assembly – Page 5 – WindowsTechs.com

How to use pwntools to generate a relative jump?

Posted on November 11, 2021 by user3207874

I want to use pwntools to generate a relative jump 0x20 bytes forward. It isn’t described in the documentation how to do that.
What’s the command for doing a JMP SHORT 0x20 in pwntools?

Continue reading How to use pwntools to generate a relative jump?→

The Linux x86 Journey to main()

Posted on November 6, 2021 by Al Williams

Have you ever had a program crash before your main function executes? it is rare, but it can happen. When it does, you need to understand what happens behind the …read more Continue reading The Linux x86 Journey to main()→

Some introductory reverse engineering help on finding a string

Posted on October 13, 2021 by Questioner

I understand the crackme I am researching is from 2007, however this was the point in my life when I initially became interested in reverse engineering and wish to complete it for nostalgia sake. Following on from this question, I intend t… Continue reading Some introductory reverse engineering help on finding a string→

How to get the opcodes of a instruction with mona?

Posted on September 24, 2021 by Kavishka Gihan

In a stack-based buffer overflow exploit I am working on, the length of the buffer that can hold shellcode is not enough. Therefore I have to somehow point the EIP to the beginning of the buffer. My payload looks like this:
"A"*2… Continue reading How to get the opcodes of a instruction with mona?→

Instead of JMP ESP can we use it’s opcodes?

Posted on September 24, 2021 by Kavishka Gihan

In a buffer overflow exploit, when we use a JMP ESP instruction to jump to the ESP, instead of using the address of the JMP ESP, can’t we use the opcodes of it?. I generated the opcodes of the JMP ESP instruction with mona in Immunity Debu… Continue reading Instead of JMP ESP can we use it’s opcodes?→

Trouble understanding buffer overflow to print a string

Posted on August 10, 2021 by n0unc3

I have the following program:
#include<stdio.h>

int main() {
int i=0;
foo();
printf("Hello there!");
func();
}

int foo(void) {
char str[14];
strncpy(str,"General Kenobi", 14)
prin… Continue reading Trouble understanding buffer overflow to print a string→

Shellcode not executing despite EIP being overwritten properly

Posted on July 6, 2021 by Toma

Here is my exploit:
junk = b’A’ * 1032

eip = b"\xf5\x93\x4a\x00" # some address where ‘jmp esp’ lives

shellcode = b""
shellcode += b"\x33\xc0" # xor eax, eax
shellcode += b"\x50" … Continue reading Shellcode not executing despite EIP being overwritten properly→

Is it dangerous to run malware in DOSBox? [closed]

Posted on June 16, 2021 by ArianKG

I made a DOS malware in Assembly and here is the code of my malware:
org 100h

file db "*.*", 00h
mov ah, 4Eh

loop:
mov dx, si
int 21h

mov ax, 3D01h
mov dx, 9Eh
int 21h

xchg bx, ax

mov ah, 40h
… Continue reading Is it dangerous to run malware in DOSBox? [closed]→

The Epic Saga of Hacking Knights of the Round

Posted on June 8, 2021 by Tom Nardi

For the uninitiated, Knights of the Round was a hack-and-slash arcade game released by Capcom in 1991 that rather loosely followed the legend of King Arthur and the eponymous Knights …read more Continue reading The Epic Saga of Hacking Knights of the Round→

what do these assembly code doing? [migrated]

Posted on May 21, 2021 by hanan

I tried to reverse engineer an apk app, and it was loading a native code. I have observed that the app was using the native code like this
public static String v = sUQWWyTBEs().toString().substring(32, 37);

the disassembled function sUQW… Continue reading what do these assembly code doing? [migrated]→