challenge

Using DBI for solving Reverse Engineering 101 – Newbie Contest from eLearnSecurity

Published December 10, 2013 |

Introduction Last weekend I had some time so I wanted to have a look at a reversing challenge which you can find here: https://www.ethicalhacker.net/features/special-events/reverse-engineering-101-newbie-contest-webcast-elearnsecurity Reverse Engineering 101 Contest Steps Get the exe to be hacked Break it open and start exploring. The only rule for the challenge is that it has to be solved by […]

Posted in Malware and Reversing | Tagged C#, challenge, corelan, corelan-be-facebook, corelan-coder, corelancoder, crack, dbi, dynamic binary instrumentation, elearnsecurity, elearnsecurity-reverse-engineering, hexedit, ida pro, immunity, m0n0sapiens, patching, Peter Van Eeckhoutte, pin, reverse engineering, reversing

Reversing 101 – Solving a protection scheme

Published May 14, 2012 |

By Corelan Team (fancy)

In this post, we’ll look at an application reversing challenge from HTS (hackthissite.org) resembling a real-life protection scheme.
Put simple, the program creates a key for your username, and compares it to the one you enter.
The goal of the HTS challenge is to create a key generator, but I just want to demonstrate how to retrieve the password.
Continue reading →

Posted in Malware and Reversing | Tagged active-directory-schema-update-log, app17win-zip, breakpoint, challenge, corelan, corelan-be, corelan-be-ollydbg, corelen-be, crack, ctf, hackthissite, HTS, immunity debugger, keygen, ollydbg-tutorial-command-alt-f9, password, reverse engineering, reversing, reversing-challenge-2012, wargame

Metasploit Bounty – the Good, the Bad and the Ugly

Published July 27, 2011 |

By Corelan Team (Lincoln)

On June 14, 2011 HD Moore announced the Metasploit Bounty contest, offering a cash incentive for specific vulnerabilities to be submitted as modules in the Metasploit Framework. Titled “30 exploits, $5000 in 5 weeks”, a post on the Rapid7 blog lists the 30 “bounties” selected by the MSF team, waiting for someone to claim and submit a working exploit module.
Continue reading →

Posted in 001_Security, Exploits | Tagged advapi32.dll, aslr, asm, auriemma, bounty, carchive, cash, challenge, contest, debugger, dep, egg, egghunter, exploit, fix, genbroker, genclient, genesis, hd moore, heap, hmi, iat, iconics, immunity, incentive, integer, luigi, malloc, metasploit, meterpreter, mfc71u.dll, migrate, mona.py, ntsetinformationprocess, opcode, overflow, payload, peb, rop, rop.txt, ropfunc, scada, serialization, spray, stage, unicode, venetian, vtable, w00tw00t, windbg

The Honeypot Incident – How strong is your UF (Reversing FU)

Published January 31, 2011 |

By Peter Van Eeckhoutte (corelanc0d3r)

Interested in capturing, documenting and analyzing scans and malicious activity, Corelan Team decided to set up a honeypot and put it online. In the first week of december 2010, Obzy built a machine (default Windows XP SP3 installation, no patches, firewall turned off), named it “EGYPTS-AIRWAYS”, set up a honeypot + some other monitoring tools, and connected it to the internet.
Continue reading →

Posted in 001_Security, Exploits, Malware and Reversing | Tagged analysis, anti, challenge, compromise, conficker, corelan, debugger, debugging, engineer, game, honeypot, how strong is you uf, iat, isdebuggerpresent, malware, ms08-067, netapi, peb, reverse, reversing, svchost.ee, worm

HaXx.Me #3 – Corelan Team documentation

Published October 23, 2010 |

By Corelan Team (rick2600)

Last week (oct 17 2010), Lincoln (one of the Corelan Team members) informed the other team members about an ongoing hacking challenge (HaXx.Me #03) organized and hosted by MaXe (@intern0t). When I saw his message, it was already Sunday night and I knew I had to get up early the next day. Nevertheless I chose […]

Posted in 001_Security, Web Application Security | Tagged challenge, corelan team, corelan-team-vdo, haxx, haxx-me-01-intern0t-documentation-intern0t-on-blip, haxx.me, haxxme, haxxme-4-corelan, haxxxteam-a, intern0t, maxe, me3-key, owned, php-reverse-shell-rfi, root, shell, t00-haxx, used-burp-suite, wargame, web application

How strong is your fu 2 – the report

Published June 23, 2010 |

By Peter Van Eeckhoutte (corelanc0d3r)

For anyone interested, this is _sinn3r’s and tecr0c’s writeup of the steps they took to own 4 out of the 5 machines in last weekend’s HSIYF – Hacking for Charity cyber hacking challenge …
Continue reading →

Posted in 001_Security | Tagged -hack, challenge, corelan-how-srong-if-your-fu, ctf, cyber, cyber-hacker, hacking, hacking-challenge, hacking-ninja, how-strong-is-you-fu, how-strong-is-your-foo, how-strong-is-your-fu, how-strong-is-your-fu-offensive-security, how-strong-is-your-fu2, hsiyf, hsiyf-report, offensive, offensive security, offsec, report

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Using DBI for solving Reverse Engineering 101 – Newbie Contest from eLearnSecurity

Reversing 101 – Solving a protection scheme

Metasploit Bounty – the Good, the Bad and the Ugly

The Honeypot Incident – How strong is your UF (Reversing FU)

HaXx.Me #3 – Corelan Team documentation

How strong is your fu 2 – the report

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!