Magiic has been updated to include local mbox file indexing, color highlighting, compatibility to the most recent Python gnupg, and more.
Just wanted to post a quick alternative of Metasploit’s VMWare Fusion CVE-2014-6271 exploit (
metasploit-framework / modules / exploits / osx / local / vmware_bash_function_root.rb ) for local shell use.
Reversing this program is made frustrating by the fact that it was written in OCaml, generating many instructions that maintain internal structures, check stack alignment, etc. It becomes clear that in order to get the flag, we must pass the checks performed by each function within a list.
It is clear the binary has been messed with, and from both the description and name of the task, we hypothesize that bytes have only been shuffled around, not otherwise modified (via encryption, XOR, etc.).
If you know of a link we have missed, please let us know in the comments and we will add it shortly.