破解/汇编『Crack/Asm』

IDA Pro 6.3 ELF Anti-Debugging / Reversing Patcher

没有评论 
/*
*
* IDA Pro 6.3 (crash due an internal error)
* ELF anti-debugging/reversing patcher
*
* Published @ IOActive Labs Research blog:
* http://blog.ioactive.com/2012/12/striking-back-gdb-and-ida-debuggers.html
*
* - nitr0us [ http://twitter.com/nitr0usmx ]
*
* Tested under:
* IDA Pro Starter License 6.3.120531 (Mac OS X)
* IDA Pro Demo 6.3.120730 (Ubuntu Linux 9.04)
* IDA Pro Demo 6.3.120730 (Mac OS X 10.7.3)
* IDA Pro Demo 6.3.120730 (Windows Vista Home Premium SP2)
*
* Bug found using Frixyon fuzzer (my ELF file format fuzzer still in development)
*
* Timeline:
* 21/11/2012 The bug was found on IDA Demo 6.3
* 22/11/2012 The bug was tested on IDA Pro Starter License 6.3.120531 (32-bit)
* 22/11/2012 The bug was reported through the official Hex-Rays contact emails
* 23/11/2012 Hex-Rays replied and agreed that the bug leads to an unrecoverable
* state and it will be fixed on the next release
*

**************** TECHNICAL DETAILS ***********************
nitr0us@burial:~$ gdb -q idaq
(gdb) r a.out
(no debugging symbols found) 

Program received signal SIGTRAP, Trace/breakpoint trap.
[Switching to Thread 0xb6860760 (LWP 3638)]
0xb55f7694 in default_notification_handler (reader=@0xbfbffae0,
 notif=reader_t::err_shstrndx) at reader.cpp:33
33 reader.cpp: No such file or directory.
 in reader.cpp
Current language: auto; currently c++
(gdb)
Continue Reading

博客相关『Blogger/WordPress』, 破解/汇编『Crack/Asm』

也谈《Linux脚本自动备份网站数据到Dropbox》

没有评论

其实要写这个完全是受小白童鞋的影响,看了她的《Linux脚本自动备份网站数据到Dropbox(上)》之后想着试试,结果看了下那篇文章最后的链接,拷贝了两个脚本,不试不知道一试发现神马都没法用! =(话说写代码都不用测试的么? 😎

修改之后的代码应该是这个样纸滴:
数据库备份代码(保存文件格式一定要保存为Unix UTF-8,要不是跑不动滴)

#!/bin/bash
#sql_everyday_backup.sh
echo "################################################################"
echo "#Backup sql stabase everyday                                   #"
echo "#Mars Security                                                 #"
echo "#By:obaby                                                      #"
echo "#http://www.h4ck.ws                                            #"
echo "################################################################"
MYSQL_USER="root" // 数据库的用户名
MYSQL_PASS="123456789"// 数据库的密码
MYSQL_DATABASE="mars"//要备份的数据库
SqlFileName=sql_h4ck_$(date +%y%m%d).tar.gz //备份数据库名称

echo " > Start dump the sql database......." 
mysqldump -u$MYSQL_USER -p$MYSQL_PASS  $MYSQL_DATABASE>h4ckbackup.sql
echo " > Zip the sql file "
tar zcvf $SqlFileName h4ckbackup.sql
echo " > Start uploading file now....."
sh dropbox_uploader.sh upload $SqlFileName
sh dropbox_uploader.sh delete sql_h4ck_$(date -d -10day +%Y%m%d).tar.gz
rm -f $SqlFileName
rm -f h4ckbackup.sql
echo " > All Finished ,have a joy!"
echo "###############################################################"
Continue Reading

破解/汇编『Crack/Asm』

Acer 5742G Bios(1.30)修改

22 条评论

各种笔记本的Bios基本上都被厂商设置了各种限制,剩下可以修改的选项寥寥无几,而如果想要进行一些高级配置却没有什么办法。于是就只能自己想办法解决了,例如宏基的笔记本就只剩下了这么几个选项。

说实话,这几个选项基本没什么太大的用处,而我要改bios也不是对什么修改启动画面有兴趣,那个东东其实没虾米意思。

Continue Reading

破解/汇编『Crack/Asm』

The Art of Unpacking

一条评论

The Art of Unpacking
by Mark Vincent Yason
=====================================================
=====================================================

Abstract: Unpacking is an art—it is a mental challenge and is one of the most exciting mind
games in the reverse engineering field. In some cases, the reverser needs to know the
internals of the operating system in order to identify or solve very difficult anti-reversing tricks
employed by packers/protectors, patience and cleverness are also major factors in a
successful unpack. This challenge involves researchers creating the packers and on the other
side, the researchers that are determined to bypass these protections.

The main purpose of this paper is to present anti-reversing techniques employed by
executable packers/protectors and also discusses techniques and publicly available tools that
can be used to bypass or disable this protections. This information will allow researchers,
especially, malcode analysts to identify these techniques when utilized by packed malicious
code, and then be able decide the next move when these anti-reversing techniques impede
successful analysis. As a secondary purpose, the information presented can also be used by
researchers that are planning to add some level of protection in their software by slowing
down reversers from analyzing their protected code, but of course, nothing will stop a skilled,
informed, and determined reverser.

Continue Reading
Close Menu