Posts:

HITB2014AMS – Day 1 – State of the ART: Exploring the New Android KitKat Runtime

Good afternoon and welcome back to Hack In the Box.  I can’t think of anything better than a talk on ART, the new Android KitKat Runtime, to digest lunch 🙂

Intro

ART was introduced in Android 4.4 back Read more

Read More

Using DBI for solving Reverse Engineering 101 – Newbie Contest from eLearnSecurity

Introduction

Last weekend I had some time so I wanted to have a look at a reversing challenge which you can find here:

https://www.ethicalhacker.net/features/special-events/reverse-engineering-101-newbie-contest-webcast-elearnsecurity

Reverse Engineering 101 Contest Steps

  1. Get the exe to be hacked
  2. Break it open and Read more
Read More

BlackHatEU2013 – Day2 – DropSmack: How cloud synchronization services render your corporate firewall worthless

Jake Williams (@malwareJake) from CSR Group has more than a decade of experience with systems engineering, network defines, malware reverse engineering, penetration testing and forensics. He spent some good time looking at Cloud synchronization services and is presenting some Read more

Read More

HITB2012AMS Day 2 – Taint Analysis

Automatically Searching for Vulnerabilities: How to use Taint Analysis to find Security Flaws

(by Alex Bazhanyuk (not present) and Nikita Tarakanov, Reverse Engineers, CISS)

Nikita explains they have been working on reversing binaries and auditing source code for a Read more

Read More

Reversing 101 – Solving a protection scheme

In this post, we'll look at an application reversing challenge from HTS (hackthissite.org) resembling a real-life protection scheme. Put simple, the program creates a key for your username, and compares it to the one you enter. The goal of the HTS challenge is to create a key generator, but I just want to demonstrate how to retrieve the password. Read more
Read More

Many roads to IAT

A few days ago a friend approached me and asked how he could see the import address table under immunity debugger and if this could be done using the command line. I figured this would be a good time to take a look at what the IAT is, how we can list the IAT and what common reversing hurdles could be with regards to the IAT. Read more
Read More

HITB 2011 CTF – Reversing Vectored Exception Handling (VEH)

Today we will have a look at a CTF binary from HITB pre qualifications CTF 2011. This is an interesting binary to reverse because Vectored Exception Handling (VEH) was used in the challenge... Read more
Read More

Codegate 2011 CTF – Binary200 – Anti Debugging Techniques Explained

Aloha, Again I stumbled upon a nice reverse-me, binary200 from the Codegate 2011 CTF. And again there are some really interesting anti-debugging tricks implemented, so I decided to produce another video. Read more
Read More

Anti-debugging tricks revealed – Defcon CTF Qualifications 2009: Bin300 Analysis

A while ago I stumbled upon an awesome write-up of a very nice CTF challenge created by sapheads: http://hackerschool.org/DefconCTF/17/B300.html I love cartoons, and I love reversing, so I decided to play a little bit with that binary (b300.exe) which was a lot of fun. Because some interesting anti-debugging tricks were implemented into the binary... Read more
Read More

The Honeypot Incident – How strong is your UF (Reversing FU)

Interested in capturing, documenting and analyzing scans and malicious activity, Corelan Team decided to set up a honeypot and put it online. In the first week of december 2010, Obzy built a machine (default Windows XP SP3 installation, no patches, firewall turned off), named it "EGYPTS-AIRWAYS", set up a honeypot + some other monitoring tools, and connected it to the internet. Read more
Read More