Collaborate Disseminate
I have a signed (using Windows signtool) executable which is hashed by SHA1 algorithm and encrypted using RSA. Now I like to verify the executable to avoid security vulnerabilities. For that I have an idea to get the hashing … Continue reading Does hashing a file consider its digital signature as well?
I am trying to improve my skills on buffer overflows and, this is my scenario:
There are 2 C string variables defined subsequently.
Both are taking user input; first one is a filename and the other is the arguments.
I am ab… Continue reading Using buffer overflow to execute a command in execlp()
We are scanning a third party library using a well know static analysis tool here.
We keep getting:
“Failure to Handle Missing Parameter CWE ID 234”
I’m not a C developer but I can’t see what is different or wrong with… Continue reading CWE-234 – Snprintf Missing Parameter issues
I need to read a wireshark file that is in (pcap) format and then my program detects arp spoofing and output a warning including the offending MAC address and the packet number of the offending packet. I wrote this but it is … Continue reading program to detect arp spoofing attacks [on hold]
When we first heard Nim, we thought about the game. In this case, though, nim is a programming language. Sure, we need another programming language, right? But Nim is a bit different. It is not only cross-platform, but instead of targeting assembly language or machine code, it targets other languages. So a Nim program can wind up compiled by C or interpreted by JavaScript or even compiled by Objective C. On top of that, it generates very efficient code with — at least potentially — low overhead. Check out [Steve Kellock’s] quick introduction to the language.
The fact that it …read more
I’m looking into binary obfuscation for an exectuable binary written in C++. I realize preventing cracks is impossible, but making it slightly harder would be nice.
No matter how complex the actual license scheme is, I can’t think of a wa… Continue reading C++ binary obfuscation: how to get around license checks being a simple if/then branches?
Background:
First time user of libemu for shellcode detection and emulation, I was only able to find a few and limited resources on the web.
Used a simple loader shellcode to test, and the two instruction (pop ecx and ret)… Continue reading Lib Emu – how to simulate dummy input data/network data
I am trying to understand the basic unlinc() exploit on the Heap (yes, I know its been patched for years now.) I think I understand conceptually what is happening. The chunk that is being un-linked from the doubly linked list… Continue reading Confused over unlink() macro for malloc, pictorially, I think I understand but lost in the logic
#include <stdio.h>
void secret()
{
printf(“Congratulations!\n”);
}
void echo()
{
char array[60];
scanf(“%s”, array);
printf(“You entered: %s\n”, array);
}
int main()
{
echo();
return 0;
}
above is the… Continue reading Not able to run the injected shellcode
#include<stdio.h>
void secret(){
printf(“entered secret function”);
}
void return_input()
{
char array[60];
scanf(“%s”, array);
printf(“%s\n”,array);
}
int main()
{
return_input();
return 0;
}
used this co… Continue reading Buffer overflow exploit is leading to Segmentation Fault