Tag Archives: reverse engineering

Reverse Engineering with JavaScript


via Reverse Engineering with JavaScript | NowSecure Blogs.

I’ve been doing a lot of reverse engineering and very often there’s this common thing coming up: I would really like to have a tool for this because I need to look at this particular API, or look at what would happen if I do this vs that, etc.

Binglide: Visual reverse engineering tool showing some of the current techniques.


via wapiflapi/binglide · GitHub.

binglide is a visual reverse engineering tool. It is designed to offer a quick overview of the different data types that are present in a file. The screenshot bellow shows a small portion of the php5 binary that has a weird signature pattern:

Exercises for learning Reverse Engineering and Exploitation.


via wapiflapi/exrs · GitHub.

All the sploit exercices are designed to be solvable with NX+ASLR without being dependant on which libc is used. The idea is you should only interact with stdin / stdout as if it was a remote service, argv & env is not needed for exploitation.

Of course you can still do whatever you like, have fun!

A multiplatform open source Binary Analysis and Reverse engineering Framework


barf README directory structure fixed. 5 days ago
pyasmjit Initial commit. 11 days ago
LICENSE Initial commit. 11 days ago
README.rst README update. 3 days ago

BARF Project

So far the BARF Project is composed of the following packages:

  • BARF : A multiplatform open source Binary Analysis and Reverse engineering Framework
  • PyAsmJIT : A JIT for the Intel x86_64 architecture.
  • BARFgadgets : A tool built upon BARF that lets you search, classifiy and verify ROP gadgets inside a binary program. More information in barf/tools/gadgets.

All packages were tested on Ubuntu 12.04 and 14.04 (x86_64).

A combination of an IDAPython Plugin and a control version system that result in a new reverse engineering collaborative addon for IDA Pro


IDASynergy First public release 5 days ago
LICENSE few little modifications 5 days ago
README.md another little readme modification 5 days ago
__init__.py First public release 5 days ago
idapythonrc.py First public release 5 days ago

IDASynergy by Cubica Labs

Prerequisites

PySide for IDA Pro, specific for your IDAPython version.

Pysvn

Installation

To install IDASynergy, copy the contents of the source tree to:

%APPDATA%\Hex-Rays\IDA Pro\

WARNING: If you already have an idapythonrc.py under that directory, just add the contents of idapythonrc.py to it.

Then launch IDA Pro as usual. You will find IDASynergy under both the FILE and OPTIONS menus.

Directory Structure

As a recommendation for the organization of IDASynergy projects, it is encouraged to use the following directory-structure. This is just a recommendation, you could obviously have all your local repositories together in a svn directory somewhere. But for starters, you can use this:

C:\path\to\your\binary.exe
C:\path\to\your\binary.idb
C:\path\to\your\local_repo\

So the local repository is in the same directory, but the IDB and the .dat files generated by IDASynergyare not in the same subdirectory. This is recommended so you don’t commit the idb by mistake. Just that.

Initial Checkout

SVN users:

  • If this is the first commit of the project, please use the “IDASynergy SVN Commit” option in the File menu
  • If you need to checkout the project, please use the “IDASynergy SVN Checkout” option in the File menu
  • If the project is already checked-out in your local copy, use the “IDASynergy Load from local repository” option instead
  • You can update the local copy without leaving IDA Pro by using the “IDASynergy SVN update” option

Non-SVN users:

If your version control software is not SVN, you will need to manually manage your repository

  • Use the “Load from local repository” option whenever you want to import changes to IDA

Known Security Issues

There are two known security issues in this software, that we’re going to fix in the releases to come:

  • If the SVN server’s security certificate is not signed, we accept it without user verification.
    • This allows for MITM attacks
  • We store the password in plain-text on the config file.
    • If your machine gets owned, the password can be retrieved with no effort.