Browsing All Posts filed under »debugging«

Why Writing Firmware Is Kinda Like Software Exploitation

March 22, 2014 by

8

We’ve been away too long. We’re slacking…well not really. (Lawler did an excellent post recently on Power Analysis attacks , but we’re still slowly catching up on the blog…) We’ve just been busy… we’ve been doing quite a bit of embedded reverse engineering and vulnerability research consultation recently (in addition to your normal infosec stuff). […]

A Lackluster ‘Hack Cluster’: ARM Exploitation Lab Preview

March 1, 2012 by

2

As we have announced in other blogposts we’ve been researching mobile platforms quite a bit (specifically those that use the ARM microprocessor). We compiled all of our notes on ARM reverse engineering and ARM exploitation and built a course called “Practical ARM Exploitation” that we will be publicly debuting this coming week at CanSecWest.  The […]

Practical ARM Exploitation: A New Training

January 12, 2012 by

12

So….we heard Dino & Alex and Aaron & Zef were doing some blingin new trainings. So we felt we had to keep up with the rest of the New York Krew and do one….Ok, not really. We (the two Stephens) have spent a bunch of head-down time recently doing embedded research (as we mentioned in the […]

Hardware Hacking for Software People

August 25, 2011 by

7

For most of my career as a software developer/security researcher I’ve romanticized ‘hardware hacking’. In my late teens and early twenties as I was learning about software development and software security I would occasionally buy Nuts and Volts from Microcenter and read Karl Lunt‘s Amateur Robotics column. Having devoured William Gibson‘s oeuvre in my late […]

Javascript Malware Deobfuscation

November 23, 2008 by

0

So it turns out that there is a useful trick when working with and deobfuscating quasi-encrypted and obfuscated Javascript (like that seen in malware). The other Stephen observed that the function “COlescript::Compile()” in JSCRIPT.DLL is basically the place in the javascript interpreter that equates to an eval(). If you break here at runtime (like so) […]

Follow

Get every new post delivered to your Inbox.