Many roads to IAT
A few days ago a friend approached me and asked how he could see the import address table under immunity debugger and if this could be done using the command line.
I figured this would be a good time to take a look at what the IAT is, how we can list the IAT and what common reversing hurdles could be with regards to the IAT.
Continue reading
In Memory Fuzzing
Introduction In memory fuzzing is a technique that allows the analyst to bypass parsers; network-related limitations such as max connections, buit-in IDS or flooding protection; encrypted or unknown (poorly documented) protocol in order to fuzz the actual underlying assembly routines that are potentially vulnerable. Prior to the development of my fuzzing toolset, I was unsatisfied […]
Backup & Restore Windows Server based Print Servers
After having to recover a broken Windows Server based print server yesterday, I decided to write this small article on how to set up print server backups, and describe the simple process of recovering the print server after a crash (or even roll back printer drivers in case a newly installed driver messes up your […]
How to restore a Windows 2003 DC using ASR and VMWare
The following procedure should work for any type of hardware, but I’ve used VMWare (so this procedure is also valid if you want to convert a physical Domain Controller to VMWare). Additionally, the procedure works for Windows 2003 server, but also for Windows XP (professional) Prerequisites : ASR backup .bkf file and the ASR floppy […]
AD 2003 DC Restore Technique using VMWare (without having to grant local DC/Domain Admin rights)
In certain distributed AD scenario’s, Domain Admins group membership or local DC admin privileges are restricted to certain people only. This is a good thing to do, but it requires you to think about certain issues before they happen. One of these issues is backup and restore. Yes, you can schedule a system state backup […]