Logo
RSS Feed

reverse

Overview

The idea of a buffer overflow attack is quite simple, though the implementation might initially be difficult to digest.

Binary Vulnerabilities And Exploits

In this article I will collect common binary vulnerability (expept for the bufferoverflow which has its own dedicated article) … .

Apple Mach-O

Binary info otool Using otool we can get general info about the Mach-O file: otool -h [app_name] > Mach header magic cputype cpusubtype caps filetype ncmds sizeofcmds flags 0xfeedfacf 16777228 0 0x00 2 115 11384 0x00218085 Quick refernce on the meaning:

Apple Mach-O

Binary info otool Using otool we can get general info about the Mach-O file: otool -h [app_name] > Mach header magic cputype cpusubtype caps filetype ncmds sizeofcmds flags 0xfeedfacf 16777228 0 0x00 2 115 11384 0x00218085 Quick refernce on the meaning:

Exploit Development

Process Steps Overview Fuzz and fins unusual behaviour Detect any possibility to overwrite crucial parts: EIP SEH Acces violations/invalid memory addresses etc Hijack Execution Eliminate bad characters Write PoC, spawning a reverse or bind shell, RAT or move to other systems.

Proccess Memory Layout

Intro At the very beginning of my career I found it hard to grasp the notion of memory layout and stack.

Compilation and Linking 🔗

In this article I am trying to reasearch compilation and linking process. Terms .cpp - is a human-readable file written in any programming language.

Exploit Development Env

This is about … .

The Lord of the Apple: The Return of the iPhone

📆 22/08/2021 , Sunday, ☁️ 🕰 11:21 AM. It was a cloudy Sunday morning. I was sleeping peacefully till 8:45 AM when my daughter started crawling all over me and my husband asking wether I am awake already… .

To Carry Out MockInv'estigation. Part 2

📆 16/06/2021 , Wednesday 🕰 09:21 PM. I had a 7-day license of Magnet AXIOM and I’ve decided to try this tool and compare it with others that I had.

How I Got Started With ARM

📆 Friday, 12th of March, 202 ⏰ 09:00 ☀️ It was a very deceptively sunny morning, children laughing and squeaking merrily.

Positive and Negative Numbers

Intro One’s complement Two complement

iOS Reverse Engineering

During forensic analysis it’s not too rare to run into some suspicious application. In this article I’m going to learn to reverse engineer iOS applications.

Reference vs Value

Lorem markdownum aequalis strigis. Saetigeri iubeas, vultu huic alvum nondum de obside ut laniavit arbor palmis, cum quin.

Mutable vs Immutable

>>> import ctypes >>> a = 5 >>> address = id(a) >>> address 4307917216 >>> ctypes.

Alloc8

So, there are some prerequisites that one needs to have in order to get this exploit.

Buffer Overflow

Calling 🤙 Conventions in x86

In this article I’m giving an overview of different calling conventions with examples. Intro Consider the following code snippet:

Checkm8

Expand… https://belkasoft.com/checkm8_glossary https://belkasoft.com/checkm8-troubleshooting https://belkasoft.com/checkm8

Flags

CF Its full name is carry flag. Its main purpose is to tell that the resulting number after some operations is too much to bear for the registry size.