To discuss about Twitter Bitcoins Scam happened yesterday - 15-07-2020
BTC Address of Hacker -- https://www.blockchain.com/btc/address/bc1qxy2kgdygjrsqtzq2n0yrf2493p83kkfjhx0wlh
though after the Total Hack, Hacker was able to garnered around 10 Millions ++ USD
News Covered by BBC -- https://www.bbc.com/news/technology-53425822
The Verge - https://www.theverge.com/2020/7/15/21326200/elon-musk-bill-gates-twitter-hack-bitcoin-scam-compromised
Few Hacked Accounts I saw -
1- Apple Official - iPhone Owner Official LOL
2- Twitter Support - Haha Official Account
3- Bill Gates - LOL No Need Description
4- Barack Obama - ex President of USA
5- Elon Musk - Well Known 7th Richest Person and Tesla SpaceX CEO
6- Mike Bloomberg - Billionaire Media Owner
8- kanye West - May be standing for Election and Famous Singer
9- Jeff Bezos - No. 1 in the List of rich and Ofcourse Amazon Owner
10- Benjamin Netanyahu
16- Charlee Lee
17- Joe Biden
18- Justin Sun
19- Warren Buffett
and almost all CEOs and Crypto Companies, Payments Site
Luckily I didn't see Mark Zuckerberg in the List.
They targeted almost all big accounts on twitter.
Its the most astonishing news I saw and i think probably 2nd biggest news after Corona in this 2020.
what is your opinion guys? Let's discuss about it.
1 Million Bounty announced for White Hat by Justin Sun -- https://cointelegraph.com/news/justin-sun-offers-1-million-bounty-in-exchange-for-twitter-hackers
Interesting .. because with a x86 app running under WoW I can force the mem base of the loaded exe to 0x10000
this is mapped as RW but allows code execution as though RWX
First two images shows a typical standard dll characteristic which random mem maps
the other two I forced a dll characteristic of 0 and force it to 0x10000 and I can execute any opcode despite the RW mapping
1) Since it is mapped as RW shouldnt DEP prevent any execution?
By seeing the number of imports on your screenshot and the ollydbg.exe in upper case i would guess you tried this on ollydbg v1.10, not on ollyv2
The description don't mention it here but that thing is for v2, if you look inside the readme of the archive, it says (in french) that the code has been rewrote for olly 2.
So try with v2, or recompile the dll for v1.
Also i'm checking the src and this can really be improved more. Especially for the v2 as if you rename ollydbg.exe to blabla.exe,