## OS X VMWare Fusion Privilege Escalation via Bash Environment Code Injection: Local Use

Just wanted to post a quick alternative of Metasploit’s VMWare Fusion CVE-2014-6271 exploit ( `metasploit-framework / modules / exploits / osx / local / vmware_bash_function_root.rb`

) for local shell use.

## CSAW CTF 2014 Qualification Round Write-up, Exploitation 400: “Saturn”

The annual NYU Polytechnic School of Engineering Cyber Security Awareness Week (CSAW) Capture The Flag (CTF) competition online qualifiers were held September 19-21, 2014. This is a writeup of one of the Exploitation challenges we solved: "saturn". The...## Random Solutions Are Often Good Enough

There is a subfield of computer science known as *approximation algorithms* whose goal is to find algorithms that can quickly find solutions that are not necessarily optimal, but are within some known bound of optimal. Under very reasonable assumptions, the expected value for the constant of approximation of a randomly selected feasible solution is almost always going to **at most** two. We present some empirical evidence suggesting that the random solutions are often even closer to optimal than ones produced by state-of-the-art approximation algorithms. Sometimes quickly and mindlessly choosing a random solution isn’t half bad!

## Physical Security Follow-up: These Locks Are Everywhere!

Now that these locks have piqued our curiosity we’re starting to see them everywhere we look.