Reverse Engineering Articles

350 topics in this forum

1. 

   Flare-On 3 1 2 3 4

   September 14, 2016 by kao

   • 92 replies
   • 33.8k views

   Last year was fun! Source: https://www.fireeye.com/blog/threat-research/2016/09/_announcing_the_thir.html Challenge site: http://www.flare-on.com/

   

   Last reply by fasya, November 7, 2016

   • 
2. 

   Automatic deobfuscation using symbolic execution and LLVM - Playing with the Tigress binary protection

   October 30, 2016 by Techlord

   • 0 replies
   • 5.8k views

   FULL CONTENT HERE and CHALLENGES HERE . From the authors webpage :

   

   Last reply by Techlord, October 30, 2016
3. 

   Windows Subsystem for Linux (WSL) can invoke native Windows binaries and be invoked from a Windows command line

   October 22, 2016 by Techlord

   • 3 replies
   • 6.2k views

   Full article HERE. The Windows Subsystem for Linux can invoke native Windows binaries and be invoked from a Windows command line. This feature is available to Windows 10 users running Anniversary Update build 14951. This new interoperability functionality delivers a seamless experience between Windows and WSL. Technical details on how this interoperability works can be found on the WSL blog. Important note (from MSDN Site) This is the first release of Bash on Windows and it is branded "beta" deliberately - it's not yet complete! You should expect many things to work and for some things to fail! We greatly appreciate you using Bash on Windows and helping u…

   

   Last reply by evlncrn8, October 23, 2016

   • 
4. 

   Android Tutorials

   October 8, 2016 by sirp

   • 0 replies
   • 8k views

   Hacking Android Apps Using Backup Techniques http://resources.infosecinstitute.com/android-hacking-security-part-15-hacking-android-apps-using-backup-techniques/ Cracking Android App Binaries http://resources.infosecinstitute.com/android-hacking-security-part-17-cracking-android-app-binaries/ Android Application hacking with Insecure Bank Part 4 http://resources.infosecinstitute.com/android-application-hacking-with-insecure-bank-part-4/ Android Application hacking with Insecure Bank – Part 3 http://resources.infosecinstitute.com/android-application-hacking-w…

   

   Last reply by sirp, October 8, 2016

   • 
5. 

   Public White-Box Cryptographic Implementations and their Practical Attacks - Repository

   September 13, 2016 by Techlord

   • 0 replies
   • 4.4k views

   Deadpool is a repository of various public white-box cryptographic implementations and their practical attacks. MAIN LINK : DETAILS : Attacks Differential Computation Analysis Differential Fault Analysis White-box implementations Wyseur 2007 challenge A Linux binary implementing a DES. Hack.lu 2009 challenge A Windows binary implementing an AES 128. Karroumi 2010 challenge A Linux binary implementing an AES 128. SSTIC 2012 challenge A Python serialized object implementing a DES. NoSuchCon 2013 challenge A Windows binary implementing an AES 128 with uncompensated external encodin…

   

   Last reply by Techlord, September 13, 2016

   • 
6. 

   Whoever is jobless in germany, here is your chance :3

   August 24, 2016 by LResn

   • 17 replies
   • 8k views

   I just noticed that our "BND" (Bundesnachrichtendienst), equal to the NSA searches for some qualified Reverse Engineers and uploaded 3 Challenges to RE that are required to apply for the job. I haven't done them so far, but the first one is .NET and looks super easy. If you want to give it a try here is the article: http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/Reversing_Challenge_node.html And here is the direct downloadlink for the Challenges: http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/ZIP_Challenge.zip?__blob=publicationFile&v=2 Have fun :3

   

   Last reply by Kurapica, August 25, 2016

   • 
7. 

   A new version of the PE/COFF specification was published

   August 23, 2016 by EiP.P4ssenger

   • 2 replies
   • 4.9k views

   Downlaod link

   

   Last reply by EiP.P4ssenger, August 23, 2016

   • 
8. 

   LabyREnth Capture the Flag (CTF) Challenge 1 2 3

   June 21, 2016 by kao

   • 59 replies
   • 25.2k views

   Official site: http://labyrenth.com/ Announcement: http://researchcenter.paloaltonetworks.com/2016/06/unit-42-countdown-to-labyrenth-capture-the-flag-ctf-challenge/

   

   Last reply by lazydaemon, August 13, 2016

   • 
9. 

   Getting Started with WinDBG - Part 1...

   December 21, 2013 by Teddy Rogers

   • 8 replies
   • 12.5k views

   Getting Started with WinDBG - Part 1 http://blog.opensecurityresearch.com/2013/12/getting-started-with-windbg-part-1.html Ted.

   

   Last reply by arlequim, August 10, 2016

   • 
10. 

    Figure me out

    June 12, 2016 by Alzri2

    • 3 replies
    • 19.5k views

    Hello everyone, This challenge was written by naquadria in at4re forum: There is a file main.c contains this code: #include <windows.h> int iWinMain() { MessageBoxW(NULL, "PoC", "Hello!", MB_ICONINFORMATION); return 0; } 1- Is there a mistake in the code ? 2- Is it possible to build it ? Try to answer without testing it. One more thing... PM me your answer so others can have fun too, I'll post the answer after 3 days

    

    Last reply by Alzri2, June 16, 2016

    • 
11. 

    X86 Shellcode Obfuscation...

    May 19, 2016 by Teddy Rogers

    • 0 replies
    • 7.4k views

    X86 Shellcode Obfuscation https://breakdev.org/x86-shellcode-obfuscation-part-1/ https://breakdev.org/x86-shellcode-obfuscation-part-2/ Ted.

    

    Last reply by Teddy Rogers, May 19, 2016

    • 
12. 

    Reversing a 16-bit NE File Part 1: Clumsy and Unprepared

    May 13, 2016 by CodeExplorer

    • 5 replies
    • 5.5k views

    Reversing a 16-bit NE File Part 1: Clumsy and Unprepared Link: http://uncomputable.blogspot.ro/2014/09/reversing-16-bit-ne-file-part-1-clumsy.html

    

    Last reply by crystalboy, May 17, 2016

    • 
13. 

    I Am Different

    April 1, 2016 by Amer

    • 8 replies
    • 10.3k views

    I Am Different: On all Operating system (Ms Win, MAC, Android, Unix ... etc) , every machine , every app , every path , Some Messages , In debugger , in Packer, Protector regrettably some talked about me but did not described who really i am If u know something about me, please leave a link or write something describe who really I Am. Regards, Amer

    

    Last reply by Pancake, May 2, 2016

    • 
14. 

    UPX Packing and Anti-Packing Techniques

    December 29, 2015 by SkyProud

    • 3 replies
    • 6.7k views
    

    Last reply by GIV, May 1, 2016

    • 
15. 

    Android APK Hacking

    April 17, 2016 by hilogic

    • 0 replies
    • 6.1k views

    Following link Android App Hacking can be a very good article on android shared lib reverse engineering and patching. Thanks.

    

    Last reply by hilogic, April 17, 2016

    • 
16. 

    StarForce .NET unpacking

    January 31, 2016 by nitralal

    • 6 replies
    • 9.1k views

    I have .NET assembly packed with StarForce 5.91.1512.010. Here is some obfuscated code: [System.Diagnostics.DebuggerStepThrough, AsyncStateMachine(typeof(Form1.<metroButton9_Click>d__15))] private void metroButton9_Click(object sender, System.EventArgs e) { Form1.<metroButton9_Click>d__15 <metroButton9_Click>d__ = new Form1.<metroButton9_Click>d__15(); <metroButton9_Click>d__.<>4__this = this; <metroButton9_Click>d__.sender = sender; <metroButton9_Click>d__.e = e; <metroButton9_Click>d__.<>t__builder = AsyncVoidMethodBuilder.Create(); <metroButton9_Click>d__.<>1__state = -1; AsyncVoidMethod…

    

    Last reply by Exobitox, February 22, 2016
17. 

    [AnyLanguage] Volcano - ASCII Art

    December 5, 2015 by simple

    • 4 replies
    • 11.6k views

    2015 has been a very active year for volcanoes. It's a very active year for ascii art volcanos too \/\/\//<---------------- Peak of Eruption \ / \_/<------------------ Base of Eruption / \<------------------ Peak of volcano / \ / \ / \ /_________\<-------------- Base of Volcano CHALLENGE: Create a code (via function, stdin, etc) that accepts 2 inputs Input1 = Distance in lines between base and peak of volcano Input2 = Distance in lines between base and peak of eruption Based on these inputs, program should output to the console (s…

    

    Last reply by kao, December 13, 2015

    • 
18. 

    An In-Depth Look into the Win32 Portable Executable File Format

    December 11, 2015 by SkyProud

    • 0 replies
    • 5.1k views
    

    Last reply by SkyProud, December 11, 2015

    • 
19. 

    VMProtect VirtualDeobfuscator

    October 31, 2015 by GautamGreat

    • 2 replies
    • 14.1k views

    Any one used this script to Deobfuscate VMPROTECT https://github.com/jnraber/VirtualDeobfuscator

    

    Last reply by GautamGreat, November 2, 2015

    • 
    • 
20. 

    Learn Assembly And The Art Of Reverse Engineering

    December 26, 2012 by Assembly101

    • 1 follower
    • 17 replies
    • 15.8k views

    Hello Community,I have recently opened up a site where I post "lessons" about assembly and reverse engineering. The main purpose of the site is to help people interested in assembly and reverse engineer get started and learn the fundamentals. I have seen a lot of assembly/RE tutorials and none of them try to make it simple and easily understandable. In my website, that is what i also really focus on. I want the readers to learn but not make it to hard on them.I think reverse engineering is a great skill, as you can use to to debug your own programs or even use it to exploit programs (make hacks,keys,etc..)If you guys are interested, the site is completely free and easy to…

    

    Last reply by reder12, October 2, 2015

    • 
21. 

    Help me determine the obfuscator

    August 12, 2015 by nitralal

    • 5 replies
    • 5.7k views

    Help me determine the obfuscator, please!

    

    Last reply by hugocabral, August 28, 2015
22. 

    FIPS 202: SHA-3 and Keccak...

    August 8, 2015 by Teddy Rogers

    • 0 replies
    • 5.3k views

    In case you missed it the SHA-3 standard has been finalised... http://csrc.nist.gov/news_events/#aug5 http://keccak.noekeon.org/fips202final.html Ted.

    

    Last reply by Teddy Rogers, August 8, 2015

    • 
23. 

    Deobfuscator a .net app (protected) to view source code

    July 2, 2015 by leosoftsvn

    • 1 reply
    • 7.1k views

    Hello all, I have ever had experience to crack windows application by ollydbg 10 year ago. Today, I want to come back but almost application is based .NET and protected. I have an application needed to deobfuscated. Anyone can help me to identify obfuscator and dump source code? This is link to download app: http://www.mediafire.com/download/na5kkg407qeee8j/AMC+MAIL+SDT.rar Thanks.

    

    Last reply by leosoftsvn, July 17, 2015
24. 

    [crackme] CyberSecurity Challenge 2015

    July 2, 2015 by Encrypto

    • 4 replies
    • 8.5k views

    Hi everyone, This challenge has been running the past couple of days and I think many of you here will find this of interest. Its open till the 18th of July so it would be advisable to not give out any solutions until that date has passed. http://cybersecuritychallenge.org.uk/competitors/competitions-overview/ Have fun! Its seriously interesting and challenging.

    

    Last reply by Encrypto, July 4, 2015
25. 

    How to determine the method of obfuscation?

    May 17, 2015 by jallvar

    • 9 replies
    • 7.2k views

    How to determine the method of obfuscation?

    

    Last reply by Derberux, May 21, 2015

    •