There are times when you need to do something simple from the logic point of view but a bit exhausting when it comes to the sum of calculations you need to perform. I'm referring here to the past times (like 3-4 years ago) when I was forced to do all my circuit calculations manually without using anything except paper, pen and a calculator (without the solve function :-)). Hopefully now when I need to do some circuit calculations (which happens very rarely - thank God!) I'm allowed to use some computer software like MATLAB, Mathcad etc. However every single piece of software has it own environment and something like own programming language. So the question is how to use it properly, to speed your work and limit it to writing the logic and forcing computer to do the calculations.

So our task is to calculate all the unknown currents (I1,I2,I3,I4,I6) and voltage value of Uj. To compute the logic equations I'm using the Mesh analysis method (loop analysis) [1] which relies on Kirchhoff's circuit laws [2] (this little article is not a circuit theory tutorial so I hope the reader is familiar with those laws).

Continue reading Using MATLAB and Mathcad for solving (mesh current) equations...

There have been relatively much noise about the latest paper about exploiting the SMB2 bug i had written. Some people i believe can't understand the unconditional love of doing security research. In other words this paper and entire technique was developed just for fun, in my spare time. It was not a sponsored research and in fact i haven't earned a single penny from it. I must confess I'm really happy i was able to meet guys that feel it the same way and they keep releasing things just for pure fun and for the purpose of information exchange (hey spender! :-)). Couple of people asked me how much time did I spend on this vulnerability, someone actually haven't but they have posted their own conclusions that were pretty entertaining but far away from truth. The fact is i have spent about a week for entire research - i mean overall. Thanks to open Europe borders i got infected with flu, no ideas wherever it was swine or not but it took me about two weeks to recover. While having the flu and feeling like dehydrated shit i found it hard to focus on the smb2 research so i have switched to developing some 3d engine of mine. Well the initial idea here was to create a engine which would be able to read some internal scene formats like the one used by 3D Studio Max, Maya, Lightwave3D or Cinema4D and being able to render it on the fly. Of course such things exists already and are pretty common in the demoscene community - like Plastic's PICO engine. I bet this will take me some years to complete :( Anyway returning to the SMB stuff, it is undeniable fact that Immunity created the first reliable SMB exploit and i don't negate that. At the same time, i believe it's important to notice that a single guy in his spare time can bring you similar results and i don't speak only about myself here. I bet there are a couple of underground people that have exploited this vulnerability too :-) Overall it was fun and that's how i consider it.

As you probably know it is October already, and it is surely the most "beloved" month for most of the students. I have decided to spent one more year at the university and finish my masters degree, even though I have thought about quitting it after i have obtained my BSc degree. This means i doubt there will be next posts here soon :(

Ok that's all, below you can see some initial renders and some Plastic demo (+PICO):

One of my initial renders (thank god for tutorials):

Linger In Shadows trailer (HD):



Slimy Maya Trickery (making of "Linger In Shadows"):

Kudos for HDM:
SMB2: 351 Packets from the Trampoline

Enjoy!

P.S Some small "exploitation" parts were skipped intentionally.

P.S2 Im not going to release the exploit, so dont ask about it!!! Thank you!

Drank up all kool-aid, left glasses in my kitchen
Food for thought, my nigga you do the dishes!.

The paper will be released as soon as i will find someone who will not be afraid to host it :-)

Piotr Bania Vs SMB2 VULN