Category Archives: Reversing

Posts about reverse code engineering (aka RCE, reversing, RE, reverse engineering)

Two more useful flags for cl.exe

Posted on 2023-11-07 by Oliver

/Be appears to spit out a make file1 snippet that contains the recipe to reproduce a given run of cl.exe. It takes into account variables. Check it out: all: @cd D:\17.7.5\x64 @set INCLUDE= @set LIB= @set LIBPATH= @set CL=/nologo /utf-8 … Continue reading →

Posted in C/C++, Reversing, Software | Tagged MSVC | Leave a comment

Undocumented MSVC

Posted on 2023-07-02 by Oliver

Some ongoing research. For obvious reasons I can only share results and tools, but not actual sample data.

Posted in EN, Reversing, Software | Tagged Hex-Rays, IDA, MSVC, Visual C++ | Leave a comment

IDA and Hex-Rays decompiler keyboard shortcut cheat sheet

Posted on 2023-01-22 by Oliver

Find it on GitHub: assarbad/some-latex/releases/tag/v1.0-ida-cheat-sheet LaTeX source can be found in the repository itself.

Posted in EN, Reversing | Tagged IDA, LuaLaTeX | Leave a comment

Reminder to self: IDA load all sections

Posted on 2023-01-20 by Oliver

Just a reminder to myself. Edit cfg/pe.cfg inside the IDA installation folder to configure the PE loader to load all sections: // Always load all sections of a PE file? // If no, sections like .reloc and .rsrc are skipped … Continue reading →

Posted in EN, Reversing, Software | Tagged IDA | Leave a comment

dumbin.exe, editbin.exe, lib.exe …

Posted on 2023-01-05 by Oliver

They’re all just slim wrappers around the actual link.exe, not using a common DLL or so, but actually invoking: dumpbin.exe simply invokes “link /dump” and failing that “link.exe link /dump” editbin.exe simply invokes “link /edit” and failing that “link.exe link … Continue reading →

Posted in EN, Programming, Reversing | Tagged MSVC, Visual Studio | Leave a comment

Running IDA 7.x/8.x inside Crossover 21/22/24

Posted on 2022-01-03 by Oliver

For a few versions I had issues running IDA Pro in Crossover with IDAPython enabled. Prior to the starting issues, everything worked fine, e.g. in the IDA 6.x version range. Please note that the setup of IDA Pro also succeeded … Continue reading →

Posted in EN, Linux, Reversing, Software | Tagged Crossover, Hex-Rays, IDA, Linux | Leave a comment

German federals looking for trojan author – still

Posted on 2012-09-04 by Oliver

The German federals (BKA = Bundeskriminalamt, roughly the German equivalent to the FBI in the US) are still looking for someone with the qualifications to write what had been dubbed “Bundestrojaner” (literally: federal trojan) in 2008. This means that first … Continue reading →

Posted in C/C++, EN, IT Security, Reversing, Software, Thoughts | Tagged BKA, Bundestrojaner, germany | Leave a comment

canyoucrackit.co.uk – yes we can ;)

Posted on 2011-12-10 by Oliver

So the British Government Communications Headquarters (GCHQ) wants to recruit smart people. Well, there should be enough around. Although they seem to look for some 1337 h4x0rz, not some serious people from all indicators. The original one (MD5: 1585DFECC90AE7549814DCE52CA4EDDA) filled … Continue reading →

Posted in C/C++, EN, Germans have no notion of sarcasm, Programming, Reversing, Software | 1 Comment

Bundestrojaner gefunden?

Posted on 2011-10-09 by Oliver

Heute wurde ich, unabhängig voneinander, von mehreren Leuten auf die Geschichte mit dem angeblichen Fund des Bundestrojaners durch den CCC hingewiesen. Unabhängig davon, ob es sich um das handelt wovon alle Welt ausgeht, machte mich der bei F-Secure gezeigte Bildausschnitt … Continue reading →

Posted in DE, Reversing, Software | 2 Comments

Eine neue Sau ist im Dorf …

Posted on 2011-06-17 by Oliver

… beziehungsweise wird durch’s Dorf getrieben: Hacker. Böse, fiese Hacker. Auf Begriffe muß man da nicht mehr achten (eigtl. sind Cracker gemeint). Glücklicherweise kommt ja jetzt das Cyber-Abwehrzentrum (was für ein Begriff, gell?) in Bonn. Das schlimme ist nur, daß … Continue reading →

Posted in DE, Gedanken, Reversing | Leave a comment

Two years later (update)

Posted on 2011-05-19 by Oliver

A new version of TortoiseCVS is available. Since I have largely parted with CVS, I just noticed now. Well, the issue reported in 2008 and closed as fixed is still not fixed. The respective piece of code looks exactly the … Continue reading →

Posted in C/C++, EN, Programming, Reversing, Software | Tagged patch, TortoiseCVS | Leave a comment

New IDA upgrade available (6.1)

Posted on 2011-04-11 by Oliver

Lovely. Hex-Rays released version 6.1 of IDA just today. I already requested my download and I am downloading as I type this. See the changes here. // Oliver PS: sadly it’s the first version where I don’t get a Linux … Continue reading →

Posted in EN, Reversing, Software | Tagged IDA | Leave a comment

F-Secure documentary about BRAIN

Posted on 2011-03-14 by Oliver

Watch it over here.

Posted in EN, IT Security, Reversing, Software | Leave a comment

“The system cannot execute the specified program.”

Posted on 2010-11-02 by Oliver

There is a pretty interesting article over at winprogger.com about the problems connected with IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY (set through /integritycheck ever since VS2005) and ERROR_INVALID_IMAGE_HASH (aka Win32 error code 577). Now, I’ve been fighting with this problem for two full days and … Continue reading →

Posted in EN, IT Security, Programming, Reversing, Software | Tagged force integrity, integrity check, sigcheck, signtool | 4 Comments

Dear technical writer (@Microsoft)

Posted on 2009-07-21 by Oliver

You write in the documentation of NtDeviceIoControlFile. Deprecated. Builds descriptors for the supplied buffer(s) and passes the untyped data to the device driver associated with the file handle. NtDeviceIoControlFile is superseded by DeviceIoControl. Could you please be a little more … Continue reading →

Posted in EN, Reversing | Leave a comment

Annoyance in TortoiseCVS fixed

Posted on 2009-05-21 by Oliver

Quite a while ago I reported a bug in TortoiseCVS 1.10.x (the Unicode versions) which more or less affects everyone that is using an alternative file manager. I for one use SpeedCommander and can highly recommend it, although for non-German … Continue reading →

Posted in /dev/null, Programming, Reversing | Tagged patch, TortoiseCVS | Leave a comment

Conficker tools

Posted on 2009-03-31 by Oliver

A team of two German researchers has devised a method to detect Conficker (in its known variants) through the RSA keys which originally have been used by the Conficker authors against anyone attempting to fool Conficker into updating from an … Continue reading →

Posted in EN, IT Security, Programming, Reversing | Leave a comment

Yippie! IDA 5.4 Pro released …

Posted on 2009-01-30 by Oliver

My personal highlight is still the Bochs debugger, but I am sure I’ll take the chance and also look into the newly acquired kernel debugging features. Check out the highlights over here. // Oliver

Posted in EN, Reversing, Software | Tagged IDA | Leave a comment

IDA 5.4 Pro Beta released

Posted on 2009-01-22 by Oliver

Hex-Rays has released a beta of the upcoming version 5.4 of IDA. I was lucky enough to be allowed for the beta-test and the first new thing I noticed was that the command line field now had a button in … Continue reading →

Posted in EN, Reversing, Software | Tagged IDA | Leave a comment

Meta
April 2024

M T W T F S S

1 2 3 4 5 6 7

8 9 10 11 12 13 14

15 16 17 18 19 20 21

22 23 24 25 26 27 28

29 30

« Dec
Search for:
Blogroll
IP info
- IP (text)
- IP (XHTML)
- IP (XML)
- myip.is
Programs

Category Archives: Reversing

Meta

Blogroll

IP info

Programs