Reverse Engineering

The art of taking apart a binary, to understand the execution process. Potentially modifying the execution flow to our will.

Exploiting CVE-2017–8759: SOAP WSDL Parser Code Injection

Note: this was posted back in 2017 and was the first post and release of fully weaponised code Introduction CVE-2017–8759, the vulnerability recently discovered by FireEye as being exploited in the wild is a code injection vulnerability that occurs in the .NET framework when parsing a WSDL using the »

Backdoor 103: Fully Undetected

Note: this was posted in March 2016 Introduction In this episode of Backdoor 103, we will be discussing signatures, how to break them, provide a tutorial on how to make your own and show a working proof of concept. When referring to antivirus scanners, everyone mentions “signatures” and how they »

Backdoor 102

Note: this post was created on September 2015 Introduction This episode of Backdoor will consider the idea of analysing shell code to find areas which can be easily split into multiple smaller pieces of shell code. This will allow a larger piece of shell code to be split easily into »

Backdoor 101

Note: this post was made in September 2015 Introduction This method approaches a basic technique in a diverse way. This process does not utilize any advanced mechanisms such as shell code obfuscation, code cave region splitting or ROP. This paper presents the concept of hooking ExitProcess to redirect execution flow »