An Amazing Vulnerability Discovery Regarding Rar Files

Tavis Ormandy has come out with an amazing article

on exploiting .rar files. Apparently, there is a virtual machine that runs with rar files (used for filtering) but can be programmed manually. Tavis shows how a hello world can be executed automatically when opening a .rar file. I am sure we will hear more about this exploit in the future. In the meantime, read the article . It’s fascinating…

3 Comments more...

The Real Workers Behind T.L.O.R.

I just wanted to take a minute and give a shout out to the moderators of this site. Without them, this site would not be anywhere near as great a site as it is. Besides the constant bombardment of spam they must deal with (the benefits of a site growing in popularity) they also answer questions with lightning speed and help contribute a great deal behind the scenes.

So cheers to Nwokiller and Xor06 (Rip06), and thanks for all the hard work!

2 Comments more...

DLL Injection – A Splash Bitmap

There are a couple ways of injecting a splash screen into a binary. Unfortunately, none of them easy. The way I will show in this tutorial is the easiest I’ve come across, though there may be simpler options out there. The problem arises from the fact that a bitmap is a resource, and as such, goes in the resources section of a binary. Injecting resources into a compiled binary’s resource section is a recipe for a quick headache.

The method we’ll be using is to create a DLL file with the resource included in it, and then call this DLL from our target binary. Because it’s a DLL, we can load it automatically by changing very little in the binary, as we can just add it to the list of DLLs the binary requires. This also gives us the benefit of running the code in our DLL automatically instead of having to create a code cave.

In this tutorial we will be creating a DLL from scratch using assembly, so you will need an assembly language compiler. I use RadASM

(and it will be more convenient if you use this IDE as well as your code will exactly match mine), but it is not a requirement. If you are not comfortable using RadASM and want to learn, please see my series of tutorials on RadASM on the tutorials page, which comes with a full download of the RadASM suite and everything you need to run it.

As with all of my tutorials, the required files for this tutorial are in the downloads, available on the tutorials

page. In addition to these files, we will be using IIDKing, available on the tools page.

If you haven’t already read my previous tutorials

on modifying binaries, I highly recommend you do (at least the tutorial on injecting a message box).

(continue reading…)

3 Comments more...

Gentle Introduction to Windows Assembly Language

I came across this nice intro

to assembly on Windows while looking at another site. It is by Jeff Huang. Deffinitely not all-encompasing, but a nice intro to the subject.

Leave a Comment more...

Assembly Tutorial For Java Programmers

Ayoub Faouzi has just started a series of odd interesting tutorials

at Infosec comparing assembly to Java, and how they are different. Very intriguing angle. Check it out.

1 Comment more...

Mission Control

DPOHS BUVMB UJPOT ZPVIB WFTPM WFEBT JNQMF DJQIF
STUPQ UIJTN FBOTZ PVIBW FUIFT LJMTB OEUIF EFTJS
FUPGJ HVSFU IJOHT PVUTU PQJGZ PVTPM WFUIJ TDJQI
FSQNN FBOEM FUNFL OPXZP VSVTF SOBNF BTJBN NBLJO
HBMJT UPGDJ QIFSI FBETEP OPUQP TUBOZ UIJOH BCPVU
UIJTT UPQTU BZUVO FEGPS NPSFJ OTUSV DUJPO TTUPQ
SBOEPN

8 Comments more...

An Anti-Debugging Trick So Old That It’s New

@walliedassar has released a new article

on a very old anti-debugging trick. Has to do with page access and debuggers changing this access characteristic. Pretty technical, but a good trick nonetheless.

May be the perfect thing to place in a TLS callback…

Leave a Comment more...

R4ndom’s Guide to RadASM: Adding an Icon and Menu

Adding an Icon

Let’s start by adding an icon. Load up our HelloWorld project from the last tutorial. Click on Project->Resources. This will bring up the Resources window:

(continue reading…)

5 Comments more...

R4ndom’s Tutorial #23: TLS Callbacks

Unfortunately, our lives as reverse engineers is not always easy. If all it took to patch an app was a deleted resource or a quick patch, a lot more people would do it. Sometimes we must get a little ‘low-level’, wallow around in the operating system files, single-step an exception handler, or reverse engineer an unknown packer. To have a well-rounded skill set as a cracker, we must know a lot about a lot (or at least where to look about a lot) and it can get pretty technical.

This tutorial is about one of those technical areas: TLS callbacks. It is not easy, nor is it simple, but it can ruin an otherwise nice day of a reverse engineer that doesn’t at least understand the basics of what they are, when they are used, and how to overcome them.

As in all tutorials on my site, the required files are included in the download of this tutorial on the tutorials

page. We will be looking at three binaries, all  included. We will also be using an Olly plugin called TLSCatch by Walliedassar, also included. Lastly, we will be using CFF Explorer, available on the tools page.

(continue reading…)

26 Comments more...

And The ‘Obvious’ Award Goes To…

“Web of Trust (WOT) completed an analysis of nearly 1.7 billion shortened URL links and found that the URL shortening services are often used to drive traffic to suspicious websites”

No kidding (my most cynical smiley goes here).

Here’s the article

.

Leave a Comment more...

« Older Entries
Newer Entries »

Login

Recover password
  • Recent Posts

  • Recent Comments

  • Archives

  • Categories

  • Meta

  • Subscribe

    Enter your email to subscribe to future updates
  • RSS Feed

    Recent Posts

    Archives

    Tags

    Copyright © 1996-2010 The Legend Of Random. All rights reserved.
    Jarrah theme by Templates Next
    fast payday loans
    | Powered by WordPress
    fast payday loans