You are browsing the archive for Silly.

IDA Fonts of Eton

September 26, 2020 in Silly

The other day I twitted example of IDA Pro showing code using a very posh font called Harrington:

I also posted Comic Sans Serif version by special request from @silascutler 😉

and

If you are curious how I did it — well, I chose the hardest possible way w/o looking at alternatives.

If you open IDA Pro Font choosing Dialog Box you will only see a subset of fonts that have a fixed width (Monospaced fonts):

In order to adjust IDA’s behaviour to allow me to choose any font I… didn’t check configuration files or Registry – I went directly to the co(d|r)e.

If you ever played with GDI API functions you know that font selection is associated with a variety of CreateFont* functions. One of the lowest level user-mode functions that is eventually called is CreateFontIndirectW. If you know that, the recipe is simple – open IDA Pro under XDBG, put a breakpoint on CreateFontIndirectW, disable it, let IDA Run, Open Font Dialog Box, choose any font – now you are game, now enable breakpoint, hit OK – change font name in XDBG, run. Et Voilà!

Laws of infosec

August 20, 2020 in Silly

In the past I posted what I called a law of a threat hunter, but thought we could probably generalize and expand it a bit more, and in the end I came up with this list:

The law of a threat hunter

For every two most distant technologies there exist a developer that will bring them together.

The law of an end user

The end user is not a security control.

The law of a mind blowing / disrupting product / service offering

Congratulation on your Quality Assessment of an unfinished product opportunity.

The law of a vendor promise

It works in our lab. We have it on our roadmap. Defo in our next release.

The law of a infosec certification

You are certified to have a certification.

The law of an infosec advice

It’s most of the time a subjective, biased opinion.

The law of an Infosec Though Leader

“Actually”

The law of a novel cyber idea

McAfee did it first.