Reverse Engineering / StackOverflow
Top Posts
- Excellent OllyDbg tutorials
- Install BackTrack Tools in Ubuntu
- Update a registry key for ALL users on a system
- winexe: a psexec-like client for accessing Windows from Linux
- XCA: Cross platform GUI for creating SSL certs with OpenSSL
- Useful OpenSSL Commands
- Format your Perl scripts using Perl-Tidy and Notepad++
- How to read the manufacturer’s serial number from a Hard Drive with Delphi --- and without WMI
- Free (and legal) SysInternals Source Code....
- Getting the BackTrack menu structure (and tools) in Ubuntu
Category Archives: OS Internals
API Hooking in Python
Some very cool Python to perform in process patching and trampolines to hook Windows API’s. http://www.rohitab.com/discuss/topic/37018-api-hooking-in-python/
Posted in OS Internals, Programming, Python, Windows
Leave a comment
Capturing credentials from ‘Encrypted RunAs’ software
There is a reason that the RunAs program doesn’t accept credentials on the command line…because people would embed passwords. Microsoft developer Raymond Chen writes: If this offends you and you want to be insecure and pass the password on the … Continue reading
Posted in OS Internals, Tech, Windows
Leave a comment
inception — unlock any machine via firewire and then defeat BitLocker, TrueCrypt, FileVault, etc
https://github.com/carmaa/inception Inception is a FireWire physical memory manipulation and hacking tool exploiting IEEE 1394 SBP-2 DMA. The tool can unlock (any password accepted) and escalate privileges to Administrator/root on almost any machine you have physical access to. Inception aims to … Continue reading
Posted in Apple, Linux, Network, OS Internals, Tech, Windows
Leave a comment
vdebug: cross platform debugger
vdebug google code site and more info here: http://visi.kenshoto.com/wiki/index.php/Vdb Essentially, vtrace is a cross-platform process debugging API implemented in python, and vdb is a debugger which uses it!
Posted in Linux, OS Internals, Programming, Windows
Leave a comment
DTrace on OS X
Great information on DTrace on OS X. There is a book. And some great scripts from that book.
Posted in Apple, OS Internals, Tech
Leave a comment
Dump Windows password hashes efficiently
Great information: http://bernardodamele.blogspot.com/2011/12/dump-windows-password-hashes_28.html This presentation on WCE Internals is also very good [PDF]
Posted in OS Internals, Tech
Leave a comment
Update a registry key for ALL users on a system
UPDATED April 23, 2013 – The script can now set REG_BINARY keys as long as they are in the format used by a regedit.exe export. For example: To set this binary value using the script, you would modify line 60 … Continue reading
Posted in OS Internals, Programming, Tech, Windows
Tagged hkcu, hkey current user, logon script, ntuser dat file
16 Comments
The Windows “App Paths” Registry Key
This was news to me. Basically, not every app has to be on your PATH to be launched via executable name only (from anywhere). For example, on my x64 Windows 7 machine, WordPad is located at: <C:\Program Files\Windows NT\Accessories\wordpad.exe> This … Continue reading
Posted in OS Internals, Tech, Windows
Leave a comment
Mac OS X auto-run locations
The smart people over at Malicious Streams have created a python script to show applications set to auto-start on your Mac at either boot or user login. I have also pasted the current version (0.6a) of the script below:
Posted in Apple, OS Internals
2 Comments
Does Windows have a Microkernel or Monolithic kernel?
Like most Unix systems, Windows is a monolithic operating system. Why? Because the kernel mode protected memory space is shared by the operating system and device driver code. But don’t take my word for it, from Microsoft’s Curriculum Resource Kit … Continue reading
Posted in OS Internals, Tech, Windows
2 Comments
