webstersprodigy.net

Last week I wrote a keygen here: http://webstersprodigy.net/2010/06/22/reverseme-windows-keygen/. This is an almost identical problem, but the binary has been patched to allow debugging (I may do this programmaticly as well, but not yet). I wanted to solve this with programmatic debugging. Here is the exe: Ice9pch3. The code simply sets a breakpoint and prints the [...]

Boinc is a project I just discovered, but find it very cool. I have used projects like the protein folding and seti@home in the past, which use your spare cpu cycles for something useful. Boinc allows you to manage many projects like that in one place. It seems like an awesome way to help scientists discover look at some really cool problems. http://boinc.berkeley.edu/

For the security class I’m teaching we recently had a box to pwn. Problem is, they would sometimes get the address wrong and crash the virtual system. I probably would have just distributed the vdi, but not all of them have machines robust enough to run a vm, so I had to set something up.

Windows reverseme – nothing tricky, just a sort of complicated validation process. The easiest thing in the world is to get this thing to validate. Just run it and put a breakpoint at 00401288, and look at the value in 00406749. That’s it! You’re validated.

This is a stupid script similar to cat. Again, I am using it for windows.

From http://www.suse.de/~agruen/acl/linux-acls/online/ “Traditionally, systems that support the POSIX (Portable Operating System Interface) family of standards [11,2] share a simple yet powerful file system permission model: Every file system object is associated with three sets of permissions that define access for the owner, the owning group, and for others. Each set may contain Read (r), Write (w), and Execute (x) [...]

This was pretty easy. Here is a download to the executable Hardcoded serial is: “Reversing raises knowledge!” This could have potetially been guessed eventually with a hex dump, but I noticed it when setting a break point at 0×00401462 and doing a registry dump (eax points to the string). That address is the start of [...]

Sat for an evenin’ o’ fun this holiday season. The executable to be reversed can be found here. I like these easy ones. Last month I tried a harder one and found it discouraging. I don’t have the sort of time to work on these for a full day, so these couple hour ones are a lot more fun to me at this point.