So here I am at work on Christmas Eve (because I have no soul) and the malware is insulting me. See it? Fuck you too buddy! And in another one, to be an asshole, they embedded their program in another program. I was wondering why IDA was showing a stub program less than 5 kb […]
I came across this one individual’s page whom is an avid reverse engineer with some great material. Check out his pdf cheat sheet on anti-debugging. There were a few in there I didn’t know about like the ‘csr’ trick which involves calling an undocumented ‘CsrGetProcessId’ function within OpenProcess. CsrGetProcessId is a native API that returns […]
Some may say this is crazy, I call it Wednesday. This came across my desk yesterday and I worked it out today. It came as the payload following a java exploit from an old 2012 CVE (SecurityManager one I think). I’m calling it 0day because there were no listing for the exe in VirusTotal / […]
Hello all! I’m cracking away on various projects and trying to keep focus. As I was going through my old notes, I came across a talk I wanted to give but could not due to my car accident and the subsequent down time caused me to forget. I wanted to cover making your own debugger […]