Installing MIASM on macOS

I’ve been reading the MIASM.re blog recently and I wanted to give miasm a try. The scope of this article is to provide guidance on how to build miasm on macOS and introduce miasm to my readers. Miasm is a free and open source (GPLv2) reverse engineering framework. Miasm aims to analyze / modify / generate binary programs. Here is a non exhaustive list of features: – https://github.com/cea-sec/miasm/ If you’re curious about miasm’s powers you should give these articles a quick read: ...

December 29, 2018 · 3 min · Denis Nuțiu

Keygenme or Not

Keygenme or Not is a cute reversing challenge I found on root-me.org. It requires an username and an activation key. I particularly enjoyed this challenge and decided to make a blog post about it. The twist of this challenge is that you can solve it without writing any code, thus the name ‘Keygenme or Not’. If you want to solve this challenge but you’re stuck you should definitely give it one more try because solving it is very easy. Come back if you’d like to see the keygen code and my thoughts about this challenge. Let’s imagine that this is in fact a useful program with poorly implemented protection. The program KMN is registered to the user ‘root-me.org’ and will work only with their key. Using any other combination of username and key won’t make the program work, even if they’re valid. ...

December 25, 2018 · 2 min · Denis Nuțiu

Practical Binary Analysis | No Starch Press

I started reading this book in november and it took me about two weeks to finish it. You should be a bit comfortable Linux and programming if you plan to give it a try. Here are my thoughts about it. What I like the most about this book is that it explains the subject in a straightforward and concise way! The author is a very knowledgeable security researcher and his work is state of the art! ...

December 12, 2018 · 2 min · Denis Nuțiu

Practical Binary Analysis – Crackme Walkthrough – Level 2

I’ve recently finished reading a book called Practical Binary Analysis which I consider a state of the art book (review will come soon) and I would like to post my solution to the crackme found in chapter 5. 1. A New CTF ChallengeComplete the new CTF challenge unlocked by the oracle program!You can complete the entire challenge using only the tools discussedin this chapter and what you learned in Chapter 2. After completingthe challenge, don’t forget to give the flag you found to the oracle tounlock the next challenge ...

December 2, 2018 · 6 min · Denis Nuțiu

cbm-hackers’s easy_reverse solution

As I continue my Reverse Engineering journey, I picked up some challenges from root-me and some from crackmes.one. This is a solution for a challenge that can be found here: easy_reverse it’s solution can be found at the bottom of this article, both with IDA Free and with GDB, so careful with the scrolling, it may spoil your challenge. A picture’s worth one thousand words! If you look at the screenshot from IDA you could already guess what the flag is. ...

November 16, 2018 · 2 min · Denis Nuțiu

HackTheBox Reversing: Find The Secret Flag

Hello, This challenge is not that hard but it’s quite confusing. To solve this challenge very quickly all you have to do is patch it in 2 places and then run it with different arguments until the flags get’s spiten out. Here’s a sample script that runs the binary 100 times with arguments from 1 to 100 [code language=”bash”] printf ‘start\n’ for i in {1..100} do printf “$i ” ./program “$i” | xxd -r -p printf ‘\n’ done printf ‘\nend\n’ [/code] ...

September 22, 2018 · 2 min · Denis Nuțiu

HackTheBox Reversing: Cake Challenge

Hello, If you open this binary in Binary Ninja or any other disassembler, you’ll see a that the flow is quite weird. After looking at the strings tab I found UPX listed in there, this explains the weird graph. UPX is an open-source packer. A packer is just a piece of software that compresses the binary, when the binary is run it will unpack itself. Packing an exe could reduce it’s size by 30% or so.. since UPX is free you could also use it to unpack binaries. Unpacking is left as a exercise to the reader (I’m lazy) ...

September 15, 2018 · 2 min · Denis Nuțiu

HackTheBox: Reversing: The Art Of Reversing

The Art of Reversing challenge was a fun and quick challenge! I did get the flag but I did not write a keygen for it, I didn’t even need to look under the hood in order to get the flag. The scheme is very simple actually. The days are represented by roman numbers. The letters are not the original and the number is read from right to left. Fuzzing with the input you can deduce the following values: ...

September 8, 2018 · 1 min · Denis Nuțiu

Root Me: Cracking: PE – 0 protection

Since this challenge has 0 protection we can easily solve it by searching for the string in the strings window of IDA. Select from the menu: View -> Open Subviews -> Strings then double click on the: .rdata:00404053 0000000D C Gratz man 🙂 Now you should be in the .rdata section on the binary, while the string is still selected, right click on it and click on: Xrefs graph to… this will give you a nice graph that you can look at. ...

September 2, 2018 · 3 min · Denis Nuțiu

Root Me: Cracking: ELF – 0 protection & ELF – x86 Basic

I’ve just found out about this amazing website which offers a wide variety of challenges. Here’s my solution for the first challenge, this one is extremely easy, you just have to pay attention to the assembly code: Observe that the password is in plaintext and is loaded into [ebp+s2]. [ebp+s1] is passed to [esp] and is a pointer to the getString function, I just assumed that the function gets a string from stdin and puts it into [ebp+s1]. ...

September 1, 2018 · 1 min · Denis Nuțiu