[linuxkernelnewbies] Advanced reversing and programming [Archive] - RCE Messageboard's Regroupment

[Peter Teoh]

http://www.woodmann.com/forum/archive/index.php/f-2.html Anybody has used Microsoft Base Smart Card CSP yet? Achilles Heel in the Philosophy of Prometheus Boundless Security Paper Tough .NET protection Use flair tool PEB.Ldr - Unlinking an entry ARTEam: ActiveMark 62 and 63 Superior Inline Patching Method by SSlEvIN ResumeThread & WaitForSingleObject in combination leads to a problem... declspec (naked) usage in dll Control an application behavior FlexLM on PA-Risc CPU ... Help on SetWindowsHookEx Code Section Modified after ZwMapViewOfSection LINK: Bypassing Patch Guard 3 JDK classloader signature vs. JRE classloader signature help on finding kernel32.dll IDT Delphi Big Lib Signature Problem Help on IDT ARTeam: Generating Keys For TimePassages (EN/SP) by Nacho-Dj [help]function size a question from those who know how to develop drivers ARTeam: Signing Applications in ezMode for Symbian, by argv ARTeam: Primer on Reverse Engineering Symbian 3rd Applications v10, by argv good news for dk2/dk3 fans (deskey) ARTeam: searching for symbian reversers Wibu Gold Rolex Watch for Sale! Xenocode unpack assembler loader problem MACAddress FS Register Not quite hooking... reversing Qt programs Help discovering elements used to create a serial number Help about such a strange SEH trick Exotic Malware ? LINK: How to get the address of KeServiceDescriptorTableShadow Writing A Book On Computer Viruses Injecting Browser Helper Objects Remotely custom message on deletion of file... Accessing "in Use" Files == ? Some interesting papers and presentations from the 2008 CARO Workshop ARTeam: Primer on Reversing Jailbroken iPhone Native Applications v1.0 ARTeam: Symbian Unleashed IDS Files For IDA Pro, EPOC6 && EPOC9 from argv Implementing Custom Subsystem == ? creating win32 api == ? Executable being rebased like a dll? The VMware VIX API CSP patching problem ARTeam eZine Issue III Arteam: Improved Disasm Dll (olly Engine), by CondZero ARTeam: AMDUMPV6.2 V2.0 by CondZero Reversing Windows hook chains win32 c processor only needed Overshadow: A Virtualization-Based Approach to Retrofitting Protection .. Weird dll hook thanks to Vista SP1 hooking KiFastCallEntry Home made Java Virtual Machine Code Injection: Injecting an Entire C Compiled Application Hooking a member function from an injected DLL? SEH in Vista with ASLR? Reprise SW Vista x64 SP1 tcpip.sys runtime patching Question concerning .NET file format... Small Ndis miniport driver sample Vista Problem API Hooking Antidebuglib Enumerating 32-bit modules from an x64 application Crackz Nolan God help me out :P ARTeam: ArmaGeddon v1.0 Conceptual overview tool for unpacking Armadillo by CondZero using HID device in Driver and strange device corruption Binary radix tries Objective C assgin custom callback function to an edit field NASM - GUI related question Native NT Toolkit, First part (NDK headers) now available on Google Code .NET hooking NEW '_time' obfuscation area in FLEXlm v10 Two VM detection methods, reported by Sirmabus Reversing C++ ARTeam: Cracking & Unpacking ECompXL Packer V1 For Symbian Part3 by argv COM Interface problem! ARTeam: Cracking & Unpacking eCompXL packer V1 for Symbian Part2 by argv (x<<13) | (x>>3) ARTeam: Special Issue for SecuRom 7.30.0014 Take2 VM Analysis, deroko, 2kAD InTether Protection System Reversing...Reversing Kernel Code ARTeam: Cracking & Unpacking eCompXL packer V1 for Symbian Tool for check a valid PE Win32 File... ARTeam:ActiveMark62 Inline Patching by SSlEvIN (video tut) Run-time resolution of C++ virtual function addresses new ROCKEY? Reverse Engineering 'Reversity' Training Sessions - Free/Open Collection of anti debug tricks xml embed references. halp! :( LINK: Grafting Compiled Code: The Ultimate in Code Reuse HaspHL- Time Emulation Hangup need some help on a project... x64 and GetThreadContext() problems ARTeam: Macrovision InstallShield 2008 -Professional Edition [Short take] by condzero ARTeam: Notes on Reversing and Cracking Java Target Part 3 by ThunderPwr ARTeam: Boonty InSecure – Safecast 2.60.030 / FLEXnet dll Injection Method .NET strong name signature. brief insight into secu vm ARTeam: Notes on Reversing and cracking Java Target Part2 Decompiling Reverse Engineering at University ARTeam: Dumping & Analysis ActiveMark V6.2x by Condzero ARTeam: Special Issue For SecuRom 7.30.0014 Complete Owning, AnonymouS, Human, derok Windows Anti-Debug Reference, nice collection of anti-debug tricks A question about creating process VM Snapshot Comparison to detect hidden files Modifying an online game HASP4 TIMEHASP confusion ARTeam: Notes on Reversing and Cracking Java Target Cracking .NET Applications "Step-By-Step" Arteam Collection, 220mb Of Tutorials And Tools, by scherzocrk FlexLm signatures file v9.2 or v10 ARTeam: Reversing Of A Protection Scheme Based On Drivers: Sandboxie by Shub ARTeam: Symbian Symphony For 4 Crackmes And A Commercial Program, by Shub-Nigurrath Intel VT-x technology Looking for sentinel superpro 7.3 ida signature [ARTeam] generic unpacker source Keylok II Emu stuff Entropy ARTeam: AsProtect VM analyze HASPHL2006-7 & SENTEMUL2007 Mysteries of win32k & GDI Virit antivirus? sentinel superpro New WIBU Envelope v5.20 MIPS Decoding and Disassembly Emulator for old Hardlock algo.? Seedval Flexlm v11 StrongNameIdentityPermission CGI ASM to C? Recovering seeds vendor daemon HASP HL - envelope problem Sentdos, dongle dos application Critical Section in ASM? Howto? Virtual Debugging in VMware Sentinel RMS unknown sentinel spro api Alexander Sotirov security vulnerabilities video How does AVP scan this virus "Backdoor.Win32.CFour"? A nasty id/pass scheme MFC question Obfuscation on Windows as well as on Linux License sheme haSploGer - Hasp4 / HaspHL Loger by Xyrurg && sataron Differences in 32-bit exception handling on 32- and 64-bit host OS Recognize any of these functions? GetProcAddress for win32api func Test for stack or heap Windows Inner working. Windows Research Kernel IDA introduces full decompilation (to source code, yes) Generating Virtual Machine Code Different papers about SMC, polymorph code and anti trace code... understanding disassembler lc_init AVPX 3.30 by z0mbie FlexLM makekey Need help circumventing WinAPI Universal HASP Dump->To->Reg converter Change application icon Compiling FlexLm sdk ntoskrnl symbols foobared ? Driver installation Programically???Is it possible? Seed Key and Algorithms HASP calls remove bug problem [ARTeam-Tool] ARTeam UFD Password Revealer v1.0 flelxlm 9.5-what's use of vendor_info and dist_info Arteam: Primer on Reversing Symbian S60 Applications Calcseed ! CrackZ ! [ARTeam] TheMida r0 exploit [ARTUT] A Security Aspect Of USB Flash Drives Detouring DriverEntry / Self Debugging Building a Sentinel Pro Clone BlackBerry OS news: intercepting cellphone calls with service sms verisign tech reports How to load and then patch in 16 bit environments? Good old fashioned overlaying USING OLLYBONE IN WINDBG (experimental method) Windows User Mode Debugging Internals F*&king .NET Attaching / Detaching "on the Fly" ARTeam eZine #2 A question from who played with GINA ARTeam Special Issue: Primer on Reversing .NET Applications UNIQUE PROJECT...Looking for the BEST of the BEST to help! Weird tamper detection Algorithm Help Confusing code snippet Realtime systems and OS dependency Virtual Machine RE-building Speed up cracking process? AntiRootkit.com site Wininternals's Link I want to find out loaded DLL-name. Article: Software Security Through Targetted Diversification Deskey Dongle ARTeam: new tute on Removing Sentinel SuperPro dongle Problem reversing a call to function flexlm vendor_keys problem Hardlock Dump/Emulate who knows how to generates the VENDOR_INFO string from the license key? Inside Windows Rootkits Nice .net debugging tut eEye Research - Really Cool!!! Question: Trying to learn from a program called 'X' Reversing client-server application PEB ProcessHeaps element LINK: Pseudo unpacking stubs Well, I'm an idiot... Opcode Operand Sizes sentinel sdk documentation Ring 0 anti-debugger code in Daemon Tools? new uninformed released Vista Protected Applications Remotesoft's Salamander 1.1.6.0 (Native Compiling) A call for cooperation - AV Compiling code in memory Reverse Engineering Libraries Vendors Custom Decryption Software Key's Protection Plus LINK: Microsoft HotPatching Article Reverse Engineering Team Recruiting Singnatures signed by Verisign Fastread dumping error. SafeKey's *.FST data files format CrypKey in a .dll from Vise installer. ARTeam: New tutorials and the eZine Issue #1 (!!) Matt Pietrek's new article on debugging on x64 Dynamical byte manipulation of win32 executables C/C++ source for parsing PE header? DeviceIoControl problem One final masm question about register parsing Having a keygen compilation hex error...... Base-85 New Syser Debugger 1.3 Release Exports and kernel32.dll under w9x Olly: adapting menu-bar buttons... TLS callbacks getting IDT OllyDbg and Sysenter other serial input methods to break on? Need some advice, Stuck with algoithm to my reverse keycode writing a new driver for a certain protection