📚
OpenRCE
is preserved as a read-only archive. Launched at RECon Montreal in 2005. Registration and posting are disabled.
About
Articles
Book Store
Distributed RCE
Downloads
Event Calendar
Forums
Live Discussion
Reference Library
RSS Feeds
Search
Users
What's New
Customize Theme
bluegrey
blackgreen
metal
simple
Flag:
Tornado!
Hurricane!
Login:
Password:
Remember Me
Register
Blogs
>>
Piotr
's Blog
Created: Friday, February 16 2007 05:33.57 CST
Modified: Friday, February 16 2007 05:36.02 CST
Printer Friendly ...
Some news
Author:
Piotr
# Views:
2689
The last university semester ended 2 weeks ago (for me, it seems pretty small part of guys was so lucky as i'm). Due to that fact i had something like 2 weeks of vacation. Well its better then no vacation at all :) So i got some time to make some computer things while having a free time.
So first of all, in next few days you should be able to see 3 critical bugs in some of very popular software. And there are some other cool bugs which you will be able to see someday.
Last 3 days, few hours each day, i was working on Aslan (4514N) subroutine mixer module. Its now ready, and shortly it can replace the position of any SUBROUTINE with other SUBROUTINE. This ability is an extended idea which i got some years ago while looking at W32.Ghost virus (i never played with DOS.Badboy but it seems it also uses such features). The order of subroutines sould be different every mutation (its randomized though). This should lead to n! different generations where n is a number of subroutines.
Also i have updated a bit my group swapping and instruction swaping module. Aslan can group some instructions in a group and then swap it with some other block. The same goes with single instructions. Of course the program works perfectly after such manipulation, because this action mostly relies on flag and register dependency (block versus block, instruction versus instruction).
Of course, i'm now going to think more about some meta stuff. So i should get on with it some free day too.
Anyway, you know, just single block mixing is still not enough for Halvar's bindiff :)
Ah and the new semester begins within few days :( <Booooo>
peace!
Add New Comment
Comment:
There are
31,328
total registered users.
Recently Created Topics
[help] Unpacking VMP...
Mar/12
Reverse Engineering ...
Jul/06
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Question about memor...
Dec/12
Recent Forum Posts
Finding the procedur...
rolEYder
Question about debbu...
rolEYder
Identify RVA data in...
sohlow
let 'IDAPython' impo...
sohlow
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
Recent Blog Entries
halsten
Mar/14
Breaking IonCUBE VM
oleavr
Oct/24
Anatomy of a code tracer
hasherezade
Sep/24
IAT Patcher - new tool for ...
oleavr
Aug/27
CryptoShark: code tracer ba...
oleavr
Jun/25
Build a debugger in 5 minutes
More ...
Recent Blog Comments
nieo
on:
Mar/22
IAT Patcher - new tool for ...
djnemo
on:
Nov/17
Kernel debugger vs user mod...
acel
on:
Nov/14
Kernel debugger vs user mod...
pedram
on:
Dec/21
frida.github.io: scriptable...
capadleman
on:
Jun/19
Using NtCreateThreadEx for ...
More ...
Imagery
SoySauce Blueprint
Jun 6, 2008
[+] expand
View Gallery
(11) /
Submit
Printer Friendly ...
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}