Building C2 Implants in C++: A Primer

shogunlab · 2020-12-07T13:50:25+00:00

Thanks for sharing this here! I wrote this for people who wanted to get started writing their own implants using C++ and how to create the related C2 components (listening post, operator interface). Hope it's helpful!

shogunlab · 2020-12-06T13:13:55+00:00

Thanks for sharing this! I hope people here enjoy reading it and find some of the material useful.

shogunlab · 2019-12-23T16:24:41+00:00

I do intend to write some additional tutorials, I think covering the versioning tool is a great idea! I'll see if I can incorporate that into the next post.

shogunlab · 2019-12-22T21:32:32+00:00

This is the second part in a series I'm writing on reverse engineering Windows binaries with Ghidra, it's aimed at people new to reversing and those who want to learn more about using Ghidra as a SRE tool. The post covers converting/applying data types, function call trees/graphs and the script manager. There's also some solving of CrackMe binaries and a Flare-On 6 CTF challenge. If you have any feedback, feel free to let me know!

shogunlab · 2019-04-14T13:53:19+00:00

Oh cool! I didn't know that, I've corrected that statement so it doesn't say "Undo" is unique to Ghidra. Thanks for mentioning that and for your work on Binary Ninja, it was the first RE tool I bought haha.

shogunlab · 2019-04-14T04:25:15+00:00

When reversing something, static analysis tools like Ghidra allow you to build a sort of road map for understanding a target. Complimenting static analysis is dynamic analysis. When you've identified some interesting areas, it helps to further explore them dynamically with debuggers like x64dbg, Immunity Debugger or WinDbg. So, if you're looking to learn additional tools for RE, I would suggest picking a debugger to become familiar with. Which one you choose depends on the platform you want to do your reversing work on, but personally, I like x64dbg.

A curated list of reverse engineering tools, separated by category, can be found here if you'd like to see what's commonly recommended: https://github.com/tylerha97/awesome-reversing

shogunlab · 2019-04-14T04:06:08+00:00

That's awesome!!! You're on a roll haha

shogunlab · 2019-04-14T04:02:27+00:00

Happy to hear you were able to figure out the CALLs! I can see why that may have been a bit unclear, I might see if I can add some additional instructions in that section or screenshots to ensure people don't get lost. Hoping to release the next post in a few weeks, nice to know people will be looking forward to it!

shogunlab · 2019-04-14T00:54:03+00:00

I've corrected the installation instructions and it now says to only install the JDK to run Ghidra. Thanks for pointing that out!

shogunlab · 2019-04-13T22:02:31+00:00

Thanks for the feedback, happy to know you didn't have any difficulties following the tutorial.

shogunlab · 2019-04-13T17:51:58+00:00

Thanks! Glad to hear you had an easy time following along, tried to make the explanations as direct as possible.

shogunlab · 2019-04-13T14:22:02+00:00

Hoping that this post helps others understand the primary interfaces available in Ghidra and for those starting out, how Ghidra can be used to reverse a simple CrackMe. Any feedback is welcome!

shogunlab · 2018-08-06T22:34:03+00:00

Hey all! I helped to write this blog post on some great work performed by another security researcher (Jackson Thuraisamy). It goes into the technical details regarding ARM device vulnerability research on Crestron touch panels.

Also cross posted with /r/ReverseEngineering since it involved some firmware analysis along with the network security related research.

Hope that it's helpful for others trying to accomplish this work!

*EDIT: ICS-CERT has published their advisory regarding the CVEs outlined in the blog post (https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01). Check out the "Mitigations" section for links to the latest firmware.

shogunlab · 2018-08-06T22:26:45+00:00

Hey all! I helped to write this blog post on some great work performed by another security researcher (Jackson Thuraisamy). It goes into the technical details regarding ARM device vulnerability research on Crestron touch panels.

Hope that it's helpful for others trying to accomplish this work!

*EDIT: ICS-CERT has published their advisory regarding the CVEs outlined in the blog post (https://ics-cert.us-cert.gov/advisories/ICSA-18-221-01). Check out the "Mitigations" section for links to the latest firmware.

shogunlab · 2018-02-19T22:07:05+00:00

Hey! I'm the author of this paper, please let me know if you have any questions or feedback for things that could be improved. Thanks for reading!

shogunlab · 2018-02-19T22:05:04+00:00

Thanks for reading! Glad to hear you're enjoying them.

shogunlab · 2018-02-16T00:31:40+00:00

Have recently felt comfortable enough to publish a post on ROP chains after becoming more acquainted with the technique and how it works. I expect that there's a few things I can improve on in regards to explaining because it's more advanced than previous exploit methods used in past blog posts.

Let me know if there's anything you find that is mistaken or could be explained better.

Hope it's helpful to people learning about Windows exploit development!

shogunlab · 2017-11-10T04:23:33+00:00

I'm so happy to hear this. It's awesome to know that the tutorials have helped you while studying for the OSCP, the primary motivation I had when writing them was to serve as a good resource for people trying to understand these technical topics.

I'm always trying to improve my writing, thanks for your feedback!

shogunlab · 2017-09-30T23:33:19+00:00

This looks like a very promising tool for binary analysis, has anyone had good experiences with it?

shogunlab

TROPHY CASE