Luigi Auriemma

13 Sep 2011 Advisories: released the full detailed advisory of my WINS vulnerability (MS11-035 / ZDI-11-167)
13 Sep 2011 Advisories: Code execution in MetaStock 11
13 Sep 2011 Advisories: Vulnerabilities in eSignal 10.6.2425
13 Sep 2011 Advisories: Multiple vulnerabilities in Cogent DataHub 7.1.1.63 (SCADA)
13 Sep 2011 Advisories: Stack overflow in DAQFactory 5.85 build 1853 (SCADA)
13 Sep 2011 Advisories: Multiple vulnerabilities in Progea Movicon / PowerHMI 11.2.1085 (SCADA)
13 Sep 2011 Advisories: Directory traversal in Carel PlantVisor 2.4.4 (SCADA)
13 Sep 2011 Advisories: Denial of Service in Rockwell RSLogix 19 (SCADA)
13 Sep 2011 Advisories: Multiple vulnerabilities in Measuresoft ScadaPro 4.0.0 (SCADA)
13 Sep 2011 Advisories: Denial of Service in Beckhoff TwinCAT 2.11.0.2004 (SCADA)
12 Sep 2011 News: now you can follow me also on twitter
05 Sep 2011 Patches: XPDF pdftotext/pdftops/pdfimages allow copying of text (Win32) 0.1.1: added support for version 3.03
02 Sep 2011 Advisories: vulnerabilities in MPlayer on Windows and BroadWin WebAccess Client
26 Aug 2011 Advisories: some new advisories
14 Aug 2011 Research: FSB files extractor 0.2.13: some fixes for the generation of the filenames and the reimporting feature
07 Aug 2011 Research: ISI rFactor files decrypter/encrypter 0.2.1: added support for Game Stock Car and other additional future games
06 Jul 2011 News: Summer time... I don't know when I will return, maybe September
04 Jul 2011 Patches: ut3sticlefix.lpatch 0.2: now it works also with HomeFront and hopefully the rest of vulnerable games based on the Unreal engine 3
03 Jul 2011 Advisories: Integer overflow in foobar2000 1.1.7
03 Jul 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.12b: added Puzzle Agent 2
03 Jul 2011 MyToolz: Simple TCP proxy/datapipe 0.4.7b: added support for more ssl certificates and forced usage of listening port
03 Jul 2011 Password_recovery: CuteFTP data retriever and password decoder 0.2: added support for the new algorithm and hex password input
01 Jul 2011 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.2: finally an homepage for this project, many fixes and additions some of which are time, time64, clsid, ipv4, ipv6, assembly types (yes now it can be used as a quick assembler/disassembler), rotate, reverse and pc1 encryption, msf compression, new experimental input and outputs with SSL added to the socket interface, the -H option for a html output of the parsed file format and much more
30 Jun 2011 Advisories: little correction about the latest HP advisory because that one is a component used in various other HP enterprise softwares
27 Jun 2011 Advisories: in_midi multiple vulnerabilities in Winamp 5.61
27 Jun 2011 Advisories: Multiple vulnerabilities in Winamp 5.61
27 Jun 2011 Advisories: Arbitrary files deletion in HP OpenView Performance Agent
27 Jun 2011 Advisories: Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2
27 Jun 2011 Advisories: Arbitrary files deletion in Novell File Reporter 1.0.4.2
27 Jun 2011 Advisories: Off-by-one in Sybase Advantage Server 10.0.0.3
27 Jun 2011 Advisories: bcksrvr format string in Sybase Adaptive Server 15.5
27 Jun 2011 Advisories: added some small old bugs that I reported on my forum affecting:: GS4, ShockVoice, NVIDIA RealityServer, Kart Racing Pro and some servers for Minecraft
26 Jun 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.12a: added the key for the latest episode of bttf
24 Jun 2011 MyToolz: NRG2CUE generator 0.1.1: added the possibility to dump the file as an ISO
24 Jun 2011 MyToolz: Sleepy 0.2.4a: little fix for the l (loop) option in very rare cases
12 Jun 2011 MyToolz: PackZip 0.2.1a: fixed a lame bug introduced in the latest version where the size of the output file was bigger than the original
08 Jun 2011 Research: QuickBMS generic files extractor and reimporter 0.5.1: updated the supported calling conventions, added experimental support for network sockets and processes, various fixes for the write operations, added rotate encryption and a new useless option for the math one
08 Jun 2011 MyToolz: x86 32bit calling conventions 0.2: gcc wrapper for cdecl, stdcall, thiscall, msfastcall, borland, pascal, watcom, safecall, syscall, optlink and clarion
07 Jun 2011 Research: PunkBuster online GUID checker 0.1.12: added Assassin's Creed and Battlefield Play4Free
07 Jun 2011 MyToolz: Lanfile 0.1.4: added the -X option to allow the sending of files although one can't be read/written or has a different md5
04 Jun 2011 Advisories: Some bugs in HP IMC, Sybase OneBridge and a quick NULL pointer in iMatix Xitami
31 May 2011 Research: QuickBMS generic files extractor and reimporter 0.5: updated some libraries, added libkirk and nitrosdk, incremental xor and rot encryptions, aes ctr, added the new types: float, double, variable, variable2 and variant, new cool debug mode, various fixes, allowed the reimporting of nameless files (like 00000000.dat), experimental parsing of C structures, handling of multiline comments, added falcom recompression and dragonballz decompression
10 May 2011 Advisories: Vulnerabilities in Microsoft WINS, HP 3COM/H3C Intelligent Management Center and Sybase M-Business Anywhere
10 May 2011 Advisories: Vulnerabilities in Quest Big Brother 4.40
29 Apr 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.12: added support for Hector and the latest BTTF
27 Apr 2011 MyToolz: Proxocket 0.1.6a: fixed a NULL pointer in some rare conditions
27 Apr 2011 Research: OSRW anticheat logs decrypter 0.1.1: added support for OSRW 1.4
27 Apr 2011 MyToolz: PackZip 0.2.1: solved the problem of needing the gcc-dw2 dll and added support for lzma if wbits is equal to 0
13 Apr 2011 About: added a clarification useful to the companies interested in my research and possible collaborations
12 Apr 2011 Advisories: Stack overflow in Microsoft HTML Help 6.1 (CHM files)
11 Apr 2011 Advisories: Vulnerabilities in Microsoft Reader 2.1.1.3143 / 2.6.1.7169
11 Apr 2011 Advisories: DoS vulnerabilities in Microsoft Host Integration Server 2010 8.5.4224.0
05 Apr 2011 Research: GS peerchat IRC proxy 0.3.3b: filtered the CAP command used by some IRC clients like Mirc
03 Apr 2011 MyToolz: Offset file unzipper 0.3.5: fixed a bug introduced in the previous release that didn't close the dumped files
29 Mar 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.11g: added the key for the new BTTF episode
24 Mar 2011 Research: XWB/ZWB files unpacker 0.3.4: added the GUI and solved a problem with the recognizing of XMA/wma files
24 Mar 2011 Research: GS peerchat IRC proxy 0.3.3a: solved the bug of the missing Xs in the IP (thanx chc)
21 Mar 2011 Advisories: Vulnerabilities in Siemens Tecnomatix FactoryLink 8.0.1.1473 (SCADA)
21 Mar 2011 Advisories: Vulnerabilities in Iconics GENESIS32 9.21 and GENESIS64 10.51 (SCADA)
21 Mar 2011 Advisories: Vulnerabilities in 7-Technologies IGSS 9.00.00.11059 (SCADA)
21 Mar 2011 Advisories: Vulnerabilities in DATAC RealWin 2.1 (Build 6.1.10.10) (SCADA)
21 Mar 2011 Advisories: Heap overflow in RealPlayer 14.0.1.633
11 Mar 2011 Research: QuickBMS generic files extractor 0.4.10b: fixed a bug in quickbms64_test
11 Mar 2011 MyToolz: Mydown 0.2.7a / mydownlib 0.2.5f: fixed a bug that didn't allow HTTP 302 redirections
10 Mar 2011 MyMusic: Ignorantissimo: a nice and very simple track at 170 bpm, long time away from the trackers...
10 Mar 2011 Research: QuickBMS generic files extractor 0.4.10a: fixed a small problem of the reimport mode happening in some rare cases when encryption is used
09 Mar 2011 Research: QuickBMS generic files extractor 0.4.10: fixed a bug in the reimport option and added various recompression algorithms
08 Mar 2011 Research: QuickBMS generic files extractor 0.4.9a: only fixed the xxtea encryption
07 Mar 2011 Research: Gslist 0.8.10a: I have only uncommented an html line needed for the webgui
06 Mar 2011 Research: QuickBMS generic files extractor 0.4.9: added the experimental -r option that allows to reimport the extracted files or some of them without modifying the scripts (yeah finally it's possible), added the lzo1/1x/2a, gzip and lzss recompressions, fixed the behaviour of unzip_dynamic, fixed and enhanced the automatic extensions, FileCrypt command, Math and Swap encryptions
06 Mar 2011 MyToolz: Offset file unzipper 0.3.4a: fixed and enhanced the automatic extensions
26 Feb 2011 Research: QuickBMS generic files extractor 0.4.8c: fixed a bug in the automatic setting of the extension for nameless files and one in unzip_dynamic
26 Feb 2011 MyToolz: Offset file unzipper 0.3.4: added the possibility of viewing the size of the files in hexadecimal, automatic extensions for the files and request of overwriting if exist files with the same name
25 Feb 2011 Research: FSB files extractor 0.2.12: some optimizations like the real-time decryption (no longer uses the temporary file), options for specifying the password, encrypting/decrypting the file, the offset where starts the FSB data and even a minimilistic scanning the file
22 Feb 2011 Research: Gslist 0.8.10: fixes and enhancements of the web interface
21 Feb 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.11f: added the second episode of bttf
20 Feb 2011 Research: OSRW anticheat logs decrypter 0.1: decrypter for the log files generated by the OSRW anticheat for rFactor (F1 rFactor 2010)
19 Feb 2011 Advisories: Refractor 2 engine NULL pointer: Battlefield 2 1.50 and 2142 1.51 affected
15 Feb 2011 Research: QuickBMS generic files extractor 0.4.8b: fixed a stupid error in the extraction function that allocated one gigabyte instead of one megabyte
21 Jan 2011 Research: QuickBMS generic files extractor 0.4.8a: micro fix to avoid NULL pointers
20 Jan 2011 Research: QuickBMS generic files extractor 0.4.8: added putbits, fixed a possible problem in write mode, added the R string operation, fixed the reading of the filexor/filerot keys, now the extracting of files non compressed and non encrypted should take almost no memory, experimental quickbms64_test version for archives and files bigger than 4 gigabytes, various fixes and enhancements
19 Jan 2011 Advisories: Code execution in Microsoft Fax Cover Page Editor 5.2.3790.3959
13 Jan 2011 Advisories: Stack overflow in Winlog 2.07.00
11 Jan 2011 MyToolz: Rmchar 0.2: just an update for this jurassik tool
05 Jan 2011 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.7a: fixed a bug in the encryption
27 Dec 2010 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.7: added support for 0.3c RC7
27 Dec 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11e: added Back to the future - It's About Time
21 Dec 2010 Advisories: Directory traversal in IntegraXor 3.6.4000.0
18 Dec 2010 Research: PunkBuster online GUID checker 0.1.11: added Medal of Honor
07 Dec 2010 MyToolz: Proxocket 0.1.6: fixed the capturing of the WSA functions if the socket was initialized with -1 for type and protocol, the captured files are saved in the folder of the monitored program with a better filename
07 Dec 2010 MyToolz: BDE64 0.2.2: added only the handling of the url encoded chars
07 Dec 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11d: added the keys of PokerNight and CSI6
07 Dec 2010 TestingToolz: UDPSZ 0.3.2
04 Dec 2010 MyToolz: Mydown 0.2.7 / mydownlib 0.2.5e: two small fixes and a couple of testing options in mydown
04 Dec 2010 Research: FSB files extractor 0.2.11: automatic big to little endian conversion for wave files, fixed the alignment used in FSB4 0x40, fixed drag'n'drop
04 Dec 2010 Research: Race WTCC files encrypter/decrypter 0.3.1: now it will automatically test the -k volvo option if the zlib compression fails, and yes -k volvo works also with RaceRoom
18 Nov 2010 Advisories: Memory leak in Call of Duty Black Ops
18 Nov 2010 TestingToolz: UDPSZ 0.3.1: new features and bugfixes
01 Nov 2010 MyToolz: Lame patcher 0.4.4a: fixed the -y option
21 Oct 2010 TestingToolz: UDPSZ 0.3: new features and many parts rewritten
21 Oct 2010 TestingToolz: TFTP server tester 0.2a: only a typo, blksize instead of blocksize
20 Oct 2010 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.6: support for 0.3b servers
18 Oct 2010 TestingToolz: UDPSZ 0.2.3a
18 Oct 2010 TestingToolz: UDPSZ 0.2.3: bugfixes, enhancements and more chaotic than before
18 Oct 2010 TestingToolz: TFTP server tester 0.2: partially rewritten because the code was too old
15 Oct 2010 Advisories: Two buffer-overflow in DATAC RealWin 2.0 (Build 6.1.8.10)
15 Oct 2010 Advisories: Multiple Denial of Service in UniData unirpcd.exe 7.2.7.3806
15 Oct 2010 Advisories: Denial of Service in solidDB 6.5.0.3
13 Oct 2010 Advisories: Multiple buffer-overflows in Winamp 5.5.8.2985
10 Oct 2010 Research: HLSWlist 0.1.1c: added only 3 new gamenames (but they seem still not used on the master server)
07 Oct 2010 Research: CBF files extractor 0.2.2: added support for a type of archive used in the old Vietcong multiplayer demo
04 Oct 2010 Research: QuickBMS generic files extractor 0.4.7: solved a bad bug in CallFunction, some enhancements
03 Oct 2010 Research: FSB files extractor 0.2.10: added a simple GUI for who doesn't like to use the command-line
01 Oct 2010 Research: Gslist 0.8.9: fixed a bug in the -Q option, added the possibility to build custom packets to use with -d/-Q, fixed the building of gslist.cfg; note that the unavailability of games like CoD4 and Quake3 depends by the master server so nothing to do with gslist but if you need alternatives take a look at hlswlist, qtracklist and getsc
25 Sep 2010 Research: FSB files extractor 0.2.9: optimizations only for the rebuild mode, now it automatically works also with files that include an header so the -R option is NO longer needed, fixed also a rounding math in the recalculation of the lenghtsamples field
25 Sep 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11c: added the key of the last Sam and Max episode
25 Sep 2010 TestingToolz: loDNS 0.1.1: added another proxy-like monitoring method and a better runtime help
13 Sep 2010 Research: Quakelive xmpp.quakelive.com password retriever 0.1.1: updated for supporting the new login mechanism and now works also by double-clicking on the exe
13 Sep 2010 MyToolz: Mydown 0.2.6c / mydownlib 0.2.5d: added experimental (and optional because badly written) support for SSL
12 Sep 2010 Research: orkdec filenames dumper 0.1.1: added support for Battle March and made DEP compatible
02 Aug 2010 News: summer time
01 Aug 2010 Research: QuickBMS generic files extractor 0.4.6a: removed the FindLoc modification I added in the last version, added a verbose message when Idstring doesn't match, added the B/E/C operators in String that work on null delimited strings
30 Jul 2010 Password_recovery: Digsby password decoder 0.2: added support for the recent versions
29 Jul 2010 Research: GS peerchat IRC proxy 0.3.3: some small bugfixes and enhancements
28 Jul 2010 Research: QuickBMS generic files extractor 0.4.6: added the COMPRESSED method used to store big amounts of data in the scripts using less bytes (zlib plus base64), experimental support for libtomcrypt, the -E option that allows to change the endianess of a file on the fly by simply knowing its format and reading it, -d option for creating an output folder with the name of the input file, support for variables in FindLoc, support for SEEK_CUR and SEEK_END in GoTo, rnc and pak_explode compressions, r operator in String for reversing strings and = for converting numbers to strings
28 Jul 2010 MyToolz: Simple TCP proxy/datapipe 0.4.7a: added only the possibility of specifying dtls1 in the -X option
23 Jul 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11b: added support for the latest Sam and Max
22 Jul 2010 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.5: added some additional testing options
22 Jul 2010 MyToolz: Signsrch 0.1.6a: fixed -F when used with multiple files
22 Jul 2010 Research: GS login server emulator 0.2.3b: added a micro enhancement that should do just nothing
20 Jul 2010 Advisories: Lithtech engine memory corruption: mainly focused on F.E.A.R., no technical info about the bug
20 Jul 2010 Fake_players_bug: Lithtech engine Fake Players DoS 0.3: rewritten almost completely for matching better the protocol
19 Jul 2010 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.4: mini enhancements and support for Devastation and Brothers in Arms (useless because any server of the BIA series crashes through unrealfp)
18 Jul 2010 Fake_players_bug: DirectPlay 8 Fake Players DoS 0.1.3: only some enahncements and support for the bugs reported in the previous advisory
18 Jul 2010 Advisories: Vulnerabilities in DirectPlay8: updated the previous advisory due to a new vulnerability affecting any game based on DP8
18 Jul 2010 Advisories: NULL pointer in some games that use DirectPlay8
17 Jul 2010 Advisories: Invalid memory access in Unreal Tournament 3 2.1
15 Jul 2010 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.3: some small updates and fixes, added support for Vegas 2 (DemonWare AGORA) and the -B option containing a quick list of bugs to test
15 Jul 2010 Advisories: Failed assertion in old games based on Unreal engine: maybe interesting but only for old games
07 Jul 2010 Advisories: Two vulnerabilities in Ghost Recon Advanced Warfighter 1 and 2
06 Jul 2010 Advisories: Clients unicode buffer-overflow in Unreal engine 2.5: for the less recent games and versions of the engine
05 Jul 2010 Advisories: Negative memcpy in id Tech 4 engine
05 Jul 2010 Advisories: NULL pointer in Tripwire Interactive games: Red Orchestra Ostfront 41 45, Killing Floor, Darkest Hour and Mare Nostrum
03 Jul 2010 Advisories: Denials of Service in Freeciv 2.2.1
02 Jul 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11a: added the key of Puzzle Agent and the latest Sam and Max
02 Jul 2010 Research: EAlist 0.1.4: added the -S option that allows to run a fake fesl server that accepts one client at time, I have added it for testing purposes
01 Jul 2010 Advisories: Buffer-overflow in the Electronic Arts games that use Gamespy
01 Jul 2010 Research: GS login server emulator 0.2.3a: added a compatibility feature found just today in Red Alert 3 (authtoken used instead of the username)
... old news