basic execution of qiling

In this segment we will take a sample code from the how to and try to execute according to our own. In this test, we will try to perform an simple addition and see how it goes. The below tutorial will be a very basic entry into the qiling framework where we will perform a simple addition. addition To perform the addition, following code will be executed onto the CPU.

Continue reading

push and search data

In this part, we will try to push a value on to the stack and will try to read it. We will assembly code mov eax, 0xdead mov ebx, 0xbeef push eax push ebx We get the below raw bytes (there are various websites from which you can do this, if you do not know how to generate the raw bytes.): B8ADDE0000BBEFBE00005053 Now we will try to execute the code below and try to read the values found in the register:

Continue reading

set registers using python

In this section we will use another code to push and set various variable into the emulator prior running the code and set appropriate registers and stack so that we can simulate the code. In the previous writeup, we have used rar bytes code from the In this segment we will just add values for a predefined value in eax and ebx. The below segment uses asmmethod found from pwntools .

Continue reading

pwnable.kr -> random

The solution of this challenge is quite simple as you will be given all the information in the code from where we will have to get the password. We will need to use XOR operations to find out what is the password for this code. code code for this challenge is given below: $ cat random.c #include <stdio.h> int main(){ unsigned int random; random = rand(); // random value! unsigned int key=0; scanf("%d", &key); if( (key ^ random) == 0xdeadbeef ){ printf("Good!

Continue reading

In the windows environment, to escalate privilege various information about the target system is needed. Unfortunately Windows systems are not as easy as Linux specially in the case of terminal and obtaining information from the shell. Everything in Windows systems seems twisted and made intentionally complex. You will have to remember a lot of tools other commands just to grab the basic informations about the system. Below I have listed down some of the commands which should help.

Continue reading

pwnable.kr -> passcode

This is bit of a simple challenge but the concept here is the very important and might be bit difficult to grasp. Here the code part is interesting as the developer in this case forgets to pass on the reference to the variable which we can weaponize and take control of the program. Without the reference or & sign the scanf function treats the variable as a pointer and tries to write information to that address where is “pointing to”.

Continue reading

rappel intro

Rappel is a wonderful for understanding the basics of assembly language. Initially assembly language is quite challenging to understand for the programmer as all these registers are quite confusing. Specially it becomes more difficult because the programmer is now limited to using only handful of variables where as in other languages, the number declaring variable appears to be unlimited. After we download and run the rappel, we can see that

Continue reading

Author's picture

rezaur rahman

just thinking out loud to help others

cybersecurity researcher

Mars