SANS Holiday Hack Challenge started few weeks ago, and as usual I've decided to give it a go. This write-up can be seen as unorthodox solution for the "Hardware Part 2" challenge but it's actually just the result of me messing around with it. The itself challenge requires the player to somehow find the password for a elf access card management application and the solution is quite trivial. However, what I've decided to do after solving it, was to dig a little deeper inside the guts of the...

I've finally sat down on my ass to publish something, after watching this year's Joe Grand's talk at Defcon 32. For those who haven't, he talked about a password generation software called RoboForm, that he and his partner in crime Bruno had to partially reverse engineer, in order to recreate a password generated, 10 years ago that today locks $3 million in Bitcoin. That's the short story, the long one you can watch here https://www.youtube.com/watch?v=N2eKCAzM2kw and here...

Because this challenge is still active, in order to read the rest of this article you have to provide the HTB flag. The article will be freely available once this challenge gets retired on hackthebox.eu

Long time no see, eh? Seemed like I had nothing better to do this weekend so I've decided to check what's new (and unsolved) on Crackmes.one I've picked "pranav's FinalFight crackme", due to the high difficulty rating, but it turned out it's more annoying than difficult.

Reverse engineering and analysis of a scareware

I finally decided to try this one. Ok I lied. I tried it like, 2 years ago but never finished it, so the time has come.

Seems like I got the Stockholm syndrome, because even thought I dislike Java (and I really mean it), I'm starting to enjoy reverse engineering it. That's a terrible perspective and I should fight it back... but some other day.

How i defeated the GraxCode's obfuscation and solved the crackme.

I was again lurking for sweet, sweet reverse engineering challenges and stumbled upon these, released by Battelle. They have a set of challenges - one for reverse engineering, one for shellcode coding and one about forensics.

Just recently I found this challenge released by Ceaser Creek Software - a Ohio based software security company. The challenge is designed as entry level "interview" for potentially new employees. From their blog posts recently, it turned out they had to release a easier version of the original 2015 challenge, because attendees complained by the difficulty level of the first one. And like the Top Gear's host Jeremy Clarkson says minutes before everything goes awfully wrong - how hard could...

This is something I was planning for a long time. THIS ARTICLE IS A GIANT SPOILER! If you haven't completed the achievements already but plan to do it some day, you should stop reading it.

I was fiddling around with the application challenges of HackThisSite.org and it turned out the first few are compiled with REALbasic. Throwing in in IDA didn't help a lot, so here's an article about dealing with the blast of the past that REALbasic is. REALbasic was claimed to be the predecessor of Visual Basic 6, and like VB6 it end up in the garbage can.

The good old scaremongering threat, targeting the Bulgarian users has returned, and this time it's in brand new pants.

You know what's stupid in multiplayer games? Cheating. You know what's even worse? Selling cheat tools to assholes who cant play. So, in the next "few" lines, I'm about to take a look at a cheat tool for the game 7 Days To Die that not only ruin everyone's gaming experience, but costs only 15 Euro.

From quite some time already I got interested in the art of electronics and more specifically into hardware reverse engineering. Since I'm mostly interested in the device's firmware, I have to deal with EEPROM or Flash chips. MiniPro turned out to be my weapon of choice for reading or programming memory chips.

I've started this article with the idea to throw some light on the latest malware obfuscation trends.

A stretchy, but full solution to a .NET CrackMe by Grzzlwmpf.

Solution to MaxXor's KeygenMe V6, including full list of valid serials and keygen source.

Here's how i defeated that challenge. The crackme is seems to be written in assembly language (MASM/FASM?) so the code is pretty clear. As usual I've loaded the EXE in ollydbg to take a quick look over the code...

I'm continuing to play outdated games, and after completing Max Payne, I've remember about another first person shooter classic - Soldier of Fortune

While playing the first game of the series (the one released back in 1995) I've encountered a really annoying bug, when trying to unveil the fog of war in the map corners

I wanted to write this one, as a hint to everyone interested in cryptography and breaking into algorithms. It might not cover your current task, but at least you may get an idea for a exploit technique that will do the job.

Ever tried to play old games on a nowadays machine without any problems? Well yesterday I was bored and decided to play "Battlefield 1942". After executing BF1942.exe the screen just blinked for a second and then... nothing happened.

At the beginning of episode 5 from season 5, the scene where Wil Wheaton enters the shop, there is a large QR code on the seller's counter...

Few people already send me a samples of this one few weeks ago, so i decided it will become a nice material out of it.

So you like modding games, eh? Here's something for anyone interested in translating Zeit2. By default the game comes with the following languages included - English(Default), Spanish, Italian, French and Deutsch. The language file for any of these is named "Zeit2.resources.dll" and it's based to its own folder in Zeit2 directory, using the two letter ISO code of the acoording country. The English language, as default is hard coded into the engine files, but the rest like Deutsch is located...

After a week spent in analyzing, screenshooting, writing (and other things that i don't want to mention), i gladly present you this interesting material about defeating code obfuscation and "Lighty Compressor" unpacking of an old malware sample.

Ever wondered how to extract a SWF file from Adobe's Flash Projector? There is already both free and paid (LOL!) programs which should do the trick, but it's so easy that it doesn't worth the effort of downloading or paying (again, LOL!) for them. Flash projected SWF's are actually a standalone flash player, bundled with the original SWF. The projector contains only the needed flash runtime library, which is... what "bundling" mean.

A few days ago while unpacking some VIS3 archives from the game "A New Beginning" I noticed that all of its PNG files were broken. And by broken I mean you can't view them nor edit them. Seems like the authors wanted a little more protection on their huge amount of artwork (I really mean it, they put a lot of effort to draw and paint that game!) Of course if someone wishes to modify the game, for example - to translate it in some other than the original language, he will fail miserably, so...

Today I noticed that when you click on Torbutton with the left mouse button instead of starting the TOR support, a menu pops up - the same menu that you usually see when you click with the right mouse button. It turns out that Torbutton has updated itself two days earlier and this is a bug (or a feature?) of the new version. Since I don't like it this way, I decided to change it to the way it was before the update.