About me (Ron)
Welcome to SkullSecurity! If you'd like to email me, I'm ron-at-skullsecurity-dot-net.
I registered "skullsecurity.org" (along with .net and .com) a couple years ago, to host the site for a Shadowrun campaign that ended up with the same name (that's a long story, but maybe I'll tell it some day!). When I created it, I knew it'd be an awesome name for a security site or group or whatever, so I told myself that someday, I'd create a blog there. And here we are.
This blog is, as the tagline (currently) says, "just another security weblog". I've been in the security field for awhile now, and am doing some work that I consider interesting, and thought I'd start sharing it. If you want to know what I'm working on, or what I do for fun, or what I need to access later, check out my wiki.
Anyway, with that aside, a little about myself. My name is Ron Bowes, I'm 24 25 26 27 and have a Bachelors of Computer Science (honours) from the University of Manitoba. I'm also a gold GIAC-certified penetration tester (GPEN), having completed the SANS 560 course (which, by the way, is a fantastic course!). I've worked at several security jobs since graduating, including a security analyst (specializing in application security and penetration testing) for the Province of Manitoba. Currently, I'm a Security Research Engineer at Tenable Network Security, focusing on reverse engineering enterprise software.
I cut my teeth, security-wise, on reverse engineering games for Battle.net, for the purposes of writing emulation bots, non-malicious hacks/plugins, and just plain educational tinkering. To my knowledge, I'm the first to have publicly released code for Warcraft 3 SRP, the Lockdown Modules, and Warden. One of my favourite things I wrote for Battle.net, in my programming infancy, was a Message Spoofer, which would allow users to send various control characters in their messages for effects like colours and alighment. To my knowledge, it was the first and only program that specialized in message spoofing.
My work in late 2008 and all of 2009 revolved around Microsoft's NetBIOS and SMB (aka, CIFS) protocols. Using a fantastic book called Implementing CIFS, by Christopher R. Hertel, I learned how Windows systems talk to each other, on a low level, and how I can manipulate this to assist penetration testers. I wrote a large collection of Nmap scripts to take advantage of this protocol in some interesting ways. You can find lots of blogs on this site about them.
Updated on January 1, 2010
2009 was the first year I participated significantly in the security community. I met a lot of well known folks at Defcon in Vegas and gave my first real presentation at Toorcon in San Diego. I also finished SANS 504 and, toward the start of 2010, started learning the DNS protocol in detail and writing some tools for cute DNS tricks. You can look forward to some blogs about DNS coming up, and hopefully 2010 will be another great year!
If you have any questions, feel free to email me or post a response here!
Bio
(I keep needing a bio when submitting talks and keep losing it, so I'll keep it here for safe keeping)
Ron Bowes entered the security industry during highschool when he taught himself assembly and reverse engineered the login sequences for several popular Blizzard titles (including Starcraft and Warcraft 3). Since then, he obtained a Bachelor of Computer Science at the University of Manitoba, and worked several jobs in both the private and public sectors before becoming a vulnerability research engineer at Tenable Network Security. Outside of his day job, he runs a security consulting company (Dash9 Security), he is an active Nmap developer, he compiles and disseminates research data on leaked or cracked passwords, and he currently maintains and developers dnscat, which implements reverse shells over DNS in new and clever ways.
April 23rd, 2009 at 09:31
Ron,
Apolgies for the name misspelling yesterday. My fault entirely. It's been changed, as you can see...one of the night edits noticed your comment and went into the post to make a correct.
Send me your contact info -- e-mail at least, phone # too if you don't mind -- for my future ref.
Thanks much.
Again, sorry.
/gregg keizer, computerworld
April 23rd, 2009 at 09:35
Hi Gregg,
No worries about the name, thanks for fixing it! :)
I'll send you my info.
Ron
May 24th, 2009 at 05:09
Hi Ron
Can I hire the job for you and I have big money to you also and This job is very easy
I am waiting your response.
Thank you
May 24th, 2009 at 08:33
Hi Nong,
Thanks for the offer, but I'm not looking for work right now.
Ron
June 1st, 2009 at 19:00
hi ron
keep on publishing tools ; spoofer is great . nice job!
June 1st, 2009 at 19:17
Thanks!
June 3rd, 2009 at 09:15
Nice website dude ;)
September 16th, 2009 at 15:29
Hi Ron, thanks for the information supplied. Is very helpful in my work.
Jorge
November 14th, 2009 at 10:58
Hi Ron,
Remember me?
Nice blog, I just happend to stumble upon it by chance.
April 2nd, 2010 at 07:37
Hi Ron
I found this site after following some links for some Nmap research i'm doing. And as it happened i found loads of other useful stuff too.
Keep up the great work.
Lee
June 2nd, 2010 at 22:02
Ron,
Just wanted to give you a heads-up that my engineer, our Chief Geek, is giving you and your website a shout out on our TechWiseTV Security Episode airing live tomorrow at 10 AM PST. Jimmy Ray was really complimentary of your site. Hope you can watch the show or the replay! http://www.cisco.com/offer/atsecurity/192311_26
Take care,
Robb
TechWiseTV
Cisco
November 4th, 2010 at 09:48
please please please please
help me to know the password for my girlfriend Facebook account
and this is the URL:
http://www.facebook.com/profile.php?id=1036885235
November 4th, 2010 at 09:50
I'm going to guess it's the same as the combination on my luggage: 123456
November 4th, 2010 at 10:16
please help me ron
November 4th, 2010 at 10:18
you are my hero
November 4th, 2010 at 10:35
this is her email
gadoort_2lby_2008@yahoo.com
i need the password for facebook
or
email
please
February 20th, 2011 at 01:13
Ron, great site. greg b from prov who bought you those shakes every now and then....miss having you around to ask about security...cheers Greg
April 7th, 2011 at 08:07
Great blog, keep it up! I would like to start my own security blog soon, and you have really awesome resources and information available here. Thanks!
April 10th, 2011 at 09:10
i happen to see your script of collecting facebook username i want to modify it to get users from a particular country ... please help or else give me a little hint
May 30th, 2011 at 17:03
Hi Ron,
Great work, thank you.
I have problem, it’s not serious but I want know conversations of my wife Elvedina and Edin Bajramovic. Thanks God we are far away from each other and nothing happened, they wrote each other just couple months.
His name and e-mail; Edin Bajramovic, e-mail: edy_1977@hotmail.com . Password of his hotmail will be more then welcomed.
He has facebook is on this name and this e-mail.
Thank you if you can help.
June 8th, 2011 at 09:52
He!!o Ron =D
Dude, just wanna thank you.
for all the professional
tips'n sfuff.
just found this blog...
And I had not so good experience aboute hacking.
And Iv' already learned a lot :D
Greating's from sweden mate.
November 23rd, 2011 at 12:00
Thank you Ron.
I am in my second year of a computer science degree and the assembly tutorial on your wiki is absolutely brilliant - you should stick it in a book and sell it.
If you do release it - even on kindle or free pdf or whatever - let me know :D
January 1st, 2012 at 04:51
Hi Ron..
I m very much interested in security field and currently doing B.Tech in Computer Engineering...
In future i m thinking about taking the course of SANS. As you specified the course SANS 560, i got interested in the particular course regarding to computer security field in SANS..
Thank you very much for sharing your knowledge....
January 11th, 2012 at 04:31
Hi Ron, can you add this to your password list, please http://contest-2010.korelogic.com/wordlists.html
April 25th, 2012 at 08:49
Hello Ron,
I'm new in network security and I have few questions/problems which I hope You can help me:
1# How to capture malicious packets incoming on my Windows XP computer and does not affect it with harmful payload.
And 2# Do You know any open source DHCP client for Windows XP which doesn't rely on netbios service ?
April 27th, 2012 at 08:41
Do You filter comments Ron ?
I send one few days ago and it goes in black hole.
May 4th, 2012 at 01:06
Hi Ron, I have met a problem in SAMBA. For some security reason, the new samba release issued a patch in the function "chain_reply" which will do some parameter checking. The checking can block some reply to be chained.
In my system, the client issued 2 requests in session_setup_andx (both 0x73 and 0x75), with the patch the server replied just 0x73, and then the client issued tree_connect request for the 0x75 and the server replied. The TID item was set to 1 with comments like Tree ID:1 (\\192.168.1.253\IPC$). The later when I tried to open the shared folder on the linux server, I was reminded as "I do not have access to the net". I checked the packages exchanged during the process found that when I tried to open the shared folder, the program still went through the IPC procedure instead of the normal trans2_requests.
But without the patch the program worked well and the server replied both 0x73 and 0x75 in the session_setup_andx_reply and the TID item was set to 1 without comments, just like Tree ID:1 .
Please help me about this which already took me 1 week, thanks a lot.
May 25th, 2012 at 10:13
Hey TK,
I do moderate comments, and the email notifications have been broken for months so I didn't realize I had missed any. Sorry. :)
Ron
August 2nd, 2012 at 13:16
Hello again Ron,
Is it possible to make exploit based on tcp/ip port exhaustion in Windows (probably in conjunction with svchost and big bandwith usage) - I have attacks on my network and trying resolve problem ?
February 17th, 2013 at 09:28
Just wanted to follow up and say that I'd love to speak with you about book writing.
Bill Pollock
March 13th, 2013 at 09:50
Agreed...SANS 560 is awesome