Recon 2008 Material
 pmb <pmbureau gmail com> |
Wednesday, June 18 2008 09:35.13 CDT |
I was presenting at REcon last week, I had a great time! This conference is one of the best in my opinion. My slides are going to be on the conference's website anytime soon: http://www.recon.cx. The title of my presentation was "How I learned Reverse Engineering with Storm".
I am making available two *very* small python scripts here: http://pmbureau.g-noc.net/files/storm-recon.zip. The archive contains two files:
- call_generate_hash.py, a modified version of debugee_procedure_call.py from Paimei. The purpose of the script is to unpack a Storm variant in memory and then call its generate_hash function 32 times to generate all possible hash values used every day by Storm.
- translate_nuwar_peer.py, a quick function to decode peer information from Storm's configuration file.
For more information, please refer to the presentation slides.
Comments
| Posted: Wednesday, December 31 1969 18:00.00 CST | |