simpleuser

- friends
871 link karma
61 comment karma
send messageredditor for
what's this?

TROPHY CASE


  • Two-Year Club
sorted by:
new
hottopcontroversial

PE 101 - a windows executable walkthrough by simpleuserin ReverseEngineering

[–]simpleuser[S] 0 points1 point ago

awesome!

PE 101 - a windows executable walkthrough by simpleuserin ReverseEngineering

[–]simpleuser[S] 1 point2 points ago

blank? weird, works with sumatra or acrobat... what's your viewer ?

75
76

PE 101 - a windows executable walkthrough (pe101.corkami.com)

submitted ago by simpleuser to ReverseEngineering

11
12

Peter's Ferrie VirusBulletin paper on 32b&64b file infector Sofia/Amfibee (its source is in vx-zine Valhalla 1) (pferrie.host22.com)

submitted ago by simpleuser to ReverseEngineering

How not to write python, Part 1. - Thanks Adobe. by John_Mirrain programming

[–]simpleuser 1 point2 points ago

ignoring the j48 generated code, the PE parsing itself is worrying - for a 'malware classifier' - to say the least: it will just instantly crash if the PE has less than 2 sections, or no Data Directories, which is not uncommon with malwares or packers.

the Portable Executable format, on Windows (with Flash slideshows) by simpleuserin programming

[–]simpleuser 0 points1 point ago

I don't think all files need their own slideshow. Let me know - by answering this comment - which file requires one.

Opcodes' tables (instruction set maps) of Android, Java, .Net, x86, x64 by simpleuserin programming

[–]simpleuser[S] 0 points1 point ago

you don't - these charts just explain the encoding of the mnemonics, not the operands (which might be very complex in some cases).

Opcodes' tables (instruction set maps) of Android, Java, .Net, x86, x64 by simpleuserin programming

[–]simpleuser[S] -1 points0 points ago

yeah maybe i'll only provide it as PDF (which is a vector format, so much smaller than PNG yet perfect image), and imgur has a 1 Mb limit anyway.

Opcodes' tables (instruction set maps) of Android, Java, .Net, x86, x64 by simpleuserin programming

[–]simpleuser[S] 1 point2 points ago

well throw and exceptions mechanisms are not 'direct' flow change IMO... but it's tough to define correct categories TBH.

at least, you can suggest better, and you're free to modify the original files if you want your own version anyway.

Opcodes' tables (instruction sets maps) of Android, Java, .Net, x86, x64 by simpleuserin ReverseEngineering

[–]simpleuser[S] 2 points3 points ago

it's planned in the next release ;)

Opcodes' tables (instruction set maps) of Android, Java, .Net, x86, x64 by simpleuserin programming

[–]simpleuser[S] 2 points3 points ago

i didn't know php had a VM. is it worth making a map of it ?

Opcodes' tables (instruction set maps) of Android, Java, .Net, x86, x64 by simpleuserin programming

[–]simpleuser[S] -1 points0 points ago

why?

Opcodes' tables (instruction set maps) of Android, Java, .Net, x86, x64 by simpleuserin programming

[–]simpleuser[S] 2 points3 points ago

not yet. I started it, but I can't work on it for now (just doing that at home as a hobby), so I released it as is.

thanks.

33
34

Opcodes' tables (instruction sets maps) of Android, Java, .Net, x86, x64 (opcodes.corkami.com)

submitted ago by simpleuser to ReverseEngineering

247
248

Opcodes' tables (instruction set maps) of Android, Java, .Net, x86, x64 (opcodes.corkami.com)

submitted ago by simpleuser to programming

Messing with x86 opcodes by cavedavein ReverseEngineering

[–]simpleuser 0 points1 point ago*

I added subtitles http://www.universalsubtitles.org/en/videos/MCGL8ABJUdv7/info/-days:%20Ange%20Albertini:%20Such%20a%20weird%20processor%20-%20messing%20with%20x86%20opcodes/ (new link)

Messing with x86 opcodes by simpleuserin programming

[–]simpleuser[S] 0 points1 point ago

thanks a million!

I used your subtitles as a base.

Messing with x86 opcodes by simpleuserin programming

[–]simpleuser[S] 2 points3 points ago*

it's now with complete english subtitles + extra comments http://www.universalsubtitles.org/en/videos/MCGL8ABJUdv7/info/-days:%20Ange%20Albertini:%20Such%20a%20weird%20processor%20-%20messing%20with%20x86%20opcodes/ (new link)

Messing with x86 opcodes by simpleuserin programming

[–]simpleuser[S] 1 point2 points ago

check http://code.google.com/p/corkami/wiki/InitialValues

Messing with x86 opcodes by simpleuserin programming

[–]simpleuser[S] 2 points3 points ago

I'll try to make subtitles (I'm the presenter), but I'm no video expert: if you can recommend a specific software to make subtitles from a youtube video? I'm all ears.

Messing with x86 opcodes by simpleuserin programming

[–]simpleuser[S] 3 points4 points ago

check http://x86.corkami.com , all opcodes are there.

the debuggers usually don't crash (they fail because of PE characteristics though), they just can't disassemble but they still let you step through blindly.

Messing with x86 opcodes by simpleuserin programming

[–]simpleuser[S] 4 points5 points ago

I understand your point, but most of the audience was not familiar with that (I asked at the start of the video) I was initially planning to skip forward that part.

25
26

Messing with x86 opcodes (youtube.com)

submitted ago by simpleuser to programming

19
20

Portable Executable oddities (with binary and source) [updated] (code.google.com)

submitted ago by simpleuser to programming

15
16

Portable Executable oddities (with binary and source) [updated] (code.google.com)

submitted ago by simpleuser to ReverseEngineering

view more: next

Use of this site constitutes acceptance of our User Agreement and Privacy Policy. © 2012 reddit inc. All rights reserved.

REDDIT and the ALIEN Logo are registered trademarks of reddit inc.

π Rendered by PID 22723 on app-46 running e1a6304.