ESET CrackMe Challenge 2015 Walkthrough

The ESET CrackMe Challenge 2015 is divided into 2 parts: This is the one you download from the ESET website. You are asked to reverse an UPX packed executable and find one password (Drevokokur). Then the application decrypts a message with this password that basically asks you to decrypt in the same way some unreferenced […]

Introduction to ARMv8 64-bit Architecture

Introduction The ARM architecture is a Reduced Instruction Set Computer (RISC) architecture, indeed its originally stood for “Acorn RISC Machine” but now stood for “Advanced RISC Machines”. In the last years, ARM processors, with the diffusion of smartphones and tablets, are beginning very popular: mostly this is due to reduced costs, and a more power […]

Extracting Objects from a Running Process

Few days ago two new 0-days have been spotted in the wild: CVE-2013-0633 and CVE-2013-0634, both of them involving a .swf file, possibly embedded inside a Word Document. It might be interesting to understand how to dump a similar resource while the attacked process is running,  after all the obfuscation layers are cleared. Clearly this same technique can be expanded to extract […]

Device Driver Development For Beginners

Just a little starter for people interested in starting Kernel-Mode Development. This tutorial is a flexible one, time by time I’ll Reload and Expand it. By following a good thread on UIC forum, opened by a beginner that wanted to know how to start with Device Driver Development, I remembered that long time ago published […]

Windows Drivers Debugging

In this tutorial we are going to see how to setup a Debugging Environment for our Drivers. This is not a complete guide, it’s just a quick tour intended to give a fast overview of Windbg and problems involved into Driver Debugging. DriverLoader WinDbg The Problem Setting up a full working Kernel Debugging Environment is […]

X64 Assembly

Links and References Introduction Essay Links And References AMD64 documentation Introduction This article is extracted from “Moving to Windows x64” by Daniel Pistelli (Ntoskrnl) Essay Now I’ll try to explain the basics of x64 assembly. I assume the reader is already familiar with x86 assembly, otherwise he won’t be able to make heads or tails […]