A walkthrough for the Secret Phase of the Bomb Lab covered in Open Security Training's Introduction to Reverse Engineering class. Read more.
Crackmes.de has a nice of collection crackmes, fun and educational challenges useful for honing your reversing skills. Looking at the latest submissions section there was a recently published Crackme by nlxx rated at difficulty 2. In this guide I will go over the static analysis based solution to this crackme and explain how to write a key generator. Read more.
A walkthrough for the Mystery Box Buffer Overflow challenge in the Open Security Training - Introductory x86 class. Read more.
The field of password cracking has evolved by leaps an bounds over the last decade with the introduction of new cracking techniques, more advanced software and significantly faster hardware. One area which I find most fascinating is rule-based cracking. An attacker can develop a set of word mangling rules (e.g. substitute all 'a's to '@'s, upper-case every third letter, etc.) in order to attack non-random passwords which use slightly modified dictionary words. The purpose of this research is to develop an automated method of analyzing a large body of leaked passwords in order to come up with a list of frequently used words and rules to make up passwords. Read more.