Comments for Norwegian Honeynet Project

Comment on Analysing malicious PDF documents and shellcode by cobalt

cobalt — Wed, 26 May 2010 10:55:40 +0000

great! in the emacs, it was the python mode! thx a lot! keep up the good work!

Comment on Analysing malicious PDF documents and shellcode by mkrakvik

mkrakvik — Wed, 26 May 2010 08:57:12 +0000

I don’t have anything custom in .emacs file. Is python-mode (M-x python-mode) enabled in your emacs?

Comment on Analysing malicious PDF documents and shellcode by cobalt

cobalt — Wed, 26 May 2010 08:38:57 +0000

Thx for your reply, mkrakvik.

I tried it in the emacs, but i didn’t get the result i wish with ctrl + i. in your video, you get the following when indenting the value in hashes:

first the code looks like this:
1 hashes = [0x0000,
2 0000,
3 0000]

and after one move in the 2nd line:
1 hashes = [0x0000,
2 0000,
3 0000]

i have to click three times ctrl + i, to tet to this position.

maybe you have some configs in your .emacs file?

thx you very much for the help! i saw this one-move array indenting the first time in your video and search now some days for a shortcut in vim…

cobalt

Comment on Analysing malicious PDF documents and shellcode by mkrakvik

mkrakvik — Tue, 25 May 2010 22:06:15 +0000

Hi Cobalt, glad you enjoyed the video! Regarding indentation in emacs – that is done by pressing “ctrl-i” :-)

Comment on Analysing malicious PDF documents and shellcode by c0b4lt

c0b4lt — Tue, 25 May 2010 21:23:15 +0000

old post, but very informativ and good video!

i have a question not concerning the main topic. but i’m wondering how you did the indenting in the emacs for the hashes. I mean, how you indent the values for the hashes array. i use vim and maybe i find a solution after it.

thx for the info,

cobalt

Comment on Forensic Challenge 2010-3 by Tor Inge Skaar

Tor Inge Skaar — Fri, 14 May 2010 09:03:49 +0000

The winners of this challenge have now been determined. Of a total of 22 candidates, these are the top 3 winners: 1. Mario Pascucci (Italy), 2. Tyler Hudak (USA) and 3. Carl Pulley (UK).

Congratulations to the winners and all the folks that participated in the challenge – this was not an easy one. Each winner will receive a signed book from one of our Honeynet Project authors. We have posted the submissions of the winners and sample solution on the FC2010/3 web page. All participants should have also received an email with information about their individual score as well as placement.

Comment on Forensic Challenge 2010-2 by Tor Inge Skaar

Tor Inge Skaar — Thu, 25 Mar 2010 19:03:57 +0000

The winners of this challenge has now been determined. Four submissions were all selected as winners, and we’d like to congratulate the following individuals; Franck Guenichot (France), Mario Pascucci (Italy), Rani Hod (Israel) and Vos (Russia). For more info, and to read the submissions and proposed solution, proceed to https://www.honeynet.org/node/531

Comment on Country Lookup by Norwegian Honeynet Project » Blog Archive » Enhanced CC2ASN

Norwegian Honeynet Project » Blog Archive » Enhanced CC2ASN — Tue, 23 Mar 2010 21:51:34 +0000

[...] over 9 months we’ve run our CC2ASN service, allowing you to lookup up ISO-3166 country codes and get back [...]

Comment on Malware unpacking in OllyDbg by Malware unpacking in OllyDbg « 0day in {REA_TEAM}

Malware unpacking in OllyDbg « 0day in {REA_TEAM} — Thu, 28 Jan 2010 04:08:56 +0000

[...] Norwegian Honeynet Project » Blog Archive » Malware unpacking in OllyDbg. Leave a [...]

Comment on Analysing malicious PDF documents and shellcode by Analysing malicious PDF documents and shellcode « 0day in {REA_TEAM}

Analysing malicious PDF documents and shellcode « 0day in {REA_TEAM} — Thu, 28 Jan 2010 04:02:44 +0000

[...] Norwegian Honeynet Project » Blog Archive » Analysing malicious PDF documents and shellcode. Leave a [...]