Jump to content
Tuts 4 You

Programming & Coding

48 files

  1. Platform-Independent Programs

    Given a single program (i.e., bit string), one may assume that the program's behaviors can be determined by first identifying the native runtime architecture and then executing the program on that architecture. In this paper, we challenge the notion that programs run on a single architecture by developing techniques that automatically create a single program string that a) runs on different architectures, and b) potentially has different behaviors depending upon which architecture it runs on. At a high level, a primary security implication is that any program analysis done on a program must only be considered valid for the assumed architecture. Our techniques also introduce a new type of steganography that hides execution behaviors. In order to demonstrate our techniques, we implement a system for generating platform-independent programs for x86, ARM, and MIPS. We use our system to generate real platform-independent programs.

    86 downloads

    0 comments

    Submitted

  2. Play XM Chips Without Additional DLL From C#

    I will show you how to build a standalone executable in C# that can play an XM chip from resources without additional external libraries.

    90 downloads

    0 comments

    Submitted

  3. Program Analysis Using Binary Decision Diagrams

    A fundamental problem in interprocedural program analyses is the need to represent and manipulate collections of large sets. Binary Decision Diagrams (BDDs) are a data structure widely used in model checking to compactly encode large state sets. In this dissertation, we develop new techniques and frameworks for applying BDDs to program analysis, and use our BDD-based analyses to gain new insight into factors influencing analysis precision.

    To make it feasible to express complicated, interrelated analyses using BDDs, we first present the design and implementation of Jedd, a Java language extension which adds relations implemented with BDDs as a datatype, and makes it possible to express BDD-based algorithms at a higher level than existing BDD libraries.

    Using Jedd, we develop Paddle, a framework of context-sensitive points-to and call graph analyses for Java, as well as client analyses that make use of their results. Paddle supports several variations of context-sensitive analyses, including the use of call site strings and abstract receiver object strings as abstractions of context.

    We use the Paddle framework to perform an in-depth empirical study of the effect of context-sensitivity variations on the precision of interprocedural program analyses. The use of BDDs enables us to compare context-sensitive analyses on much larger, more realistic benchmarks than has been possible with traditional analysis implementations.

    Finally, based on the call graph computed by Paddle, we implement, using Jedd, a novel static analysis of the cflow construct in the aspect-oriented language AspectJ. Thanks to the Jedd high-level representation, the implementation of the analysis closely mirrors its specification.

    94 downloads

    0 comments

    Submitted

  4. Opcodes Help Table v1.0

    This project I made by myself, because I needed to constantly consult the opcodes to several of the assembly codes at the same time, wasting my attention from what I really needed to accomplish. Now with only one opened window I have access to all opcodes that I use when I am working in reversing engineering or developing, I hope it is useful for you. If you have some opcode that you want that I place in this help file, please send the text file.

    Intel 8086 Family
    Microsoft .NET
    Java
    SQLite

    144 downloads

    0 comments

    Submitted

  5. Loading a DLL from Memory

    The default windows API functions to load external libraries into a program (LoadLibrary, LoadLibraryEx) only work with files on the filesystem. It's therefore impossible to load a DLL from memory. But sometimes, you need exactly this functionality (e.g. you don't want to distribute a lot of files or want to make disassembling harder). Common workarounds for this problems are to write the DLL into a temporary file first and import it from there. When the program terminates, the temporary file gets deleted.

    In this tutorial, I will describe first, how DLL files are structured and will present some code that can be used to load a DLL completely from memory - without storing on the disk first.

    161 downloads

    0 comments

    Submitted

  6. Memory Layout for Windows XP

    A PDF poster showing the memory layout of Windows XP and User-Kernel Address Spaces.

    104 downloads

    0 comments

    Submitted

  7. Microsoft Macro Assembler Reference

    The Microsoft Macro Assembler (MASM) provides you with several advantages over inline assembly. MASM contains a macro language with looping, arithmetic, text string processing, and so on, and MASM supports the instruction sets of the 386, 486, and Pentium processors, providing you with greater direct control over the hardware. You also can avoid extra time and memory overhead when using MASM.

    119 downloads

    0 comments

    Submitted

  8. MSIL OpCode Table v1.0

    An MSIL opcode table for .NET.

    154 downloads

    0 comments

    Submitted

  9. How To Play XM Music From Your Own Code

    The perefect way to play XM music is by using the MiniFmod. since it is free to use, we can producereally cool keygens. i'v choosed keygens as the perfect taregt to play music on, as we all know its cool in the end. The best way to find our XM music is the mod archive located at: http://www.modarchive.com/. It is a huge archive, and allot of cool music can be found there, so just before coding, select ur file (recomended size : 2k-30k) i especially like the "Hybrid Song.XM", (i first heard it in a installer of Worms  ) or "trainer.XM", but i am sure there are millions of them out there. Once we choose our music, we need to dump its content!! now, sicne this article is for Visual C++ coders, our dump is apparently C++ style hex. For the dumping rutine we will use Thigo's exccelent Table Extractor, located at protools/anticrack..or just google for it.

    111 downloads

    0 comments

    Submitted

  10. Iczelions Win32 Assembly Tutorials

    Win32 assembly tutorials, PE tutorials with associated source code including some MASM articles from Ates. This is a very nice package compiled into an offline document of Iczelion wonderful tutorials by TheXROOster. "I did this for my own personal reference and thought other people might need this so here it is, included are all 20 of his tutorials on MASM32."

    It is a .chm document and is very simple and straight forward technique to making these a better offline source then htm files.

    869 downloads

    0 comments

    Submitted

  11. Intel Assembler CodeTable 80x86 - Overview of Instructions

    Overview of Instructions.

    111 downloads

    0 comments

    Submitted

  12. Intel Hex Opcodes and Mnemonics

    The Intel Hex Opcodes and Mnemonics manual in CHM format.

    149 downloads

    0 comments

    Submitted

  13. Introduction to IL Assembly Language

    This article teaches the basics of IL Assembly language which can be used to debug your .NET code (written in any .NET high level language) at low level. From low level, I meant the point where the compiler of your high level language has finished his work. Also, using these basics, you can plan to write your own compiler for a new .NET language.

    95 downloads

    0 comments

    Submitted

  14. Introduction to x64 Assembly

    For years, PC programmers used x86 assembly to write performance-critical code. However, 32-bit PCs are being replaced with 64-bit ones, and the underlying assembly code has changed. This Gem is an introduction to x64 assembly. No prior knowledge of x86 code is needed, although it makes the transition easier.

    x64 is a generic name for the 64-bit extensions to Intel's and AMD's 32-bit x86 instruction set architecture (ISA). AMD introduced the first version of x64, initially called x86-64 and later renamed AMD64. Intel named their implementation IA-32e and then EMT64. There are some slight incompatibilities between the two versions, but most code works fine on both versions; details can be found in the Intel® 64 and IA-32 Architectures Software Developer's Manuals and the AMD64 Architecture Tech Docs. We call this intersection flavor x64. Neither is to be confused with the 64-bit Intel® Itanium® architecture, which is called IA-64.

    This Gem won't cover hardware details such as caches, branch prediction, and other advanced topics. Several references will be given at the end of the article for further reading in these areas.

    Assembly is often used for performance-critical parts of a program, although it is difficult to outperform a good C++ compiler for most programmers. Assembly knowledge is useful for debugging code - sometimes a compiler makes incorrect assembly code and stepping through the code in a debugger helps locate the cause. Code optimizers sometimes make mistakes. Another use for assembly is interfacing with or fixing code for which you have no source code. Disassembly lets you change/fix existing executables. Assembly is necessary if you want to know how your language of choice works under the hood - why some things are slow and others are fast. Finally, assembly code knowledge is indispensable when diagnosing malware.

    159 downloads

    0 comments

    Submitted

  15. Kernel-22

    The idea of spoofing DLLs is not new. It is a technique used for analysis tools as well as malicious programs. By offering the same set of functions as another DLL, a calling program can unknowingly provide the means to load and execute alternate code, which can then completely change the actions of a program for good or bad purposes. In the world of malware analysis, a handy use for spoofing is to simply log each time a function in a DLL is called, which can help determine what a malicious program is attempting. But there is more than one way to spoof a DLL, and some DLLs are easier to spoof than others.

    105 downloads

    0 comments

    Submitted

  16. Kernel Mode Driver Development Kit

    A set of tutorials about kernel mode drivers development in assembly language.

    129 downloads

    0 comments

    Submitted

  17. Forgers Win32 API Tutorial

    This tutorial is intended to present to you the basics (and common extras) of writing programs using the Win32 API. The language used is C, most C++ compilers will compile it as well. As a matter of fact, most of the information is applicable to any language that can access the API, inlcuding Java, Assembly and Visual Basic. I will not however present any code relating to these languages and you're on your own in that regard, but several people have previously used this document in said languages with quite a bit of success.

    This tutorial will not teach you the C language, nor will it tell you how to run your perticular compiler (Borland C++, Visual C++, LCC-Win32, etc...) I will however take a few moments in the appendix to provide some notes on using the compilers I have knowledge of.

    If you don't know what a macro or a typedef are, or how a switch() statement works, then turn back now and read a good book or tutorial on the C language first.

    211 downloads

    0 comments

    Submitted

  18. HLA Tutorial

    Collection of HLA tutorials by Randall Hyde;
    HLA Tutorial 01 - The Basics HLA Tutorial 02 - MessageBox HLA Tutorial 03 - A Simple Window HLA Tutorial 04 - Painting with Text HLA Tutorial 05 - More About Text HLA Tutorial 06 - Mouse Input HLA Tutorial 07 - Menus HLA Tutorial 08 - Keyboard Input HLA Tutorial 09 - Child Window Controls

    112 downloads

    0 comments

    Submitted

  19. Assembly Language Tutor

    This is an introduction for people who want to start programming in assembler language.

    161 downloads

    0 comments

    Submitted

  20. C++ Pointers

    A collection of tutorials and papers covering various aspects of C++ programming; Binary Trees, Essential C, Linked Lists Basics, Linked List Problems, Pointers and Memory and Tree List Recursion.
    The documents can be used as an introduction to C++ for someone with basic programming experience.

    128 downloads

    0 comments

    Submitted

  21. Calling Win32 API Routines from HLA

    Calling Win32 API Routines from HLA.

    111 downloads

    0 comments

    Submitted

  22. Common Language Infrastructure - ECMA 335

    This International Standard defines the Common Language Infrastructure (CLI) in which applications written in multiple high-level languages can be executed in different system environments without the need to rewrite those applications to take into consideration the unique characteristics of those environments. This International Standard consists of the following parts:

    Partition I: Concepts and Architecture - Describes the overall architecture of the CLI, and provides the normative description of the Common Type System (CTS), the Virtual Execution System (VES), and the Common Language Specification (CLS). It also provides an informative description of the metadata.
    Partition II: Metadata Definition and Semantics - Provides the normative description of the metadata: its physical layout (as a file format), its logical contents (as a set of tables and their relationships), and its semantics (as seen from a hypothetical assembler, ilasm).
    Partition III: CIL Instruction Set - Describes the Common Intermediate Language (CIL) instruction set.
    Partition IV: Profiles and Libraries - Provides an overview of the CLI Libraries, and a specification of their factoring into Profiles and Libraries. A companion file, CLILibrary.xml, considered to be part of this Partition, but distributed in XML format, provides details of each class, value type, and interface in the CLI Libraries.
    Partition V: Debug Interchange Format.
    Partition VI: Annexes - Contains some sample programs written in CIL Assembly Language (ILAsm), information about a particular implementation of an assembler, a machine-readable description of the CIL instruction set which can be used to derive parts of the grammar used by this assembler as well as other tools that manipulate CIL, a set of guidelines used in the design of the libraries of Partition IV , and portability considerations.

    80 downloads

    0 comments

    Submitted

  23. Exception Handling

    We're going to examine how to make an application more robust by handling its own exceptions, rather than permitting the system to do so. An "exception" is an offence committed by the program, which would otherwise result in the embarrassing appearance of the dreaded closure message box:-
    or its more elaborate counterpart in Windows NT.

    What exception handling does... The idea of exception handling (often called "Structured Exception Handling") is that your application instals one or more callback routines called "exception handlers" at run-time and then, if an exception occurs, the system will call the routine to let the application deal with the exception. The hope would be that the exception handler may be able to repair the exception and continue running either from the same area of code where the exception occurred, or from a "safe place" in the code as if nothing had happened.

    No closure message box would then be displayed and the user would be done the wiser. As part of this repair it may be necessary to close handles, close temporary files, free device contexts, free memory areas, inform other threads, then unwind the stack or close down the offending thread. During this process the exception handler may make a record of what it is doing and save this to a file for later analysis.

    120 downloads

    0 comments

    Submitted


×
×
  • Create New...