assembly – Page 5 – WindowsTechs.com

How to get the opcodes of a instruction with mona?

Posted on September 24, 2021 by Kavishka Gihan

In a stack-based buffer overflow exploit I am working on, the length of the buffer that can hold shellcode is not enough. Therefore I have to somehow point the EIP to the beginning of the buffer. My payload looks like this:
"A"*2… Continue reading How to get the opcodes of a instruction with mona?→

Instead of JMP ESP can we use it’s opcodes?

Posted on September 24, 2021 by Kavishka Gihan

In a buffer overflow exploit, when we use a JMP ESP instruction to jump to the ESP, instead of using the address of the JMP ESP, can’t we use the opcodes of it?. I generated the opcodes of the JMP ESP instruction with mona in Immunity Debu… Continue reading Instead of JMP ESP can we use it’s opcodes?→

Trouble understanding buffer overflow to print a string

Posted on August 10, 2021 by n0unc3

I have the following program:
#include<stdio.h>

int main() {
int i=0;
foo();
printf("Hello there!");
func();
}

int foo(void) {
char str[14];
strncpy(str,"General Kenobi", 14)
prin… Continue reading Trouble understanding buffer overflow to print a string→

Shellcode not executing despite EIP being overwritten properly

Posted on July 6, 2021 by Toma

Here is my exploit:
junk = b’A’ * 1032

eip = b"\xf5\x93\x4a\x00" # some address where ‘jmp esp’ lives

shellcode = b""
shellcode += b"\x33\xc0" # xor eax, eax
shellcode += b"\x50" … Continue reading Shellcode not executing despite EIP being overwritten properly→

Is it dangerous to run malware in DOSBox? [closed]

Posted on June 16, 2021 by ArianKG

I made a DOS malware in Assembly and here is the code of my malware:
org 100h

file db "*.*", 00h
mov ah, 4Eh

loop:
mov dx, si
int 21h

mov ax, 3D01h
mov dx, 9Eh
int 21h

xchg bx, ax

mov ah, 40h
… Continue reading Is it dangerous to run malware in DOSBox? [closed]→

The Epic Saga of Hacking Knights of the Round

Posted on June 8, 2021 by Tom Nardi

For the uninitiated, Knights of the Round was a hack-and-slash arcade game released by Capcom in 1991 that rather loosely followed the legend of King Arthur and the eponymous Knights …read more Continue reading The Epic Saga of Hacking Knights of the Round→

what do these assembly code doing? [migrated]

Posted on May 21, 2021 by hanan

I tried to reverse engineer an apk app, and it was loading a native code. I have observed that the app was using the native code like this
public static String v = sUQWWyTBEs().toString().substring(32, 37);

the disassembled function sUQW… Continue reading what do these assembly code doing? [migrated]→

AVR Reverse Engineering Hack Chat

Posted on April 19, 2021 by Dan Maloney

Join us on Wednesday, April 21 at noon Pacific for the AVR Reverse Engineering Hack Chat with Uri Shaked! We’ve all become familiar with the Arduino ecosystem by now, to …read more Continue reading AVR Reverse Engineering Hack Chat→

Does this reorganiser have UART? [migrated]

Posted on February 12, 2021 by Questioner

This is a question about finding the UART, or whatever alternative, so I can get access to an old reorganiser from the year 2000. I know this is a hardware question, but it is technically reverse engineering and I will have to do some expl… Continue reading Does this reorganiser have UART? [migrated]→

Disassembly a win Linux file [migrated]

Posted on February 6, 2021 by Badddy

I have a file that has a compiled assembly code and being loaded into javascript code for execution.
How can I “inspect” the file? I am aware of tools like immunity debugger or ollydbg but I am not sure they can help me here.
How can I see… Continue reading Disassembly a win Linux file [migrated]→