware.it/bt3/
A Back Track 3 lzm to enhance EeePC 700/701 support, enjoy :)
(ehi, ce, would you mind borrow me a nice css? :-P )

I'm at the talk zone again, Zanero is talking about the WOMBAT project.
I've taken my second talk today, not bad except:
1) It was TOO hot and sunny
2) My audience was re-routed by a couple of hot young chicks giving free samples od red bull and cola :-/ THAT'S NOT FAIR!!!

Anyway, I'm enjoying my time a lot here :)

Flash talk of Andrea Monti about the recent italian Pirate Bay affair.
This talk wasn't scheduled: he's just doing it now because the guy who should bring the talk about hacking satellite tv went missing :-/

However I'menjoying it a lot, the wifi signal is crappy, the weather is hot and pasword are being sniffed :-/ too bad that the vpn sometimes doesn't correctly setup the gateway.

Uff! it's 01:50am in the morning and the alarm will ring at 6:00am :-/
I've just finished preparing the stuff for moca, I'll pack the last things and I'll crash straight to bed.

See you there!