Collaborate Disseminate
I’m trying to dig a bit more into dynamic malware analysis and currently need to decide which tool to use.
Cuckoo sandbox looks like the standard but it is certainly easier to detect than introspection. As VM introspection is… Continue reading Cuckoo sandbox vs VM introspection for malware analysis
Environment:
Physical workstation, HP, Dell, etc
Windows 7,8,10, no matter
Windows executables
Our goal:
For additional privacy, is it possible to wipe/change all configuration that can be read by windows executable? (I… Continue reading Masking configuration of physical workstation
If you are used to coding with almost any modern tool except the Arduino IDE, you are probably accustomed to having on-chip debugging. Sometimes having that visibility inside the code makes all the difference for squashing bugs. But for the Arduino, most of us resort to just printing print statements in our code to observe behavior. When the code works, we take the print statements out. [JoaoLopesF] wanted something better. So he created an Arduino library and a desktop application that lets you have a little better window into your program’s execution.
To be honest, it isn’t really a debugger …read more
Continue reading Debugging Arduino is Painful: This Can Help
I wrote a simple program in C, compiled it, opened it in gdb, set a breakpoint at line 11 and inspected the stack.
1 #include<stdio.h>
2
3 int main(int argc, char *argv[]){
4 char arr[4] = “AABB”;
5 i… Continue reading Why does my stack contain the return address to __libc_csu_init after main is initialised?
I need to overflow a buffer with a specific value that contains 0x08. If I use echo -ne “AA\x08A”, the output is AA, as the backspace character and one A are removed.
How do I copy this value into the input of my vulnerable … Continue reading How to copy BS character (0x08) to input for buffer overflow in GDB?
I’ve always appreciated simulation tools. Sure, there’s no substitute for actually building a circuit but it sure is handy if you can fix a lot of easy problems before you start soldering and making PCBs. I’ve done quite a few posts on LTSpice and I’m also a big fan of the Falstad simulator in the browser. However, both of those don’t do a lot for you if a microcontroller is a major part of your design. I recently found an open source project called Simulide that has a few issues but does a credible job of mixed simulation. It allows …read more
Continue reading Simulate PIC and Arduino/AVR Designs with no Cloud
I am testing Netwide Assembler(NASM) and verifying the latest bug [CVE-2018-10254] Stack-buffer-overflow (out of bound read).
I am trying to overwrite the EIP/RIP and make it crash but I don’t know why it is not crashing wit… Continue reading How to extract the information about the stack or EIP/RIP registers from the ASAN (sanitizer) crash output?
We’ve got a small box of microcontroller programmers on our desktop. AVR, PIC, and ARM, or at least the STMicro version of ARM. Why? Some program faster, some debug better, some have nicer cables, and others, well, we’re just sentimental about. Don’t judge.
[Dmitry Grinberg], on the other hand, is searching for the One Ring. Or at least the One Ring for ARM microcontrollers. You see, while all ARM chips have the same core, and thus the same SWD debugging interface, they all write to flash differently. So if you do ARM development with offerings from different chip vendors, you …read more
We’ve got a small box of microcontroller programmers on our desktop. AVR, PIC, and ARM, or at least the STMicro version of ARM. Why? Some program faster, some debug better, some have nicer cables, and others, well, we’re just sentimental about. Don’t judge.
[Dmitry Grinberg], on the other hand, is searching for the One Ring. Or at least the One Ring for ARM microcontrollers. You see, while all ARM chips have the same core, and thus the same SWD debugging interface, they all write to flash differently. So if you do ARM development with offerings from different chip vendors, you …read more
Got $4,000 to spend? Even if you don’t, keep reading — especially if you develop with FPGAs. Exostiv’s FPGA debugging setup costs around $4K although if you are in need of debugging a complex FPGA design and your time has any value, that might not be very expensive. Then again, most of us have a lot of trouble justifying a $4,000 piece of test gear. But we wanted to think about what Exostiv is doing and why we don’t see more of it. Traditionally, debugging FPGAs meant using JTAG and possibly some custom blocks that act like a logic analyzer …read more