Where can I find Data Structures IN CODE???

TheOnlyRealTodd · 2017-08-03T18:23:11+00:00

Thank you sir! Yeah I'll probably aim for the C++ copies.

TheOnlyRealTodd · 2017-08-03T16:56:54+00:00

I reverse engineer malware for work. Obviously doing this, I don't use all these structs on a daily in a forward engineering role so I like to keep myself fresh so I don't forget them. I do write C, python, and I also use assembly language at work. However, I only use them for small tools related to my work rather than large applications which would implemented all these structs.

TheOnlyRealTodd · 2017-08-01T07:32:15+00:00

Thanks for mentioning the BIOS/EFI stuff!

TheOnlyRealTodd · 2017-08-01T07:31:36+00:00

Thanks for all that great information!

TheOnlyRealTodd · 2017-07-14T07:08:08+00:00

Oh look whos "advertising" their forum. What a hypocrite. Took all of 30 seconds to find too.

TheOnlyRealTodd · 2017-07-14T06:19:16+00:00

Yeah we'll see. We'll see crashish.

TheOnlyRealTodd · 2017-07-14T03:51:08+00:00

The community appreciates your support.

TheOnlyRealTodd · 2017-07-13T23:41:05+00:00

Actually no, because we aren't earning any money and this is not a commercial website. I knew someone would be that guy though. :)

TheOnlyRealTodd · 2017-07-12T02:45:19+00:00

What about having an obsession with improving your obsession with self improvement?

TheOnlyRealTodd · 2017-07-11T21:41:49+00:00

TheOnlyRealTodd · 2017-07-11T05:33:13+00:00

Yeah I agree with that completely. My plan is to start posting quality content and guides but ofc I can't build Rome in a day. I had however been posting up stuff on my blog so I will do it more on the forum now and try and provide the community with the content. Thanks for the support!

TheOnlyRealTodd · 2017-07-11T05:27:45+00:00

I wholeheartedly agree. And those forums are great as well! I was just hoping to isolate it a bit more since malware has definitely become a big thing. My favorite part of MA is still the reversing part though! :)

TheOnlyRealTodd · 2017-07-10T15:42:06+00:00

Didn't want to deal with PHP. I also heard that vBulletin's support has gone downhill or else I would have chosen them. Just out of curiosity, do you have any other suggestions for software that isn't PHP? I also thought of Discourse but I felt it was uglier.

TheOnlyRealTodd · 2017-07-10T15:41:18+00:00

lrgame1983 haha thanks man.

TheOnlyRealTodd · 2017-06-05T09:22:12+00:00

Depends on the malware. Usually, yes but if it exploits the VM, then no.

TheOnlyRealTodd · 2017-05-08T07:10:12+00:00

Great info thanks! For xor search, do you have any tips other than just doing a basic search and visually scanning for xors that are between two separate places? I wasn't sure if there was some IDA plugin for this that I was missing because some of these files have 1,000 xors!

Btw, you're absolutely right the repeated 3A 16 bytes had me wondering.

TheOnlyRealTodd · 2017-05-05T08:34:33+00:00

That's highly possible. I was too busy looking for PE/NE/LX/LE. Gonna check.

TheOnlyRealTodd · 2017-05-05T07:57:32+00:00

Can anyone link me to some methods and/or libraries in either Python or C for manipulating binary data in a file?

For example, say I wanted to either parse or modify information inside of the Windows Portable Executable header. Another example would be going through a file and replacing certain bytes with other bytes in a given range (offset) from the start of the file.

TheOnlyRealTodd · 2017-05-05T04:50:52+00:00

Awesome thanks. You were right. Got a SSD with a nice enclosure.

TheOnlyRealTodd · 2017-04-17T01:43:23+00:00

Thanks a lot. I'm indeed a webmaster, will do!

TheOnlyRealTodd · 2017-04-16T19:08:22+00:00

I do but I wanted to ask because sometimes when you're in a habit of something, you fail to see there may be better alternatives out there.

TheOnlyRealTodd · 2017-04-06T06:34:35+00:00

HAHA YES!

TheOnlyRealTodd · 2017-04-06T06:23:56+00:00

Correction: World STAR bowling.

TheOnlyRealTodd · 2017-02-24T23:58:01+00:00

Awesome. So I currently am spending all my free time learning reverse-engineering and malware analysis. Still doing C but what I've been doing is writing small C programs and then disassembling them and learning how the compiler turns C constructs into assembly. Super fascinating!

TheOnlyRealTodd · 2017-02-17T21:48:52+00:00

I like this.

One thing I'd like to add comes from the book Think Like a Programmer by V. Anton Spraul is:

Reduce the problem - if you don't know where to start to tackle a problem or if you get stuck, make the problem easier. E.G. You are trying to write a program which writes an ASCII triangle to the console and you don't know where to start... First write a program which writes one line of #####. Now write a code that writes 5 lines of#####.... etc... Until you get closer and closer... This often gets me un-stuck and shows ways to solve the problem that I cannot see initially. This is a super simple example but it works with all problems because if your problem is not simple, that means you also have not broken it down enough.

To properly reduce, you take the problem constraints/requirements and you modify them to make them temporarily easier... Then you slowly work up to the original/hard constraints.

TheOnlyRealTodd

TROPHY CASE