Reverse Engineering Articles

346 topics in this forum

1. 

   Android Tutorials

   October 8, 2016 by sirp

   • 0 replies
   • 7.1k views

   Hacking Android Apps Using Backup Techniques http://resources.infosecinstitute.com/android-hacking-security-part-15-hacking-android-apps-using-backup-techniques/ Cracking Android App Binaries http://resources.infosecinstitute.com/android-hacking-security-part-17-cracking-android-app-binaries/ Android Application hacking with Insecure Bank Part 4 http://resources.infosecinstitute.com/android-application-hacking-with-insecure-bank-part-4/ Android Application hacking with Insecure Bank – Part 3 http://resources.infosecinstitute.com/android-application-hacking-w…

   

   Last reply by sirp, October 8, 2016

   • 
2. 

   Public White-Box Cryptographic Implementations and their Practical Attacks - Repository

   September 13, 2016 by Techlord

   • 0 replies
   • 4.3k views

   Deadpool is a repository of various public white-box cryptographic implementations and their practical attacks. MAIN LINK : DETAILS : Attacks Differential Computation Analysis Differential Fault Analysis White-box implementations Wyseur 2007 challenge A Linux binary implementing a DES. Hack.lu 2009 challenge A Windows binary implementing an AES 128. Karroumi 2010 challenge A Linux binary implementing an AES 128. SSTIC 2012 challenge A Python serialized object implementing a DES. NoSuchCon 2013 challenge A Windows binary implementing an AES 128 with uncompensated external encodin…

   

   Last reply by Techlord, September 13, 2016

   • 
3. 

   Whoever is jobless in germany, here is your chance :3

   August 24, 2016 by LResn

   • 17 replies
   • 7.8k views

   I just noticed that our "BND" (Bundesnachrichtendienst), equal to the NSA searches for some qualified Reverse Engineers and uploaded 3 Challenges to RE that are required to apply for the job. I haven't done them so far, but the first one is .NET and looks super easy. If you want to give it a try here is the article: http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/Reversing_Challenge_node.html And here is the direct downloadlink for the Challenges: http://www.bnd.bund.de/DE/Karriere/Reversing_Challenge/ZIP_Challenge.zip?__blob=publicationFile&v=2 Have fun :3

   

   Last reply by Kurapica, August 25, 2016

   • 
4. 

   A new version of the PE/COFF specification was published

   August 23, 2016 by EiP.P4ssenger

   • 2 replies
   • 4.8k views

   Downlaod link

   

   Last reply by EiP.P4ssenger, August 23, 2016

   • 
5. 

   LabyREnth Capture the Flag (CTF) Challenge 1 2 3

   June 21, 2016 by kao

   • 59 replies
   • 23.5k views

   Official site: http://labyrenth.com/ Announcement: http://researchcenter.paloaltonetworks.com/2016/06/unit-42-countdown-to-labyrenth-capture-the-flag-ctf-challenge/

   

   Last reply by lazydaemon, August 13, 2016

   • 
6. 

   Getting Started with WinDBG - Part 1...

   December 21, 2013 by Teddy Rogers

   • 8 replies
   • 12.1k views

   Getting Started with WinDBG - Part 1 http://blog.opensecurityresearch.com/2013/12/getting-started-with-windbg-part-1.html Ted.

   

   Last reply by arlequim, August 10, 2016

   • 
7. 

   Figure me out

   June 12, 2016 by Alzri2

   • 3 replies
   • 19.2k views

   Hello everyone, This challenge was written by naquadria in at4re forum: There is a file main.c contains this code: #include <windows.h> int iWinMain() { MessageBoxW(NULL, "PoC", "Hello!", MB_ICONINFORMATION); return 0; } 1- Is there a mistake in the code ? 2- Is it possible to build it ? Try to answer without testing it. One more thing... PM me your answer so others can have fun too, I'll post the answer after 3 days

   

   Last reply by Alzri2, June 16, 2016

   • 
8. 

   X86 Shellcode Obfuscation...

   May 19, 2016 by Teddy Rogers

   • 0 replies
   • 5.9k views

   X86 Shellcode Obfuscation https://breakdev.org/x86-shellcode-obfuscation-part-1/ https://breakdev.org/x86-shellcode-obfuscation-part-2/ Ted.

   

   Last reply by Teddy Rogers, May 19, 2016

   • 
9. 

   Reversing a 16-bit NE File Part 1: Clumsy and Unprepared

   May 13, 2016 by CodeExplorer

   • 5 replies
   • 5.2k views

   Reversing a 16-bit NE File Part 1: Clumsy and Unprepared Link: http://uncomputable.blogspot.ro/2014/09/reversing-16-bit-ne-file-part-1-clumsy.html

   

   Last reply by crystalboy, May 17, 2016

   • 
10. 

    I Am Different

    April 1, 2016 by Amer

    • 8 replies
    • 9.7k views

    I Am Different: On all Operating system (Ms Win, MAC, Android, Unix ... etc) , every machine , every app , every path , Some Messages , In debugger , in Packer, Protector regrettably some talked about me but did not described who really i am If u know something about me, please leave a link or write something describe who really I Am. Regards, Amer

    

    Last reply by Pancake, May 2, 2016

    • 
11. 

    UPX Packing and Anti-Packing Techniques

    December 29, 2015 by SkyProud

    • 3 replies
    • 6.4k views
    

    Last reply by GIV, May 1, 2016

    • 
12. 

    Android APK Hacking

    April 17, 2016 by hilogic

    • 0 replies
    • 5.4k views

    Following link Android App Hacking can be a very good article on android shared lib reverse engineering and patching. Thanks.

    

    Last reply by hilogic, April 17, 2016

    • 
13. 

    StarForce .NET unpacking

    January 31, 2016 by nitralal

    • 6 replies
    • 8.7k views

    I have .NET assembly packed with StarForce 5.91.1512.010. Here is some obfuscated code: [System.Diagnostics.DebuggerStepThrough, AsyncStateMachine(typeof(Form1.<metroButton9_Click>d__15))] private void metroButton9_Click(object sender, System.EventArgs e) { Form1.<metroButton9_Click>d__15 <metroButton9_Click>d__ = new Form1.<metroButton9_Click>d__15(); <metroButton9_Click>d__.<>4__this = this; <metroButton9_Click>d__.sender = sender; <metroButton9_Click>d__.e = e; <metroButton9_Click>d__.<>t__builder = AsyncVoidMethodBuilder.Create(); <metroButton9_Click>d__.<>1__state = -1; AsyncVoidMethod…

    

    Last reply by Exobitox, February 22, 2016
14. 

    [AnyLanguage] Volcano - ASCII Art

    December 5, 2015 by simple

    • 4 replies
    • 11.2k views

    2015 has been a very active year for volcanoes. It's a very active year for ascii art volcanos too \/\/\//<---------------- Peak of Eruption \ / \_/<------------------ Base of Eruption / \<------------------ Peak of volcano / \ / \ / \ /_________\<-------------- Base of Volcano CHALLENGE: Create a code (via function, stdin, etc) that accepts 2 inputs Input1 = Distance in lines between base and peak of volcano Input2 = Distance in lines between base and peak of eruption Based on these inputs, program should output to the console (s…

    

    Last reply by kao, December 13, 2015

    • 
15. 

    An In-Depth Look into the Win32 Portable Executable File Format

    December 11, 2015 by SkyProud

    • 0 replies
    • 4.9k views
    

    Last reply by SkyProud, December 11, 2015

    • 
16. 

    VMProtect VirtualDeobfuscator

    October 31, 2015 by GautamGreat

    • 2 replies
    • 13.7k views

    Any one used this script to Deobfuscate VMPROTECT https://github.com/jnraber/VirtualDeobfuscator

    

    Last reply by GautamGreat, November 2, 2015

    • 
    • 
17. 

    Learn Assembly And The Art Of Reverse Engineering

    December 26, 2012 by Assembly101

    • 17 replies
    • 15.4k views

    Hello Community,I have recently opened up a site where I post "lessons" about assembly and reverse engineering. The main purpose of the site is to help people interested in assembly and reverse engineer get started and learn the fundamentals. I have seen a lot of assembly/RE tutorials and none of them try to make it simple and easily understandable. In my website, that is what i also really focus on. I want the readers to learn but not make it to hard on them.I think reverse engineering is a great skill, as you can use to to debug your own programs or even use it to exploit programs (make hacks,keys,etc..)If you guys are interested, the site is completely free and easy to…

    

    Last reply by reder12, October 2, 2015

    • 
18. 

    Help me determine the obfuscator

    August 12, 2015 by nitralal

    • 5 replies
    • 5.5k views

    Help me determine the obfuscator, please!

    

    Last reply by hugocabral, August 28, 2015
19. 

    FIPS 202: SHA-3 and Keccak...

    August 8, 2015 by Teddy Rogers

    • 0 replies
    • 5k views

    In case you missed it the SHA-3 standard has been finalised... http://csrc.nist.gov/news_events/#aug5 http://keccak.noekeon.org/fips202final.html Ted.

    

    Last reply by Teddy Rogers, August 8, 2015

    • 
20. 

    Deobfuscator a .net app (protected) to view source code

    July 2, 2015 by leosoftsvn

    • 1 reply
    • 6.9k views

    Hello all, I have ever had experience to crack windows application by ollydbg 10 year ago. Today, I want to come back but almost application is based .NET and protected. I have an application needed to deobfuscated. Anyone can help me to identify obfuscator and dump source code? This is link to download app: http://www.mediafire.com/download/na5kkg407qeee8j/AMC+MAIL+SDT.rar Thanks.

    

    Last reply by leosoftsvn, July 17, 2015
21. 

    [crackme] CyberSecurity Challenge 2015

    July 2, 2015 by Encrypto

    • 4 replies
    • 8.2k views

    Hi everyone, This challenge has been running the past couple of days and I think many of you here will find this of interest. Its open till the 18th of July so it would be advisable to not give out any solutions until that date has passed. http://cybersecuritychallenge.org.uk/competitors/competitions-overview/ Have fun! Its seriously interesting and challenging.

    

    Last reply by Encrypto, July 4, 2015
22. 

    How to determine the method of obfuscation?

    May 17, 2015 by jallvar

    • 9 replies
    • 6.9k views

    How to determine the method of obfuscation?

    

    Last reply by Derberux, May 21, 2015

    • 
23. 

    mistake found in the tutorial.

    May 7, 2015 by flamshlo

    • 1 reply
    • 4.9k views

    snd-reversingwithlena-tutorial03.tutorial. i think there is an error in the tutorial, where nops are added starting at address 401039. it is obvious (to me) that the nops start at one previous instruction at 401034. these tutorials are fabulous. i would like to point out that to move the explanations along there is no need to keep pressing the mouse in the right corner. there is a step key at the bottom of each tutorial for moving in BOTH directions without having to exit the tutorial. i am using chrome and have enabled the SWF file to run without using the htm format. if someone has pointed out the error please ignore this essay.

    

    Last reply by 1MegofRAM, May 17, 2015
24. 

    Ios App Reverse Engineering...

    May 9, 2015 by Teddy Rogers

    • 1 reply
    • 5.2k views

    Ios App Reverse Engineering Sample: https://www.dropbox.com/s/on5f1yy9cq0wuvd/iOSAppReverseEngineering_Sample.pdf http://iosre.com/t/ios-app-reverse-engineering-the-worlds-1st-book-of-very-detailed-ios-app-reverse-engineering-skills/1117 Ted.

    

    Last reply by NeWOT, May 9, 2015

    • 
25. 

    Decompile dll obfscutated with confuser 1.9

    April 22, 2015 by real-wife

    • 3 replies
    • 7.7k views

    Hello, I did use Net reflector and 9RAYS spices decompiler but delegates methods are problematic.. Any help? Kisses

    

    Last reply by XenocodeRCE, April 22, 2015