Rbcafe 3D Title
A regularly updated website or web page, typically one run by an individual or small group, that is written in an informal or conversational style.
1) Download ECM from the Mac App Store.
2) Launch ECM.
3) Select an ISO to compress to the ECM format.
4) Drag and drop the ISO to ECM.
5) Select a path to export the ECM file.
6) Click « Convert ».
7) The file was converted into an ECM file.
8) You can observe the new weight of your new file, and that the ISO size was reduced.
ISO ORIGINAL SIZE : 102.9MB
ECM NEW SIZE : 90.4MB
You can compress ISO files with ECM. Download ECM for OSX.
Demonstration of proof-of-concept attack on iOS’s Mail app. Apple was notified about technical details of this vulnerability on 2015-01-15
iOS 8.3 Mail.app inject kit
It was filed under Radar #19479280 back in January, but the fix was not delivered in any of the iOS updates following 8.1.2. Therefore I decided to publish the proof of concept code here.
The exploit got a nice CVE-2015-3710 sticker and was fixed by Apple in iOS 8.4 and OS X 10.10.4. Kudos to Apple for prompt response once it was published publicly.
Framework7: Vladimir Kharlampidi (http://www.idangero.us/framework7/) – Framework7’s CSS code was used for the login dialog styling
The code detects that the research subject has already visited the page in the past (using cookies) and it stops displaying the password prompt to reduce suspicion.
The e-mail address and password are submitted via GET to framework.php, which then saves them to the mydata.txt file, sends them out via e-mail to the specified « collector » e-mail address and then returns the research subject back to Mail.app using redirect to message://dummy.
The password field has autofocus enabled. We then use focus detection to hide the login dialog once the password field loses its focus (e.g. after the subject clicks on OK and submits the password). Why even bother with this redirect nonsense when you can put <form> directly inside the HTML e-mail?