Posts

We covered a wide range of topics in earlier articles that were helpful in comprehending how many lower-level processes operate. This blog will concentrate on applying those ideas to recreate C program after reverse engineering a simple calculator binary. It is always a good idea to observe how the target software responds to various inputs. This gives you a sense of the internal logic that might be operating. If we run this program without any arguments, we will get an error message stating that we need to pass more arguments as well as the usage guide is printed....

In the previous blog, I discussed some of the basic C program’s disassembly structures, concentrating on the variables and their memory layouts. This article, a follow-up to the previous one, focuses on basic operations and functions in C programs. In the previous blogs, we have seen what an empty C program looks like void main() {} Disassembly: main: push rbp mov rbp, rsp nop pop rbp ret Arithmatic operators Now if we want to work with operations, we’ll have to add 2 local variables to the function....

Reverese engineering is a powerful tool for any software developer. However, as with any tool, it is only as good as the person using it. Understanding reverse engineering and how to use it is essential for both novices and seasoned developers. According to wikipedia, Reverse engineering, also called back engineering, is the process by which a man-made object is deconstructed to reveal its designs, architecture, or to extract knowledge from the object; similar to scientific research, the only difference being that scientific research is about a natural phenomenon....

PAM - What and Why Authenticating a user to a service used to be a time-consuming process. The application had to be aware of all possible authentication mechanisms and had to be rebuilt every time a new authentication method was introduced… As a result, there was a significant amount of code repetition. Naturally, it was disliked by everyone!! As a result, the concept of a middle-ware application responsible for user authentication to a service arose....

Audits are critical for system administrators to detect security violations and track security-relevant information on their systems. Anyone concerned about the security, stability, and proper operation of their Linux servers should conduct an audit. How to do auditing in linux One simple way is to use the history command to observe the shell’s history, but this has many limitations. One of them is that this command is only applicable to the current user....

Malware has been used numerous times by attackers to destroy a computer’s Master Boot Record, rendering it inoperable. By erasing the MBR, the machine is unable to load the operating system. There is no easy way to rewrite the Master Boot Record into place without an operating system, and the machine becomes completely useless and unrecoverable. In addition, many ransomwares infect the master boot record by overwriting it with malicious code....

Steps to generate a binary When we write a program using a language like C, it is not C source code which really gets executed. This C code passes through many steps and finally a binary file is generated out of it. This binary file is what gets executed on any computer. There are many steps through which a C code is converted into a binary file:- Pre-processing Compilation Assemble Linking Let’s follow these steps one by one to understand what they do to the C code and how a binary is generated via this....

This is Task 06 of the Eudyptula Challenge ------------------------------------------ Nice job with the module loading macros, those are tricky, but a very valuable skill to know about, especially when running across them in real kernel code. Speaking of real kernel code, let's write some! The task this time is this: - Take the kernel module you wrote for task 01, and modify it to be a misc char device driver. The misc interface is a very simple way to be able to create a character device, without having to worry about all of the sysfs and character device registration mess....

What is a malware? Malware, a portmanteu meaning malicious software, refers to any program that was created with the specific goal of doing harm. Your digital environment is vulnerable to a variety of terrible things, including attempts to compromise your computer or network, leak confidential data, and gain illegal access. These issues can occasionally be brought on by common software defects, but when malware is to blame, it poses a major risk to online users and businesses....

This is Task 05 of the Eudyptula Challenge ------------------------------------------ Yeah, you survived the coding style mess! Now, on to some "real" things, as I know you are getting bored by these so far. So, simple task this time around: - take the kernel module you wrote for task 01, and modify it so that when a USB keyboard is plugged in, the module will be automatically loaded by the correct userspace hotplug tools (which are implemented by depmod / kmod / udev / mdev / systemd, depending on what distro you are using....