RSS


Learning Binary Ninja For Reverse Engineering And Scripting

0
Posted by KP-3မိသားစု |

 Recently added a new playlist with about 1.5 hours of Binary Ninja Content so far..   

Video 1: I put this out a couple months ago covering use cases and reversing flows as well as some basic scripting.. 


Videos 2+3 in the playlist start getting specifically into scripting for reversing automation.. Enjoy.. 


@Ficti0n on twitter..   


Video 1 UI Workflows and Scripting:



Video 2: Scripting Part1 


Video 3: Scripting Part 2



Related links


Read more »


ASIS CTF Quals 2015 - Sawthis Writeup - Srand Remote Prediction

0
Posted by KP-3မိသားစု |


The remote service ask for a name, if you send more than 64 bytes, a memory leak happens.
The buffer next to the name's is the first random value used to init the srand()


If we get this value, and set our local srand([leaked] ^ [luckyNumber]) we will be able to predict the following randoms and win the game, but we have to see few details more ;)

The function used to read the input until the byte \n appears, but also up to 64 bytes, if we trigger this second condition there is not 0x00 and the print shows the random buffer :)

The nickname buffer:



The seed buffer:



So here it is clear, but let's see that the random values are computed with several gpu instructions which are decompiled incorrectly:







We tried to predict the random and aply the gpu divisions without luck :(



There was a missing detail in this predcitor, but there are always other creative ways to do the things.
We use the local software as a predictor, we inject the leaked seed on the local binary of the remote server and got a perfect syncronization, predicting the remote random values:




The process is a bit ugly becouse we combined automated process of leak exctraction and socket interactive mode, with the manual gdb macro.




The macro:



















More articles
  1. Hack And Tools
  2. Hack Tools For Ubuntu
  3. Kik Hack Tools
  4. Hacker
  5. New Hacker Tools
  6. Hack Tools Online
  7. Game Hacking
  8. Hacking Tools Hardware
  9. Physical Pentest Tools
  10. Hacking Tools
  11. Hack Tools Github
  12. New Hacker Tools
  13. Hacking Tools Software
  14. Hack Tools For Mac
  15. Computer Hacker
  16. Kik Hack Tools
  17. Hacking Tools Mac
  18. Hacker Tool Kit
  19. Hacking Tools Usb
  20. Hacker Tools Hardware
  21. Hacker Tools 2020
  22. Top Pentest Tools
  23. Hacker
  24. Hack Tools For Pc
  25. Hacker Tools Apk Download
  26. Github Hacking Tools
  27. Hacker Tools For Pc
  28. Pentest Tools Framework
  29. Pentest Tools Port Scanner
  30. Underground Hacker Sites
  31. Ethical Hacker Tools
  32. What Are Hacking Tools
  33. Pentest Tools List
  34. Hack Tools For Games
  35. Hacking Tools Free Download
  36. Pentest Automation Tools
  37. Hacker Tools 2019
  38. Hacker
  39. Pentest Tools Download
  40. Hacking Tools
  41. Pentest Tools For Windows
  42. Hack Apps
  43. Best Hacking Tools 2020
  44. Hack App
  45. Hack Tools For Games
  46. Hacker Tools Free Download
  47. Hacking Tools Hardware
  48. Wifi Hacker Tools For Windows
  49. Hacker Security Tools
  50. Hackrf Tools
  51. Hacking Tools Kit
  52. Bluetooth Hacking Tools Kali
  53. Pentest Tools For Mac
  54. Hak5 Tools
  55. Hack Tools Online
  56. Bluetooth Hacking Tools Kali
  57. Hack Tools For Ubuntu
  58. Hacks And Tools
  59. Hacking Tools For Windows
  60. Pentest Tools For Android
  61. Hack Tools For Windows
  62. Termux Hacking Tools 2019
  63. Pentest Tools Free
  64. Pentest Tools For Mac
  65. Hacker Tool Kit
  66. Hacking Tools For Mac
  67. New Hacker Tools
  68. Nsa Hack Tools Download
  69. Hack Tools Download
  70. Pentest Tools Find Subdomains
  71. Top Pentest Tools
  72. Hacking Tools Windows
  73. Tools For Hacker

Read more »


Files Download Information

0
Posted by KP-3မိသားစု |




After 7 years of Contagio existence, Google Safe Browsing services notified Mediafire (hoster of Contagio and Contagiominidump files) that "harmful" content is hosted on my Mediafire account.

It is harmful only if you harm your own pc and but not suitable for distribution or infecting unsuspecting users but I have not been able to resolve this with Google and Mediafire.

Mediafire suspended public access to Contagio account.

The file hosting will be moved.

If you need any files now, email me the posted Mediafire links (address in profile) and I will pull out the files and share via other methods.

P.S. I have not been able to resolve "yet" because it just happened today, not because they refuse to help.  I don't want to affect Mediafire safety reputation and most likely will have to move out this time.

The main challenge is not to find hosting, it is not difficult and I can pay for it, but the effort move all files and fix the existing links on the Blogpost, and there are many. I planned to move out long time ago but did not have time for it. If anyone can suggest how to change all Blogspot links in bulk, I will be happy.
P.P.S. Feb. 24 - The files will be moved to a Dropbox Business account and shared from there (Dropbox team confirmed they can host it )  

The transition will take some time, so email me links to what you need. 

 Thank you all
M
More information

Read more »
2010 Hi There Theme designed by Wordpress Theme| Blogger Templates by Blogger Template | Bollywood Movie Wallpaper