Striking Back GDB and IDA debuggers through malformed ELF executables
Day by day the endless fight between the bad guys and good guys mostly depends on how fast a countermeasure or anti-reversing protection can be broken. These anti-reversing mechanisms can be used by attackers in a number of ways: to create malware, to be used in precompiled zero-day exploits in the black market, to hinder forensic analysis, and so on. But they can also be used by software companies or developers that want to protect the internal logic of their software products (copyright). The other day I was thinking: why…
The Future of Automated Malware Generation
This year I gave a series of presentations on “The Future of Automated Malware Generation”. This past week the presentation finished its final debut in Tokyo on the 10th anniversary of PacSec. Hopefully you were able to attend one of the following conferences where it was presented: IOAsis (Las Vegas, USA) SOURCE (Seattle, USA) EkoParty (Buenos Aires, Argentina) PacSec (Tokyo, Japan) The Future of Automated Malware Generation from
Solving a Little Mystery
Firmware analysis is a fascinating area within the vast world of reverse engineering, although not very extended. Sometimes you end up in an impasse until noticing a minor (or major) detail you initially overlooked. That’s why sharing methods and findings is a great way to advance into this field. While looking for certain information during a session of reversing, I came across this great post. There is little to add except for solving the ‘mystery’ behind that simple filesystem and mentioning a couple of technical details. This…