It finally happened… After more than five years since the last issue, Phrack #70 is out, featuring my article “Exploiting a Format String Bug in Solaris CDE”!

It finally happened… I’ve been published on #Phrack! After more than five years since the last issue, #Phrack70 is out, featuring my article “Exploiting a Format String Bug in Solaris CDE”! I guess I can retire now 🐛https://t.co/6wN7pN0R6p

— raptor@infosec.exchange (@0xdea) October 5, 2021

For those who are not in the loop, Phrack is by far the longest running hacker e-zine and it’s widely considered the best and most prestigious publication “written by and for hackers”. It has a wide circulation that includes both hackers and infosec professionals. For me, this represents perhaps the most important lifetime achievement in the hacker scene. I still remember reading all past issues of Phrack as a teenager, starting from #1 released in 1985… As a matter of fact, you should read them all yourself. If you haven’t done it already, you’re missing out. They are fundamental knowledge.

My article dissects a particularly challenging exploit I published a few months ago and introduces a possible novel technique to exploit format string bugs on SPARC, while reminiscing of the good old days of unmitigated memory corruption vulnerabilities. I discussed this very same exploit in my recent keynote at #RomHack21.

Enough said, I don’t wanna spoil it. I hope you will enjoy reading it. Hack the planet! 🤘 🏴‍☠️