Report in /g/urus. We are the 1337s.
Anything interesting your working on?
As for me, just cracking software as usual, releasing patches, fun stuff.
Not quite. The data before is the packer for the main exe. It ends at raw offset 16423. After a fair amount of trial and error I successfully unpacked the file and have the raw dump. That msg is merely proof after the file has been executed I can call the WIN32 API MessageBox and point to my injected string (which will be replaced later with pointers to new ASM code) for patching this files security mech which is much easier now that I have the exe's raw dump, though still a bit tricky.
Hacking: The Art of Exploitation 2nd Edition *
The Shellcoder's Handbook: Discovering and Exploiting Security Holes 2nd Edition
A Guide to Kernel Exploitation: Attacking the Core
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws 2nd Edition *
SQL Injection Attacks and Defense, Second Edition
Client-Side Attacks and Defense
The Browser Hacker's Handbook
Metasploit: The Penetration Tester's Guide *
The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
>coding (related to "hacking")
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers *
Coding for Penetration Testers: Building Better Tools
Gray Hat Python: Python Programming for Hackers and Reverse Engineers
All books marked with a * is regarded as extra valuable.
If you're only going to read one book on that subject, read this one.
>OpenSecurityTraining: Introductory Intel x86
>Assembly Language Megaprimer for Linux
>Offensive Computer Security 2014
>The Open Web Application Security Project (OWASP)
Really interesting stuff, would recommend checking out the "OWASP top 10" project and Attack Categories.
Have released some interesting tools as long with some good articles and guides on different subjects.
>subreddits to check out
RE for beginners:
CTF is a capture the flag competition. usually they are in the form of a big jeopardy board of challenges that you have to solve for points.
sometimes they give you a binary file and you have to find an exploit, sometimes they point you to a fake website with some exploitable part and you have to hack the site, sometimes you break crypto challenges, sometimes you analyze packet captures, etc etc. it's like hacker games.
CTFtime keeps track of CTF competitions, teams, who is winning what, etc.
more info: https://www.youtube.com/watch?v=8GkvBZvGO5Y
my captcha is a cactus?
Another look at it this time in IDA 64 (since its a 64 bit elf file).
Why are you "injecting" strings into this program... Also, that data looks like garbage. Are you sure it actually unpacked it properly.
Also, just curious, what are you using to dump the loaded image back to a PE file?
>Top security and cryptography specialist for the military
>Posts pictures with link to resume and personal documents on 4chan
>uses full name as windows directory
Ok, so IDA 6.5 keeps leaking, but does anyone have Hex-Rays decompiler to go with it?
They are NEETs who would be mortified if their name showed up in Google results even though no one knows or cares who they are. They think not existing outside of being "anonymous" on 4chan is good security. They think they are pro doxxers because they can Google names.
Still looking for that hexrays decomp leak doe.
what is the BEST book for learning assembly??
I don't care which CPU its for, but I can't find a single good book that teaches assembly well
that is really pointless to read books about hacking/pen or using disassembles like ollydbg and IDA testing when you don't know assembly
I'm reversing PSP games and fixing them so that they can be translated into English. This one is easy because they didn't strip symbols.
From root to SPECIAL: Pwning IBM Mainframes - Soldier of Fortran
Mass Scanning the Internet: Tips, Tricks, Results - but I really enjoy Viss
One day I will learn to do this, there are so many Sony games for the PSX and PSP that I want to play but are not in English. I'll either learn Jap or learn to reverse or do both.
Working on my project called Celect.
A couple of years ago, there was an Eve-like MMORPG (but a bit more cartoony, and less real-time) called Celetania. Unfortunately their parent company went under and they discontinued services.
Since there is no more traffic to analyze, I'm in the progress of writing a server purely by reverse engineering the game client.
Their engine is actually pretty cool. They wrote their own stack-based scripting language and a JIT.
I want to learn more about web application exploitation. I am okay with SQL injection but I don't fully grasp the concept of XSS and how do people deface web pages? Other than using PunkSpider how can i find vulnerable pages to practice on?
I'm trying to create a keygen
I have reverse engineered some software, I isolated the functions checking the keys
The problem : the functions are big as fuck doing obscure bitwise operations, would take long time to figure it out step by step
Is there a more intelligent way of handling the problem ? Right now I was thinking :
- isolate the verification functions
- as the functions return when there is something wrong with the serial, I could randomly try keys and record the number of executed operations
- from the data, run a neural network with one input = one bit...
I doubt that would work thought, the cycle mesuring is either slow or imprecise even when I run it a lot of time
From this method I got the serial length (about 4X the number of instructions are executed when the length is of 23, pic related, number of cycles per 100 runs vs key length)
Honestly, this "linux is 4 pros" mantra is stupid.
Windows is so much better for reverse engineering simply because all this shit was done on WIN 9x, 2k, XP by the older gen crackers, and the tools have existed and been updated since then. Real crackers don't give any damn about the OS they use, in fact most use Windows because, simply put, the tools are better, they don't give 2 shits about using a GUI over CLI either. It's about what gets things done the fastest, and clearly Windows and automation tools are superior than the few specialized ones that exist on Linux.
I've always been interested in this, never got around to learning about it.
How do I get started if I want to participate in such a thing? University sophomore here by the way, and I've not taken any courses on security specific topics.
Learn MIPS R4k assembly - it's so easy even imbecile could do that, steal IDA Pro, download emulator. Learn yourself to recognise 'JFIF', 'TGA' and just raw textures, mp3 inb4. Learn a bit of python to be able to make unpacker-packer.
I'm trying to find a more "generic" way of handling the problem, if possible.
More interesting imo than going thought 1000+ asm instructions, but I guess keygen crackers do this, don't they ?
I'm using 010 Editor, it's available for Linux too. As for reverse engineering I think you're supposed to use prxtool --disasm --xmlfile 500_psplibdoc_191008.xml, it's not as convenient as IDA though.
I think in PPSSPP they use WinApi for debugger GUI so it won't work on Linux unless you run PPSSPP in wine.
Stop spewing buzzwords you retarded autist, and grow up and out of your shitty game and shitware cracks
Reverse engineering is for understanding how software works at the low level, not for making le call of duty crack
Copy paste the asm into a C program. Utilize the asm keyword. All you really gotta know is the function params. What does it matter how it works as long as you can pass crap to it?
IN PLACE WE ARE FORCE!11
THEY NOT GONNA DO ANYTHING
You are stupid as shit.
Where do you think reverse engineers come from? From facking cracking games and software out of interest and hobbies at the start, then moving onto better jobs.
You don't one day go
>hurr durr ima be 1337 reverse engineer and work for da guugle by reading shitty lectures at my uniweristy
Your argument is at a pleb-tier level. Please kill yourself, seriously.
>Where do you think reverse engineers come from? From facking cracking games and software out of interest and hobbies at the start, then moving onto better jobs.
Exactly, they grew up, why don't you
>yfw the combined share of Linux + BSD is less than Windows Vista, the lowest selling Windows ever
I imported the functions with dlopen and I know the parameters already
Looking to find a proper key without doing monkey analysis of a ton of instructions... doing a crack would be easy tho
(or I didn't get what you mean)
A funny thing I saw in the asm, the programmer manually banned few keys that you can find on internet (like youserials.com)
They are not replacements for a computer. Just devices that enable normalfags to update their facebook and check email on the go. Even surface is not functional enough to be used as a full time terminal.
Why would you want an alternative?
OllyDBG can do absolutely everything, especially with the Plugins, there is everything you could want and more. If you think of something olly needs, 99% of the time a plugin has been created for it.
Ok, this might be a thread to ask this
We all know Scene release group release their shit on usenet, right? (right?)
Well, i would like to get in contact with this one group that publishes video tutorials like CBT Nuggets, Pluralsight etc, they are called Keiso, does anyone know how to ask them for a request? Can't find any contact
>Scene release group release their shit on usenet, right? (right?)
It's couriers, leechers and other fags who happens to have site access who do that.
>does anyone know how to ask them for a request? Can't find any contact
The general thing is: If you have to ask how to even get in contact with a group they are not likely to wanna talk to you.
All these warez/scene etc groups are typically all on IRC, that's how they all communicate. Just find their channels or related warez channels, and ask about till you get in some direction.
i don't wanna talk to them, i don't want to learn anything or shit like that, i just have 2 requests for video tutorials they probably can get
but i am aware that there are shitload of other leeches who make money of them, i tried requesting there but they don't give a shit
so, how does one contact groups?
10 years ago or so I was told such shit does happen, during a job interview
> tfw I wrote POC viruses all by myself
> tfw I never peered with real hacker
> tfw I can't consider myself a hacker anymore
> tfw I lead a cybersecurity program
> tfw am not young anymore and can't spare time on cracking and RE, which is a dead-end for someone with education
> tfw I am jealous of you all
To adress the which OS should you do your RE in, well I have a simple rule: Same platform your executable is written originally for.
If it is written for all platforms, pick the one you know the internals of better. If you are well rounded in all platforms, pick the platform that has your favorite tools.
Don't work from a VM in reversing.
>Windows cracking/RE gets done on windows, OSX on OSX, Linux on Linux and BSD on BSD.
Being well rounded really buys you freedom and flexibility.
Every board has a third party archive ya dingus. If you've got any half decent script running, if thread 404's it'll just plop you in the archive.
/b/ likely does not (I don't use /b/ anymore, or at least enough to tell you if they have one) because it moves too fast.