Author: persmule Mail: [email protected] 00 ME: Management Engine First introduced in Intel’s 965 Express Chipset Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip (for Core 2 family CPUs which is separate from the northbridge), or PCH chip replacing ICH(for Core i3/i5/i7 which is integrated with northbridge). The ME consists of an individual processor core, code and data caches, a timer, and a secure internal bus to which additional devices are connected, including a cryptography engine, internal ROM and RAM, memory controllers, and a direct memory access (DMA) engine to access the host operating system’s memory as well as to reserve a region of protected external memory to supplement the ME’s limited internal RAM.

Build debug environment for the dynamic linker of Glibc @(Toolchains)[Glibc|dynamic-linker|gdb|gcc] 00 Prologue Recently my work need some research about the dynamic linker of Glibc, when I use gdb from the PLT table of executable or shared library into the Glibc source in a general way will see this: [...] |0xf7ff04b3 mov 0x10(%esp),%edx | >|0xf7ff04b7 mov 0xc(%esp),%eax | |0xf7ff04bb call 0xf7fea080 [...] (gdb) si [...] 0x0804852b in stub@plt () 0x08048500 in ?

Announcement HardenedLinux is a FLOSS community focus only FLOSS security and we have nothing to do with any commcercial organizations. h4rdenedzer0 team and other contributors have their own day job and we’ve been contributing to HardenedLinux in our night job time. We encourage commcercial organizations contribute FLOSS projects. h4rdenedzer0 is the credit for those long-term contributor. Anyone who has not any activities in HardenedLinux community or other FLOSS security project more than 6 months, will be treated as quit h4rdenedzer0 team automatically.

Reproducible builds for PaX/Grsecurity A series of scripts are created to do reproducible builds for Linux kernel with PaX/Grsecurity patch set. Thanks to: PaX/Grsecurity Mempo project Debian GNU/Linux Community Shawn C[a.k.a “Citypw”] Linux From Scratch Without the contributions of the projects, community and people, the scripts cannot be accomplished. The project’s GitHub repo is at https://github.com/hardenedlinux/grsecurity-reproducible-build . Why do reproducible builds? Reproducible builds are important to the binary’s reliability. With reproducible builds, anyone can recreate the binary, so it can be proved that the source code provided is really the source code used to build the binary, and no more backdoors (either manually inserted into the code or inserted by hijacked toolchain) is contained in the binary.

By:n3o4po11o Project: STIG-4-Debian ##Why STIG? STIGs is bring by a government agency called The Defense Information System Agency(DISA), which is entity responsible for maintaining the security posture of the Department of Defence(DoD) IT infrastructure. After we heard how the NSA fuck this world from Mr.Sn0wd3n.We will pay more attention about how they do the defense. DoD use this Security Technical Implementation Guides to All DoD IT assets before online/operations. And the STIGs classification system based on Mission Assurance Catagory (I-III) and Confidentiality Level (Public-Classified), giving you 9 different possible combinations of config requirements.

by citypw and an anonymous dude “As long as there is technology, there will be hackers. As long as there are hackers, there will be PHRACK magazine.” — The Circle of Lost Hackers on Phrack issue 64 As long as there are bugs, there will be vulnerablities. As long as there are vulnerablities, there will be regular/stable/weaponized exploits. Bug hunting is one of most important issues that we’ve been fighting for decades in FLOSS community.