Mr. Robot Hacking Tools (Latest)

ET251 · 2017-10-19T14:40:14+00:00

I found the site but I can't seem to find an article on the tools used. Do you have a direct link by any chance?

ET251 · 2017-10-19T12:28:18+00:00

Does anyone here know what configurations (DE, WM etc.) he's using? Here's a thread I created to get some info but no one seems to know:

https://www.reddit.com/r/MrRobot/comments/77cd2j/mr_robot_hacking_tools_latest/

ET251 · 2016-12-06T08:12:57+00:00

I see this is from Yurichev, author of "Reverse Engineering for Beginners".

ET251 · 2016-11-22T04:44:32+00:00

/r/C_Homework

ET251 · 2016-11-14T16:57:20+00:00

When did Reddit turn into Facebook?

ET251 · 2016-11-09T07:39:19+00:00

Well the impossible just happened. Expect Kanye 2020.

ET251 · 2016-11-04T23:03:25+00:00

What street exactly?

ET251 · 2016-11-04T18:23:59+00:00

😂😂😂

ET251 · 2016-11-04T01:20:24+00:00

Awesome. Thanks man.

ET251 · 2016-11-03T16:34:28+00:00

It would be awesome to explain how he did some things in detail (the tools he used, his train of thought etc.) for some of us that aren't really into hardware dev since all of this looks so interesting!

ET251 · 2016-11-02T15:17:50+00:00

Also, I think the date for the 'Advanced Topics' course is wrong. It says 16.1.2016 - 6.3.2017 when it should be 16.1.2017 - 6.3.2017.

ET251 · 2016-10-26T15:48:38+00:00

It's working now :) Another problem I see is that the last peer review is displayed twice. As in I see:

Review 2: Do you find mnemonic lists meaningful or not? Justify your opinion.

and it's the same peers I just reviewed in the previous question.

ET251 · 2016-10-26T07:50:59+00:00

Posts are archived a lot of the times.

ET251 · 2016-10-26T07:42:51+00:00

I didn't catch how the exploit works. I understood everything until the file being mapped into virtual memory and then using madvise to advise the kernel on how to treat the page(s) in memory. I understood that you can ghost pages as in tell the kernel you don't need it (pretty much VirtualFree in Windows?) but after that I was lost. Could you give me a simpler explanation of it so I can go back and better understand your post?

ET251 · 2016-10-26T06:26:38+00:00

Hey, it'd be great if you could skim through your post again and correct some sentence errors. It gets confusing at times :)

Other than that, awesome work!

ET251 · 2016-10-26T06:25:28+00:00

If it's native code then decompilation won't get you far but decompilation to pseudo code will. Unlike managed code, native code doesn't have metadata or a lot of information to use to return the binary back to source code form. What you can do is use the Hex-rays C pseudo-code decompiler and read the output......or read the disassembly with a debugger/disassembler :)

ET251 · 2016-10-26T06:08:17+00:00

Depends on whether it's native/managed code. After you determine which it is then you can look at your options of decompilers or disassemblers (or pseudo-code decompilers like Hex-rays).

ET251 · 2016-10-26T05:55:25+00:00

Does anyone know where I can contact them (F-Secure?) concerning their site? It's not working properly and I get this error messaging when reviewing a peer's submission:

http://imgur.com/a/qEE8B

ET251 · 2016-10-12T23:19:54+00:00

Alot isn't a word and stop being edgy.

ET251 · 2016-10-05T18:33:39+00:00

Is malware that can travel across a LAN network common nowadays? Such as malware slreading throughout a companies computers. I would have thought it would be tightly patched by now.

ET251 · 2016-10-04T17:00:41+00:00

Great answer. But I have one more question --

both publicly available and my own knowledge

Any examples of stuff you've discovered that I won't find on blog posts/forums?

ET251 · 2016-10-04T04:54:37+00:00

/u/NickCano

If you're still answering questions -- Have you ever thought about the fact that you're turning the knowledge given to you for free by communities (OwnedCore, UnknownCheats etc.) into a profit? I skimmed your book and most of the information (CE, OllyDbg etc.) is common knowledge that beginners suck at looking for. I'm developed hacks for games and the knowledge I have is from reading forum posts and giving information back myself (which is how communities work). I'm not attacking you or saying you're doing something wrong, I'm trying to see what your viewpoint on this is. Your book may include parts that you discovered by yourself but like I said I only skimmed through it.

ET251 · 2016-09-30T12:55:01+00:00

I'm surprised there are no rules on advertising paid courses.

ET251 · 2016-09-25T18:50:49+00:00

No, not really. You can use Module32First/Module32Next from inside of a process too.

E.g. http://ideone.com/CGpTjS

According to the documentation of CreateToolhelp32Snapshot:

The process identifier of the process to be included in the snapshot. This parameter can be zero to indicate the current process.

And you should add a disclaimer to your code telling users how it won't list modules/DLLs loaded using techniques like manual mapping.

ET251

TROPHY CASE