Reverse Engineering Articles
Share an interesting blog, news page or other RE related site...
350 topics in this forum
-
- 0 replies
- 10.4k views
By default PowerShell is configured to prevent the execution of PowerShell scripts on Windows systems. This can be a hurdle for penetration testers, sysadmins, and developers, but it doesn't have to be. In this blog I'll cover 15 ways to bypass the PowerShell execution policy without having local administrator rights on the system. I'm sure there are many techniques that I've missed (or simply don't know about), but hopefully this cheat sheet will offer a good start for those who need it. What is the PowerShell Execution Policy? The PowerShell execution policy is the setting that determines which type of PowerShell scripts (if any) can be run on the system. By de…
-
Flare-On 3 1 2 3 4
by kao- 92 replies
- 35.8k views
Last year was fun! Source: https://www.fireeye.com/blog/threat-research/2016/09/_announcing_the_thir.html Challenge site: http://www.flare-on.com/
-
Automatic deobfuscation using symbolic execution and LLVM - Playing with the Tigress binary protection
by Techlord- 0 replies
- 6.4k views
FULL CONTENT HERE and CHALLENGES HERE . From the authors webpage :
-
- 3 replies
- 6.6k views
Full article HERE. The Windows Subsystem for Linux can invoke native Windows binaries and be invoked from a Windows command line. This feature is available to Windows 10 users running Anniversary Update build 14951. This new interoperability functionality delivers a seamless experience between Windows and WSL. Technical details on how this interoperability works can be found on the WSL blog. Important note (from MSDN Site) This is the first release of Bash on Windows and it is branded "beta" deliberately - it's not yet complete! You should expect many things to work and for some things to fail! We greatly appreciate you using Bash on Windows and helping u…
-
Android Tutorials
by sirp- 0 replies
- 8.4k views
Hacking Android Apps Using Backup Techniques http://resources.infosecinstitute.com/android-hacking-security-part-15-hacking-android-apps-using-backup-techniques/ Cracking Android App Binaries http://resources.infosecinstitute.com/android-hacking-security-part-17-cracking-android-app-binaries/ Android Application hacking with Insecure Bank Part 4 http://resources.infosecinstitute.com/android-application-hacking-with-insecure-bank-part-4/ Android Application hacking with Insecure Bank – Part 3 http://resources.infosecinstitute.com/android-application-hacking-w…
-
- 0 replies
- 4.8k views
Deadpool is a repository of various public white-box cryptographic implementations and their practical attacks. MAIN LINK : DETAILS : Attacks Differential Computation Analysis Differential Fault Analysis White-box implementations Wyseur 2007 challenge A Linux binary implementing a DES. Hack.lu 2009 challenge A Windows binary implementing an AES 128. Karroumi 2010 challenge A Linux binary implementing an AES 128. SSTIC 2012 challenge A Python serialized object implementing a DES. NoSuchCon 2013 challenge A Windows binary implementing an AES 128 with uncompensated external encodin…
-
- 17 replies
- 8.3k views
I just noticed that our "BND" (Bundesnachrichtendienst), equal to the NSA searches for some qualified Reverse Engineers and uploaded 3 Challenges to RE that are required to apply for the job. I haven't done them so far, but the first one is .NET and looks super easy. If you want to give it a try here is the article: http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/Reversing_Challenge_node.html And here is the direct downloadlink for the Challenges: http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/ZIP_Challenge.zip?__blob=publicationFile&v=2 Have fun :3
-
A new version of the PE/COFF specification was published
by EiP.P4ssenger- 2 replies
- 5.3k views
Downlaod link
-
- 59 replies
- 26.7k views
Official site: http://labyrenth.com/ Announcement: http://researchcenter.paloaltonetworks.com/2016/06/unit-42-countdown-to-labyrenth-capture-the-flag-ctf-challenge/
-
Getting Started with WinDBG - Part 1...
by Teddy Rogers- 8 replies
- 13k views
Getting Started with WinDBG - Part 1 http://blog.opensecurityresearch.com/2013/12/getting-started-with-windbg-part-1.html Ted.
-
Figure me out
by Alzri2- 3 replies
- 19.9k views
Hello everyone, This challenge was written by naquadria in at4re forum: There is a file main.c contains this code: #include <windows.h> int iWinMain() { MessageBoxW(NULL, "PoC", "Hello!", MB_ICONINFORMATION); return 0; } 1- Is there a mistake in the code ? 2- Is it possible to build it ? Try to answer without testing it. One more thing... PM me your answer so others can have fun too, I'll post the answer after 3 days
-
X86 Shellcode Obfuscation...
by Teddy Rogers- 0 replies
- 7.8k views
X86 Shellcode Obfuscation https://breakdev.org/x86-shellcode-obfuscation-part-1/ https://breakdev.org/x86-shellcode-obfuscation-part-2/ Ted.
-
Reversing a 16-bit NE File Part 1: Clumsy and Unprepared
by CodeExplorer- 5 replies
- 5.8k views
Reversing a 16-bit NE File Part 1: Clumsy and Unprepared Link: http://uncomputable.blogspot.ro/2014/09/reversing-16-bit-ne-file-part-1-clumsy.html
-
I Am Different
by Amer- 8 replies
- 10.7k views
I Am Different: On all Operating system (Ms Win, MAC, Android, Unix ... etc) , every machine , every app , every path , Some Messages , In debugger , in Packer, Protector regrettably some talked about me but did not described who really i am If u know something about me, please leave a link or write something describe who really I Am. Regards, Amer
-
UPX Packing and Anti-Packing Techniques
by SkyProud- 3 replies
- 7.1k views
-
Android APK Hacking
by hilogic- 0 replies
- 6.4k views
Following link Android App Hacking can be a very good article on android shared lib reverse engineering and patching. Thanks.
-
StarForce .NET unpacking
by nitralal- 6 replies
- 9.6k views
I have .NET assembly packed with StarForce 5.91.1512.010. Here is some obfuscated code: [System.Diagnostics.DebuggerStepThrough, AsyncStateMachine(typeof(Form1.<metroButton9_Click>d__15))] private void metroButton9_Click(object sender, System.EventArgs e) { Form1.<metroButton9_Click>d__15 <metroButton9_Click>d__ = new Form1.<metroButton9_Click>d__15(); <metroButton9_Click>d__.<>4__this = this; <metroButton9_Click>d__.sender = sender; <metroButton9_Click>d__.e = e; <metroButton9_Click>d__.<>t__builder = AsyncVoidMethodBuilder.Create(); <metroButton9_Click>d__.<>1__state = -1; AsyncVoidMethod…
-
[AnyLanguage] Volcano - ASCII Art
by simple- 4 replies
- 12.1k views
2015 has been a very active year for volcanoes. It's a very active year for ascii art volcanos too \/\/\//<---------------- Peak of Eruption \ / \_/<------------------ Base of Eruption / \<------------------ Peak of volcano / \ / \ / \ /_________\<-------------- Base of Volcano CHALLENGE: Create a code (via function, stdin, etc) that accepts 2 inputs Input1 = Distance in lines between base and peak of volcano Input2 = Distance in lines between base and peak of eruption Based on these inputs, program should output to the console (s…
-
- 0 replies
- 5.4k views
-
VMProtect VirtualDeobfuscator
by GautamGreat- 2 replies
- 14.6k views
Any one used this script to Deobfuscate VMPROTECT https://github.com/jnraber/VirtualDeobfuscator
-
Learn Assembly And The Art Of Reverse Engineering
by Assembly101- 1 follower
- 17 replies
- 16.2k views
Hello Community,I have recently opened up a site where I post "lessons" about assembly and reverse engineering. The main purpose of the site is to help people interested in assembly and reverse engineer get started and learn the fundamentals. I have seen a lot of assembly/RE tutorials and none of them try to make it simple and easily understandable. In my website, that is what i also really focus on. I want the readers to learn but not make it to hard on them.I think reverse engineering is a great skill, as you can use to to debug your own programs or even use it to exploit programs (make hacks,keys,etc..)If you guys are interested, the site is completely free and easy to…
-
Help me determine the obfuscator
by nitralal- 5 replies
- 6k views
Help me determine the obfuscator, please!
-
FIPS 202: SHA-3 and Keccak...
by Teddy Rogers- 0 replies
- 5.7k views
In case you missed it the SHA-3 standard has been finalised... http://csrc.nist.gov/news_events/#aug5 http://keccak.noekeon.org/fips202final.html Ted.
-
Deobfuscator a .net app (protected) to view source code
by leosoftsvn- 1 reply
- 7.4k views
Hello all, I have ever had experience to crack windows application by ollydbg 10 year ago. Today, I want to come back but almost application is based .NET and protected. I have an application needed to deobfuscated. Anyone can help me to identify obfuscator and dump source code? This is link to download app: http://www.mediafire.com/download/na5kkg407qeee8j/AMC+MAIL+SDT.rar Thanks.
-
[crackme] CyberSecurity Challenge 2015
by Encrypto- 4 replies
- 8.8k views
Hi everyone, This challenge has been running the past couple of days and I think many of you here will find this of interest. Its open till the 18th of July so it would be advisable to not give out any solutions until that date has passed. http://cybersecuritychallenge.org.uk/competitors/competitions-overview/ Have fun! Its seriously interesting and challenging.
