Sunday, October 20, 2013

CHR1X'S REVERSING CHALLENGE: vuln1.exe

Hello everyone,

I am here again, a little more active than the previous weeks. Now, I have a challenge for YOU. I've been very interesting for some time in Binary Analysis, as you may know this is not an easy task, and in order to complete such you must be able to understand C/ASM code mainly.


So, what's the challenge? The objective is not to trigger the vulnerability, in other words don't think that the target is to control EIP -which actually you can do it- but not for this case, instead, you should be able to describe the root cause of the vulnerability, how did you find it and the steps you found it using the tools of your election, say through a Debugger, IDA or whatever.

The target file is a simple executable that you can download from here:

http://www42.zippyshare.com/v/49161100/file.html

To have a most closer look about what I am expecting as a solving tutorial is something like this:

http://secunia.com/gfx/pdf/Binary_Analysis_813.pdf

I truly believe that these practices are very good to reinforce or learn new things related to binary analysis.

For those that join the challenge can send the solution to my mail. BTW, the submitted solutions will be published here.
Published by No comments:
Labels: , , , , ,

Friday, October 18, 2013

My new MalwareBytes - Anti-exploit T-Shirt!

Yep! I am very happy because I just got my MalwareBytes T-shirt. I really agree with such mindset of "Because every day is a zero-day". I really like it, look:


I would like to say thanks to Marcin and the MalwareBytes Team for giving me this nasty gift. 

But what is the MalwareBytes - Anti-Exploit product?

Well, this is a brand new product which can also be downloaded for free from here: http://www.malwarebytes.org/products/antiexploit/ and is basically a product that protects any exploit attempt against applications such as Browsers (Firefox, Chrome, IE, Opera) and other desktop-type applications such as Java, MS Word, VLC Player and more.

Here the screenshot:


This protection software reminds me to "The Enhanced Mitigation Experience Toolkit" (EMET). Here a good video to know what this product does: http://technet.microsoft.com/en-us/security/ff859539.aspx.

Would be good a benchmark like MB Anti-exploit vs EMET. ]¬)


Published by No comments:
Labels: , , ,

Thursday, October 17, 2013

Binary Auditing Training Package - Vulnerability Analysis Challenges (stack4.exe) - ImmunityDebugger

Hello mates, I am back again! Yeah, ph33r! hehe

Now, I am releasing the new video-tuto for the solution of stack4.exe which is part of the "Vulnerability Analysis Challenges" from http://www.binary-auditing.com.

This one was particularly tricky, since it has little things related to control codes, specifically about the CRLF characters. Seemed to be that was the simple assignation to EAX we have seen on the previous challenges but IS NOT, instead, the party is starting since we now need to redirect the program's flow execution. Oh yeah baby!!!!11 ]¬)

As always, if you have any questions or comments, please feel free to send me anything you want to my e-mail address (chr1x@izpwning.me) or better post your comments on the YouTube channel.



Previous Solutions/Challenges:

STACK1 - http://chr1x.izpwning.me/2013/08/binary-auditing-training-package.html
STACK2 - http://chr1x.izpwning.me/2013/09/binary-auditing-training-package.html
STACK3 - http://chr1x.izpwning.me/2013/09/binary-auditing-training-package_22.html
Published by No comments:
Labels: , , , , ,
Subscribe to: Posts (Atom)