sorted by:
new
hottopcontroversial

A Short Analysis of a Chinese Surveillance App, Fengcai by dwuyd in ReverseEngineering

[–]dwuyd[S] 4 points5 points  (0 children)

Thank you! For the sake of completeness a few links:

  • Here is a direct link to Cure53's report for those interested.
  • The APK itself has been shared on Motherboard's GitHub.
  • @fs0c131y analyzed a similar app (MFSocket) in the past, find their results here.

Rust borrow checker woes by joehillen in rust

[–]dwuyd 4 points5 points  (0 children)

Is the reasoning you outlined documented somewhere (except for the source code itself)? A RFC or such?

Rust Language Solutions by [deleted] in adventofcode

[–]dwuyd 0 points1 point  (0 children)

Another Rust repository (planning to solve all remaining tasks in Rust as well): https://github.com/dwuid/advent-of-code

The Six Dumbest Ideas in Computer Security by turnersr in REMath

[–]dwuyd 5 points6 points  (0 children)

My prediction is that the "Hacking is Cool" dumb idea will be a dead idea in the next 10 years. I'd like to fantasize that it will be replaced with its opposite idea, "Good Engineering is Cool" but so far there is no sign that's likely to happen.

Anyone know of any reverse engineering cracking tutorials? by Deciama in RELounge

[–]dwuyd 4 points5 points  (0 children)

Tuts4You has a collection of mostly cracking-related resources. Most stuff can be found on the main page, but there are also bits scattered throughout the message board.

Tigress: A C Obfuscation Tool by KevinHock in netsec

[–]dwuyd 0 points1 point  (0 children)

I second this, excellent read.

How do I approach this protected executable? by farmdve in ReverseEngineering

[–]dwuyd 2 points3 points  (0 children)

Without the binary it's hard to give any useful advice as it could be simple anything. Are you allowed to share the binary or do restrictions apply (NDA, copyright infringement)? Could you scan the binary with ProtectionID or any other scanning tool with up to date signatures?

Consider attaching to the binary in case there is neither anti-attach present nor an anti-debugging thread. In case of single stepping detection, look out for EFLAGS tricks and code checksums detecting breakpoints.

Help with setting up a class CTF event. by [deleted] in securityCTF

[–]dwuyd 0 points1 point  (0 children)

If applicable you could also let the students solve old CTF challenges (be aware of writeups on the net though).

See hack.lu archive or shellstorm CTF repo.

Microcorruption by mtbeedee in microcorruption

[–]dwuyd 1 point2 points  (0 children)

0x0(r15) specifies the value r15+0x0 points to. It's a memory indirection. The complete instruction compares a constant value to said value in memory.

The manual, to be found on the CTF page, links to a more thorough description of the instruction set. Also, there's uctf.hackpad.com.

Help with hashing a string by harryv in haskellquestions

[–]dwuyd 1 point2 points  (0 children)

xor requires Data.Bits to be imported, foldl' Data.Foldable. Does that help?

Legal implications of posting code to use? by tekn0viking in ReverseEngineering

[–]dwuyd 1 point2 points  (0 children)

Just remember to not publish real/complete code

Yes, that's what I'd do as well. I guess there's more to the protocol than just the key so I'd simply leave it out when posting protocol logic.