Hi! I had a drunken inkling last night to update some of my tools last night. Tools that were written poorly that should be written right – with care taken. Example – . I even tried to re-do it, but it still ended up butt ugly That ended up also being ugly and relying on […]
Hey hey hey! Been gone a while, but not forever. I’m back with an update to my crypter. I was on the plane over the Pacific during a long ass flight when it hit me – 2 new ways to evade analysis. Date specific checks Region specific checks I’ve added the functionality to JoeCrypter and […]
If you’re the paranoid type, you don’t deny people are watching – you know they are. You encrypt your drives, use SSL-VPN, tor, proxies, and run tails. If not, then you at least care about privacy or have something to hide. This post is for you people. In the following example, it’s a bit extreme, […]
Herro! It’s been a while, but I’m still kicking. I got some new stuff to talk about. Specifically the binary instrumentation utility ‘PIN’ from Intel. We’re going to go over taking full advantage of this tool to cheat at games, unpack malwarez, and how to detect if your app is being run via PIN. Part […]
Here we are finally at the last part of my series on backdooring dll files. I wanted to cover again detours as a means of backdooring dll files and executables. A fellow 2600 member I spoke to asked me the other day about what it would take to modify an exe without changing it on […]
Whaddup fellow crackers. Long time, no see. In this article, we’re going to do something I rarely bother with – Linux! Yes, you can backdoor Linux binaries quite easily. One method I like to use is via the LD_PRELOAD environment variable. Within the header file “dlfcn.h”, there exists a function named ‘dlsym’ which is used […]
Today I have some good news. Backdooring a dll file is a lot easier than I first made it out to be. Especially if we skip the bullshit of the IAT and take advantage of shellcode. There are problems with using shellcode – size constraints are different. In my previous example, I didn’t need much […]
Challenge 1: –[—–>+—-.[—>+—-.+++[->+++++.++++++++.+++++.——–.-[—>+–.+[->++++.++++++++.–.+++++.——-.–.—-.–[—>+–.++++++. Answer: brainfuckingeasy Challenge 2 – “simple” xor crackme with a 55 character password. May make this a higher challenge. Answer: “Waxing my car will not result in expert karate training” challenge 3 – C app, createthread, easy to solve with ida and hex editor or debugger. Change the timeout for WaitForSingleObject to […]
Greetings and salutations! One of my faithful readers reminded me that one of my old programs I wrote no longer works. This is due to SmarterMail updating their source code and me not updating enough. So to fix this, I have come up with a half-ass solution. For those wondering how to decrypt SmarterMail hashes, […]
Howdy fellow RE folk! Today I’d like to cover the basics of detours, trampolines, and code caves. Traditionally, if one wanted to expand functionality to a program, they have to look for whats called a ‘code cave’, which is just a contiguous piece of (executable) memory. You replace a piece of code (typically a function […]