NEW BOT Телеграм, страница

تفاوت های مهم بین استک هیپ و خطاهای off by one رو بررسی میکنیم

توضیح stack overflow
استک جاییه که فریم تابع ها قرار میگیره و معمولا بافر های محلی اینجا ساخته میشن
استک overflow زمانی رخ میده که نوشته های بیش از اندازه به بافر محلی برسن و بخش هایی مثل saved rbp و saved return address رو بازنویسی کنه
در عمل این نوع باعث کرش سریع میشه و معمولا به صورت overwrite روی فریم جاری قابل مشاهده هست

توضیح کد استک

در این کد یک تابع بافر محلی داره و با strcpy مقدار وارد شده رو کپی میکنه
دیدن کرش و بررسی saved return address در gdb هست

کد استک فایل stack.c

#include <stdio.h>
#include <string.h>

void vuln(char *s) {
char buf[32];
printf("inside vuln\n");
strcpy(buf, s);
printf("buf says %s\n", buf);
}

int main(int argc, char **argv) {
if (argc < 2) {
printf("usage stack input\n");
return 1;
}
vuln(argv[1]);
printf("returned normally\n");
return 0;
}

دستورات اجرا و دیباگ مربوط به استک
این دستورات رو اجرا کنید تا کرش و فریم رو ببینید

gcc -g stack.c -o stack
gdb --args ./stack $(python3 -c "print('A'*80)")

داخل gdb

break vuln
run
info frame
x/40gx $rbp
backtrace

Part Three Buffer Overflow

We examine important differences between stack, heap, and off‑by‑one errors

Explanation stack overflow
The stack is where function frames are placed and local buffers are usually allocated
A stack overflow occurs when writes exceed a local buffer and overwrite areas like saved rbp and the saved return address
In practice this type causes a fast crash and is usually visible as an overwrite on the current frame

Explanation stack code

In this code a function has a local buffer and uses strcpy to copy the supplied input
You will see the crash and inspect the saved return address in gdb

Stack source file stack.c

#include <stdio.h>
#include <string.h>

void vuln(char *s) {
char buf[32];
printf("inside vuln\n");
strcpy(buf, s);
printf("buf says %s\n", buf);
}

int main(int argc, char **argv) {
if (argc < 2) {
printf("usage stack input\n");
return 1;
}
vuln(argv[1]);
printf("returned normally\n");
return 0;
}

Commands to build and debug the stack
Run these commands to see the crash and inspect the frame

gcc -g stack.c -o stack
gdb --args ./stack $(python3 -c "print('A'*80)")

Inside gdb

break vuln
run
info frame
x/40gx $rbp
backtrace

@reverseengine

❤3

232 viewsedited 19:18

ReverseEngineering

BlackSuit Ransomware Actors Breached Corporate Environment

https://cybersecuritynews.com/blacksuit-ransomware-vmware-esxi

@reverseengine

Cyber Security News

BlackSuit Ransomware Actors Breached Corporate Environment, Including 60+ VMware ESXi Hosts

The BlackSuit ransomware group, tracked as Ignoble Scorpius by cybersecurity experts, devastated a prominent manufacturer's operations.

❤3

293 views19:27

ReverseEngineering

The-power-of-Erasing-traces_WAF-Detection-and-evasion.pdf

464.8 KB

❤3

301 views19:56

ReverseEngineering

این کنفرانس در زمینه ی مهندسی معکوس و توسعه اکسپلویت‌ هست

This conference is about reverse engineering and exploit development.

https://www.youtube.com/@reconmtl/videos

@reverseengine

Youtube

- YouTube

Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.

❤3

274 views18:12

ReverseEngineering

Linux Kernel Rootkit

https://github.com/carloslack/KoviD

@reverseengine

GitHub

GitHub - carloslack/KoviD: Red-Team LKM

Red-Team LKM. Contribute to carloslack/KoviD development by creating an account on GitHub.

❤2

208 views06:06

ReverseEngineering

Loadable Kernel Module Linux

https://github.com/Trevohack/Venom

@reverseengine

GitHub

GitHub - Trevohack/Venom: A ring0 Loadable Kernel Module (Linux) for latest kernels 6.x

A ring0 Loadable Kernel Module (Linux) for latest kernels 6.x - Trevohack/Venom

❤2

178 views06:11

ReverseEngineering

https://blog.elmo.sg/posts/breaking-disassembly-through-symbol-resolution/

@reverseengine

Elma

Breaking Disassembly — Abusing symbol resolution in Linux programs to obfuscate library calls ️🎭

This research shows how we can trick disassemblers and debuggers into identifying the wrong import names by messing up metadata used in the lazy binding process

❤3

182 views06:35

ReverseEngineering

Windows Remote Execution Multitool

https://github.com/FalconOpsLLC/goexec

@reverseengine

GitHub

GitHub - FalconOpsLLC/goexec: Windows remote execution multitool

Windows remote execution multitool. Contribute to FalconOpsLLC/goexec development by creating an account on GitHub.

❤3

193 views06:40

ReverseEngineering

https://www.falconops.com/blog/goexec-dcom-madness

@reverseengine

FalconOps

GoExec v0.3.0 - DCOM Madness — FalconOps

GoExec - DCOM Madness

❤3

171 views06:40

ReverseEngineering

Windows Drivers Reverse Engineering Methodology

https://voidsec.com/windows-drivers-reverse-engineering-methodology/

@reverseengine

VoidSec

Windows Drivers Reverse Engineering Methodology

Methodology for reverse engineering Windows drivers, finding vulnerabilities and understanding their exploitability.

❤3

175 viewsedited 06:42

ReverseEngineering

Analysis Malicious Signed Driver

https://www.youtube.com/watch?v=NjXU-uH5P9Q

@reverseengine

❤3

176 viewsedited 06:45

ReverseEngineering

Best Anti-Debugging Techniques

https://www.apriorit.com/dev-blog/367-anti-reverse-engineering-protection-techniques-to-use-before-releasing-software#best-anti-debugging-techniques-from-apriorit

@reverseengine

Apriorit

Anti Debugging Protection Techniques with Examples

This article considers popular anti-cracking, anti reverse engineering protection techniques, namely anti-debug methods in Windows OS.

❤3

211 viewsedited 06:46

ReverseEngineering

Roadmap Zero Day Hunter پیش نیازها و پایه یادگیری عمیق زبان C و C پلاس پلاس درک ساختار حافظه stack و heap و calling conventions پروژه های ساده C برای نشان دادن فهم در گیت هاب خروجی ریپوی گیت هاب با چند پروژه کوچک فاز 1 سیستم عامل و حافظه درک virtual memory…

https://medium.com/firat-on-frontend/fuzzing-for-zero-day-vulnerabilities-step-by-step-understanding-676e71c2b72b

@reverseengine

Medium

🔐 Fuzzing for Zero-Day Vulnerabilities: Step by Step Understanding

✳️ What Is a Zero-Day Vulnerability and Why Does It Matter?

❤3

213 views18:30

ReverseEngineering

https://github.com/0xsp-SRD/ZigStrike

ابزار ZigStrike یک لودر شل‌‌ کد قویه که با زبان برنامه‌نویسی Zig نوشته شده این برنامه چند روش مختلف برای تزریق (injection) کد داخل فرایندای دیگه داره و قابلیت‌ هایی برای تشخیص و دورزدن محیط‌ های سندباکس محیط‌ های آزمایشی تحلیل ارائه میده از امکانات زمان کامپایل زبان Zig استفاده میکنه تا حافظه و داده‌ های شل کد رو به‌ شکل کاربردی اختصاص بده

ZigStrike tool is a powerful code loader written in Zig programming language. This program has several different methods for injecting code into other processes and provides the ability to detect and bypass the sandbox environments of experimental environments of time features. The compiler uses the zig language to allocate the memory and data of the code in the application form

@reverseengine

GitHub

GitHub - 0xsp-SRD/ZigStrike: ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection…

ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features. - 0xsp-SRD/ZigStrike

❤4

353 views18:49

ReverseEngineering

https://github.com/hakaioffsec/beerus-android

New Android BEERUS framework for dynamic analysis and Reverse Engineering

@reverseengine

GitHub

GitHub - hakaioffsec/beerus-android: BEERUS Framework for Android

BEERUS Framework for Android. Contribute to hakaioffsec/beerus-android development by creating an account on GitHub.

❤3

245 views18:56

About

Blog

Apps

Platform