Ferib's Blog
Modern software often deploys obfuscation as part of its anti-tampering strategies to prevent hackers from reversing critical components of the software. In this article, we will have a close look at two common obfuscation techniques to understand how they work and figure out how to deobfuscate/undo them.
For this article, I will combine all the tools I have created and perform a deep analysis of how well the most common virtualization is implemented. On top of that, I will also try to find out how we can make virtualization better and at which (performance) cost.
Today, April 12, 2021, I noticed a significant amount of DM's on my Reddit. People kept asking me to help them set up a crc32 bypass, a technique discussed in one of my previous blog posts. But why did so many people felt the need to bypass crc32 checks? and why did they started desperately asking me for help?
For this article I will start by taking a deep look into Lua 5.1 and then continue to create a Lua Decompiler from scratch in C#, not only will this be used to decompiler Lua, but it will also be used to identify and lift the Luraph instructions back to original Lua instructions (in Part 3).
In this series of articles, I will take you on a journey to show you a darker side of the programming world. A place that is fueled by money, script kiddies, and even more money. To prevent code from being cracked and resold, we must outsmart each other and develop security mechanisms that are either too hard to solve or take up to much time to solve. One of those security mechanisms are obfuscators, today will be all about why the need for obfuscators and how they work.
Thanks to reverse engineering, we can figure out how the Packet Tracer software works, and then modify the Packet Tracer binary to work in a way we want! The goal of this article is to improve Packet Tracer by making it more secure without the need for its source code.
After I found out that Packet Tracer is used as an official exam I had to look at how it works and how secure it is. But after a quick look, I noticed there wasn't much protection at all. Did the developers forgot to put it in, or did they think students at high school/college aren't capable of reversing such software?
Reversing and automating the McDonalds mobile game "FriesHit" by sniffing the network protocol and emulating the game packets to get free rewards.
Games often have neat anti-cheating system that prevents hackers from rewriting its codebase. Some games remap themself when it gets started and then puts protections in action. Inside the game's code are CRC32 integrity checks that scan memory regions (including the .text section of the game) to check whether the code has been modified.
Today I will be showing you how I have bypassed the integrity checks.
It's 7:30 am and you just got out of bed, rushing your way out of the house to catch the bus. You made it, you are now sitting on the bus and waiting for almost an hour to arrive at your destination. You keep staring at your phone, looking at the traffic app to see how long until your bus reaches its destination, but then something comes to mind, "could it be possible to manipulate the traffic application so I can get faster to work? or at least get a free ride?"
Just like any other student in a dorm, I often go out to eat because I'm too lazy to cook something and do the dishes after. The only thing that sucks about this is the price. So.. what if I could use my skills once more to take advantage of the McDonalds Mobile Application to reduce the costs of my food?
Just like any other student, I don't have much money. (Pretty ironic since my last post, but its true). Not so long ago, Apple released the new Apple Watch 5, a smart watch that is too expensive for me. So I was wondering if I could get this cheaper using my Reverse Engineering skills on a online webshop. And hell yeah was I right!
Just like any student, I'm too lazy to do anything school-related. Not that I'm dumb or unskilled, but just because I don't feel like doing anything for school. Now imagine you have been doing nothing all year long, and you just figured out you have an exam coming up next week, what do you do? cheating! "Work smart, not hard", right?
On a Saturday morning, as I am scrolling through my notifications I notice something, a message from my Bitcoin exchange bot. Five thousand dollars was added to my bitcoin wallet. This cannot be right, I think, as I re-read the notification. Five thousand dollars had indefinitely been added to my wallet. How could this be possible?