Tested with Ghidra 12.0.3 Introduction Let’s look at the following disassembly: 140001529 LEA RAX,[opcode_table]; opcode_table is at 0x140005080 I want to retrieve the data at 0x140005080...

Tested with Ghidra 12.0.3 Introduction List the code blocks of a randomly (or not; more information in previous post) choosen function and disassemble them. Also, the source(s) and destinatio...

Tested with Ghidra 12.0.3 Introduction Build the list of functions of a program and disassemble a randomly choosen one. To disassemble the function of your choice, set USE_RANDOM to False and...

Tested with Ghidra 12.0.3 Context I’ve spent the last years or so repeating to whoever wanted to hear it that One day, I’ll switch to Ghidra!. The thing is, I couldn’t switch abruptly because...

Tested with Ghidra 12.0.3 Start PyGhidra ./ghidra_12.0.3_PUBLIC/support/pyghidraRun Open or create a project Open the CodeBrowser window (only if it’s not already open): Cli...

Made an tested with an azerty keyboard; paths relate to Debian. In case of emergency Quit Vim: :q Quit Vim anyway: :q! Help: F1 (quit help: :q) Help about command: :help command If...

MalwareTech’s VM1 Tools: IDA Free 7.0 Download solution: main.py Sample: Get it here (or here) Context “vm1.exe implements a simple 8-bit virtual machine (VM) to try and stop reverse ...

ROP Emporium ret2csu Tools: IDA Free 7.0, gdb-gef, ropper, readelf Prerequistes: Stack frame Download solution: main.py Overview “The challenge is simple: call the ret2win() function,...

ROP Emporium pivot Tools: IDA Free 7.0, gdb-gef, ropper, readelf Prerequistes: Stack frame Download solution: main.py Overview “There’s only enough space for a three-link chain on the...

ROP Emporium fluff Tools: IDA Free 7.0, gdb-gef, ropper, readelf Prerequistes: Stack frame Download solution: main.py Overview “The concept here is identical to the write4 challenge. ...