PoC||GTFO

PoC||GTFO

by Manul Laphroaig
August 2017, 768 pp.
ISBN-13: 
9781593278809
Full-color insert, leatherette cover, ribbon, gilt edges.

This highly anticipated print collection gathers articles published in the much-loved International Journal of Proof-of-Concept or Get The Fuck Out.

PoC||GTFO (Proof of Concept or Get The Fuck Out) follows in the tradition of Phrack and Uninformed by publishing on the subjects of offensive security research, reverse engineering, and file format internals. Until now, the journal has only been available online or printed and distributed for free at hacker conferences worldwide.

Consistent with the journal's quirky, biblical style, this book comes with all the trimmings: a leatherette cover, ribbon bookmark, bible paper, and gilt-edged pages. The book features more than 80 technical essays from numerous famous hackers, authors of classics like "Reliable Code Execution on a Tamagotchi," "ELFs are Dorky, Elves are Cool," "Burning a Phone," "Forget Not the Humble Timing Attack," and "A Sermon on Hacker Privilege." Twenty-four full-color pages by Ange Albertini illustrate many of the clever tricks described in the text.

Author Bio 

Pastor Manul Laphroaig curates PoC||GTFO with a fine gang of friends and neighbors. Many of his essays are featured in the book, including "Epistle to Hats of All Colors," "Sermon on the Divinity of Languages," and "Build Your Own Fucking Birdfeeder."

Table of contents 

A CFP with POC

“iPod Antiforensics” by Travis Goodspeed
“ELFs are dorky, Elves are cool” by S. Bratus and J. Bangert
“Epistle to Hats of All Colors” by Manul Laphroaig
“Returning from ELF to Libc” by Rebecca .Bx Shapiro
“GTFO or #FAIL” by FX of Phenoelit

Proceedings of the Society of PoC||GTFO

“RNG in four lines of JavaScript” by Dan Kaminsky
“Serena Butler’s TV Typewriter” by Travis Goodspeed
“Making a Multi-Windows PE” by Ange Albertini
“This ZIP is also a PDF” by Julia Wolf
“Burning a Phone” by Josh Thomas
“Sermon on the Divinity of Languages” by Manul Laphroaig

The Children’s Bible Coloring Book of PoC||GTFO

“Build your own birdfeeder” by Manul Laphroaig
“A PGP Matryoshka Doll” by Myron Aub
“Code Execution on a Tamagotchi” by Natalie Silvanovich
“Shellcode for MSP430” by Travis Goodspeed
“Calling putchar() from ELF” by Rebecca .Bx Shapiro
“POKE of Death for the TRS 80/M100” by Dave Weinstein
“This OS is also a PDF” by Ange Albertini
“A Vulnerability in Reduced Dakarand" by Joernchen
“Juggernauty” by Ben Nagy

Address on the Smashing of Idols to Bits and Bytes

“Greybeard’s Luck” by Manul Laphroaig
“This PDF is JPEG.” by Ange Albertini
“Netwatch for SMM” by Wise and Potter
“Packet-in-Packet Mitigation Bypass” by Travis Goodspeed
“An RDRAND Backdoor in Bochs” by Taylor Hornby
“Kosher Firmware for the Nokia 2720” by Assaf Nativ
“Tetranglix Boot Sector” by Haverinen, Shepherd, and Sethi
“Defusing the Qualcomm Dragon” by Josh Thomas
“Tales of Python’s Encoding” by Frederik Braun
“Angecryption” by Albertini and Aumasson

Tract de la Société Secrète

“Epistle on the Bountiful Seeds of 0Day” by Manul Laphroaig
“This OS is a Boot Sector” by Shikhin Sethi
“Prince of PoC” by Peter Ferrie
“New Facedancer Framework” by Gil
“Power Glitching Tamagotchi” by Natalie Silvanovich
“A Plausibly Deniable Cryptosystem’ by Evan Sultanik
“Hardening Pin Tumbler Locks” by Deviant Ollam
“Intro to Chip Decapsulation” by Travis Goodspeed
“Forget Not the Humble Timing Attack” by Colin O’Flynn
“This Truecrypt is a PDF” by Ange Albertini
“How to Manually Attach a File to a PDF” by Ange Albertini
“Ode to ECB” by Ben Nagy

Address to the Inhabitants of Earth

“A Sermon on Hacker Privilege” by Manul Laphroaig
“ECB: Electronic Coloring Book” by Philippe Teuwen
“An Easter Egg in PCI Express” by Jacob Torrey
“A Flash PDF Polyglot” by Alex Inführ
“This Multiprocessing OS is a Boot Sector” by Shikhin Sethi
“A Breakout Board for Mini-PCIe” by Joe FitzPatrick
“Prototyping a generic x86 backdoor in Bochs” by Matilda
“Your Cisco blade is booting PoC||GTFO” by Mik
“I am my own NOP Sled” by Brainsmoke
“Abusing JSONP with Rosetta Flash” by Michele Spagnuolo
“Sexy collision PoCs” by A. Albertini and M. Eichlseder
“Ancestral Voices” by Ben Nagy

Old Timey Exploitation

“On Giving Thanks” by Manul Laphroaig
“Gekko the Dolphin” by Fiora
“This TAR archive is a PDF!” By Ange Albertini
“X86 Alchemy and Smuggling” by Micah Elizabeth Scott
“Detecting MIPS Emulation” by Craig Heffner
“More Cryptographic Coloring Books” by Philippe Teuwen
“PCB Reverse Engineering” by Joe Grand
“Davinci Seal” by Ryan O’Neill
“Observable Metrics” by Don A. Bailey

PoC||GTFO, Calisthenics and Orthodontia

“The Magic Number: 0xAA55” by Morgan Reece
“Coastermelt” by Micah Elizabeth Scott
“The Lysenko Sermon” by Manul Laphroaig
“When Scapy is too high-level” by Eric Davisson
“Abusing file formats” by Ange Albertini
“AES-NI Backdoors” by BSDaemon and Pirata
“Innovations with Linux core files” by Ryan O’Neill
“Bambaata speaks from the past” by Count Bambaata
“Cyber Criminal’s Song” by Ben Nagy

Exploits Sit Lonely on the Shelf

“Witches, Warlocks, and Wassenaar” by Manul Laphroaig
“Compiler Bug Backdoors” by Bauer, Cuoq, and Regehr
“A Protocol for Leibowitz by Goodspeed and Muur
“Jiggling into a New Attack Vector” by Mickey Shkatov
“Hypervisor Exploit, Five Years Old” by DJC and Bittman
“Stegosploit” by Saumil Shah
“On Error Resume Next” by Jeffball
“Unbrick my Part” by Tommy Brixton
“Backdoors up my Sleeve” by JP Aumasson
“Naughty Signals” by Russell Handorf
“Weird Crypto” by Philippe Teuwen

View the detailed Table of Contents
View the Index

Reviews 

Featured on Hackaday