Deep-Dive in WoW64

Mon 12 September 2016 by hakril


When working on PythonForWindows, I had multiple encounters with some specificities of WoW64 (Windows 32-bit on Windows 64-bit) and the challenges/opportunities it offers.

Few weeks ago, I tried to play once again with cross-bitness execution and more precisely 64b Vectored Exception Handler (VEH). What I thought would be ...

read more

HTC unlock internals

Tue 10 April 2012 by cedric

Since the end of 2011, HTC allows unlocking its Smartphones' bootloaders. Before that, HTC controlled every updates and packages that were installed on their devices. Users can now unlock their device manually in order to install any installation image (commonly called "ROM" in Android jargon) on their Smartphone. This article ...

read more

iOS 5 data protection updates

Sun 09 October 2011 by jean

iOS 5 was released this week, and introduced some changes to the data protection features we described at HITB Amsterdam. This post highlights the updates made since iOS 4.

LwVM partition scheme

The GPT partition table used on iOS 4 was replaced by Apple's proprietary Lightweight Volume Manager (LwVM ...

read more

The undocumented password validation algorithm of Adobe Reader X

Wed 14 September 2011 by guillaume

Someone recently sent me an email about troubles when opening in Origami encrypted PDF documents produced by Acrobat Pro X. At first I thought it was a bug, but while looking in the data of the document I noticed two unusual things: the specified PDF version was Extension Level 8 ...

read more

Exploitation automatique avec Metasm

Mon 14 June 2010 by ivan

Metasm est un outil puissant permettant de scripter la manipulation de binaires. Sachant qu'il fournit une fonctionnalité de debugging, on peut automatiser certaines actions en les scriptant avec Ruby. On va ainsi l'utiliser pour créer un outil basique d'exploitation automatique de binaires ELF x86. L'idée est ...

read more

How to: Create a new processor in Metasm

Fri 02 October 2009 by alex

Some guys from our lab took part to the last Defcon CTF in Vegas. While trying to sharpen our tools before the CTF, we had this brilliant idea (actually not so brilliant) "Hey, DDTEK guys proposed a challenge based on a virtual machine in the quals, they may re-use it ...

read more

SSTIC 2009 Challenge vs Metasm

Fri 03 July 2009 by alex

Few weeks ago, preceding the 2009 SSTIC conference, the wonderful Stéphane Duverger proposed the SSTIC 2009 Challenge. It has been one of the most intersting reverse challenge I've seen these last months and I will take advantage of it to describe few use cases of Metasm.

I strongly encourage ...

read more

Étude d'une épreuve du Capture The Flag (CTF) de la DEFCON 2008

Tue 28 October 2008 by christophe

Cet article détaille l'étude et l'exploitation d'une épreuve du CTF de la DEFCON 2008, le wargame le plus connu, organisé par les Kenshoto. Ce challenge se déroule chaque année et réunit huit équipes pendant trois jours (et deux nuits) autour d'un même but : exploiter le plus ...

read more

Metasm VS Challenge T2'08

Wed 15 October 2008 by alex

La conférence T2 se déroule à Helsinki, en Finlande, et propose chaque année un défi de reverse-engineering. Nous allons l'étudier à l'aide de Metasm et je profiterai de ce billet pour présenter une nouvelle fonctionnalité de l'outil, développée pour l'occasion.

Pour rappel les protections implémentées les ...

read more

Déprotection semi-automatique : les scripts Metasm

Thu 19 June 2008 by alex

Ce billet fait suite à la présentation que Yoann et moi avons réalisée à SSTIC cette année, orientée vers l'analyse statique et la déprotection semi-automatique de binaire.

En substance nous avons tiré profit des capacités de Metasm afin de réaliser des approches purement statiques sur deux défis que nous ...

read more