HackDig : Dig high-quality web security articles for hacker

Intel PIN, Cheatz, Hax, And Detection Part 1

Herro! It’s been a while, but I’m still kicking. I got some new stuff to talk about. Specifically the binary instrumentation utility ‘PIN’ from Intel. We’re going to go over taking full advantage of this tool to cheat at games, unpack malwarez, and how to detect if your app is being run via PIN. Part 1 of this series will be o
Publish At:2016-12-15 11:50 | Read:2299 | Comments:0 | Tags:code reversing PIN

Inside the IOActive Silicon Lab: Reading CMOS layout

By Andrew Zonenberg @azonenbergEver wondered what happens inside the IOActive silicon lab? Forthe next few weeks we’ll be posting a series of blogs that highlight some ofthe equipment, tools, attacks, and all around interesting stuff that we dothere. We’ll start off with Andrew Zonenberg explaining the basics of CMOSlayout. Basics of CMOS L
Publish At:2016-11-19 20:15 | Read:2140 | Comments:0 | Tags:Andrew Zonenberg chip CMOS hacking microchip reverse enginee

Inside the IOActive Silicon Lab: Interpreting Images

By Andrew Zonenberg @azonenbergIn the post “ReadingCMOS layout,” we discussed understanding CMOS layout in order to reverse-engineerphotographs of a circuit to a transistor-level schematic. This was all well andgood, but I glossed over an important (and often overlooked) part of theprocess: using the photos to observe and understand the circuit&
Publish At:2016-11-19 20:15 | Read:2237 | Comments:0 | Tags:Andrew Zonenberg chip hacking CMOS hacking microchip reverse

Backdooring a DLL part 4

Here we are finally at the last part of my series on backdooring dll files. I wanted to cover again detours as a means of backdooring dll files and executables. A fellow 2600 member I spoke to asked me the other day about what it would take to modify an exe without changing it on disk. For that I say detours! That’s what I’m going to do this in e
Publish At:2016-09-10 20:00 | Read:3083 | Comments:0 | Tags:code Joe you evil bastard reversing backdooring a dll C#

Reverse Engineering With Radare2 – Part 1

Welcome back to the radare2 reversing tutorials. If you’ve missed the intro, you can find it here. The last time you got the challenge01 binary and your goal was to find the password for the login. Let’s see how the application looks like: $ ./challenge01 ################################## # Challenge 1 # #
Publish At:2016-08-19 16:40 | Read:1678 | Comments:0 | Tags:Uncategorized radare2 reversing tutorial

PFX Profiles in Microsoft’s System Management Server

In a recent assessment, we had to evaluate how Microsoft’s System Management Server (SMS) certificate management solution (CMS) stores and handles certificates. This question came up because sensitive, encrypted user certificates were to be stored in the SMS CMS. Due to the sensitivity of the handled certificates, we assessed the protection capabilitie
Publish At:2016-08-05 23:15 | Read:1126 | Comments:0 | Tags:Security crypto Microsoft reversing sccm

Reverse Engineering With Radare2 – Intro

Hi, As some of you may know, there is a “new” reverse engineering toolkit out there which tries to compete with IDA Pro in terms of reverse engineering. I’m talking about radare2, a framework for reversing, patching, debugging and exploiting. It has large scripting capabilities, runs on all major plattforms (Android, GNU/Linux, [Net|Free|Op
Publish At:2016-08-03 16:25 | Read:1389 | Comments:0 | Tags:Uncategorized radare2 reversing tutorial

Backdooring DLL’s Part 3

Whaddup fellow crackers. Long time, no see. In this article, we’re going to do something I rarely bother with – Linux! Yes, you can backdoor Linux binaries quite easily. One method I like to use is via the LD_PRELOAD environment variable. Within the header file “dlfcn.h”, there exists a function named ‘dlsym’ which is us
Publish At:2016-07-31 16:45 | Read:2065 | Comments:0 | Tags:code reversing backdooring a dll linux

Backdooring a DLL

Howdy! It’s been a dogs age, but I’m back at it. I had a crazy idea come to me. Backdoor a common DLL. From time to time I’ll download a dll off the net if its required for some other program to run. It hit me, how can I modify a dll to be backdoored for use? and DLL Sidejacking Modification of a dll isn’t hard – they’re
Publish At:2016-06-04 13:20 | Read:3105 | Comments:0 | Tags:reversing Uncategorized backdooring a dll

2000 cuts with Binary Ninja

Using Vector35’s Binary Ninja, a promising new interactive static analysis and reverse engineering platform, I wrote a script that generated “exploits” for 2,000 unique binaries in this year’s DEFCON CTF qualifying round. If you’re wondering how to remain competitive in a post-DARPA DEFCON CTF, I highly recommend you take a look at Binary Ninja. Before I sha
Publish At:2016-06-04 00:00 | Read:3506 | Comments:0 | Tags:Exploits Program Analysis Reversing

SmarterMail Password Decryption Updates

Greetings and salutations! One of my faithful readers reminded me that one of my old programs I wrote no longer works. This is due to SmarterMail updating their source code and me not updating enough. So to fix this, I have come up with a half-ass solution. For those wondering how to decrypt SmarterMail hashes, here’s how: It’s DES encryption wi
Publish At:2016-05-24 21:50 | Read:3849 | Comments:0 | Tags:code cracking reversing cracking smartermail

Discover the Unknown: Analyzing an IoT Device

This blog post will give a brief overview about how a simple IoT device can be assessed. It will show a basic methodology, what tools can be used for different tasks and how to solve problems that may arise during analyses. It is aimed at readers that are interested in how such a device can be assessed, those with general interest in reverse engineering or t
Publish At:2016-04-12 14:20 | Read:3319 | Comments:0 | Tags:Tools AES crypto IoT network nmap NSE reversing

Join us at Etsy’s Code as Craft

We’re excited to announce that Sophia D’Antoine will be the next featured speaker at Etsy’s Code as Craft series on Wednesday, February 10th from 6:30-8pm in NYC. What is Code as Craft? Etsy Code as Craft events are a semi-monthly series of guest speakers who explore a technical topic or computing trend, sharing both conceptual ideas and practical advice. Al
Publish At:2016-02-04 21:00 | Read:1258 | Comments:0 | Tags:Apple Conferences Program Analysis Reversing

Joecrypter finally released

Finally, I’m done with this my crypter. I’ve written the entire thing in a mish mash of C#, C, and assembly. The crypter I made modifies exes, packs them, and adds AV / VM / Sandbox / debugging evasions inside of a wrapper. I’m employing a basic process hollowing technique for the payload that is only run after all evasions are satisfied.
Publish At:2015-12-22 05:10 | Read:2740 | Comments:0 | Tags:code Joe you evil bastard reversing

3 stage dot net Trojan

Howdy fellow readers. My time is split between video games, code, and work. I have a number of interesting samples I’ve seen that I’ve decided to share with you all. This is a 3+ stage malware. Each stage meaning its own executable (think inception, but with exes). This isn’t all that uncommon with malware. Typically the file you first down
Publish At:2015-09-25 19:25 | Read:2868 | Comments:0 | Tags:code reversing malware

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud