Corelan Team (fancy)

Using DBI for solving Reverse Engineering 101 – Newbie Contest from eLearnSecurity

Published December 10, 2013 |

Introduction Last weekend I had some time so I wanted to have a look at a reversing challenge which you can find here: https://www.ethicalhacker.net/features/special-events/reverse-engineering-101-newbie-contest-webcast-elearnsecurity Reverse Engineering 101 Contest Steps Get the exe to be hacked Break it open and start exploring. The only rule for the challenge is that it has to be solved by […]

Posted in Malware and Reversing | Tagged C#, challenge, corelan, corelan-be-facebook, corelan-coder, corelancoder, crack, dbi, dynamic binary instrumentation, elearnsecurity, elearnsecurity-reverse-engineering, hexedit, ida pro, immunity, m0n0sapiens, patching, Peter Van Eeckhoutte, pin, reverse engineering, reversing

Reversing 101 – Solving a protection scheme

Published May 14, 2012 |

By Corelan Team (fancy)

In this post, we’ll look at an application reversing challenge from HTS (hackthissite.org) resembling a real-life protection scheme.
Put simple, the program creates a key for your username, and compares it to the one you enter.
The goal of the HTS challenge is to create a key generator, but I just want to demonstrate how to retrieve the password.
Continue reading →

Posted in Malware and Reversing | Tagged active-directory-schema-update-log, app17win-zip, breakpoint, challenge, corelan, corelan-be, corelan-be-ollydbg, corelen-be, crack, ctf, hackthissite, HTS, immunity debugger, keygen, ollydbg-tutorial-command-alt-f9, password, reverse engineering, reversing, reversing-challenge-2012, wargame

Installing Watobo on BackTrack 5

Published July 23, 2011 |

By Corelan Team (fancy)

Watobo author Andy Schmidt made 2 great videos about installing Watobo on Windows and on BackTrack 5.
I created a rather simple and short shell script to install Watobo on BT5. Nothing new, nothing sensational, just to alleviate the installation process.
Continue reading →

Posted in 001_Security, Pentesting, Web Application Security | Tagged andy schmidt, back-track-5-scripts, backtrack, backtrack-5, backtrack-5-gem1-8-install, backtrack-5-script, backtrack-5-scripts, backtrack-5-scripts-download, backtrack-scripts, backtrack-shell-scripts, blacktrack-team-sharing, install, install-ciso-di-backtrack-5, install-watobo-in-backtrck, jak-zainstalowac-ssh-c-ubiquity-backtrack, script, watobo, watobo-backtrack-install, watobo-was-created-by, www-remote-exploit-orgbacktrack_download-html

HITB 2011 CTF – Reversing Vectored Exception Handling (VEH)

Published April 3, 2011 |

By Corelan Team (fancy)

Today we will have a look at a CTF binary from HITB pre qualifications CTF 2011. This is an interesting binary to reverse because Vectored Exception Handling (VEH) was used in the challenge…
Continue reading →

Posted in 001_Security, Malware and Reversing, Uncategorized | Tagged -exploit-handler-part-6-1, 2011-hitb, corelan, ctf, ctf-hitb, ctf-reversing-unsolved-binaries, debug, exception, fancy, handler, hitb, hitb-2011, hitb-2011-ctf, hitb-2011-schedule, reversing-ctf, vectored, vectored-exception-handling, vectored-exception-handling-exploiting, vectoredexceptionhandle, veh

Codegate 2011 CTF – Binary200 – Anti Debugging Techniques Explained

Published March 14, 2011 |

By Corelan Team (fancy)

Aloha,

Again I stumbled upon a nice reverse-me, binary200 from the Codegate 2011 CTF.
And again there are some really interesting anti-debugging tricks implemented, so I decided to produce another video.
Continue reading →

Posted in 001_Security, Malware and Reversing, Video | Tagged anti, anti debugging, binary, binary200, bpexp, breakpoint, codegate, corelan, ctf, debugger, fancy, int 2d, ntglobalflags, ntqueryinformationprocess, peb, reverse engineering, reversing, seh, seoul, tls callback

Anti-debugging tricks revealed – Defcon CTF Qualifications 2009: Bin300 Analysis

Published February 27, 2011 |

By Corelan Team (fancy)

A while ago I stumbled upon an awesome write-up of a very nice CTF challenge created by sapheads: http://hackerschool.org/DefconCTF/17/B300.html I love cartoons, and I love reversing, so I decided to play a little bit with that binary (b300.exe) which was a lot of fun. Because some interesting anti-debugging tricks were implemented into the binary…
Continue reading →

Posted in 001_Security, Malware and Reversing, Video | Tagged a-new-anti-debug-trick-2011, analysis, anti debugging, anti-anti-debugging-tricks, anti-debug-tools-2011, anti-debug-tricks, b300.exe, binary, corelan, ctf, defcon, fancy, immunity-debugger-antidebug, index-of-tools-defcon, infosec-corelan, mona-py-defcon-movie, new-anti-debugging-trick-2011, offsec-defcon-videos, reversing, writing-debugger-ctf

WATOBO – the unofficial manual

Published July 23, 2010 |

By Corelan Team (fancy)

WATOBO is intended to enable security professionals to perform highly efficient (semi-automated) web application security audits. I am convinced that the semi-automated approach is the best way to perform an accurate audit and to identify most of the vulnerabilities. WATOBO has no attack capabilities and is provided for legal vulnerability audit purposes only. It works […]

Posted in 001_Security, Papers, Web Application Security | Tagged 001_Security, active, active checks, audit, base64, decode, encode, filter, filter functions, functions, fuzzer, interceptor, login, passive, passive checks, proxy, regex, requests, scan, scanner, semi, semi automated, session, vulnerability, watobo, watobo supports, web application

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Using DBI for solving Reverse Engineering 101 – Newbie Contest from eLearnSecurity

Reversing 101 – Solving a protection scheme

HITB 2011 CTF – Reversing Vectored Exception Handling (VEH)

Codegate 2011 CTF – Binary200 – Anti Debugging Techniques Explained

Anti-debugging tricks revealed – Defcon CTF Qualifications 2009: Bin300 Analysis

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!