ROP Emporium pivot Tools: IDA Free 7.0, gdb-gef, ropper, readelf Prerequistes: Stack frame Download solution: main.py Overview “There’s only enough space for a three-link chain on the...

ROP Emporium fluff Tools: IDA Free 7.0, gdb-gef, ropper, readelf Prerequistes: Stack frame Download solution: main.py Overview “The concept here is identical to the write4 challenge. ...

ROP Emporium badchars Tools: IDA Free 7.0, gdb-gef, ropper, readelf Prerequistes: Stack frame Download solution: main.py Overview “An arbitrary write challenge with a twist; certain i...

ROP Emporium write4 Tools: IDA Free 7.0, gdb-gef, ropper, readelf Prerequistes: Stack frame Download solution: main.py Overview “In this challenge […] we’ll be looking for gadgets tha...

ROP Emporium callme Tools: IDA Free 7.0, gdb-gef, checksec Prerequistes: Stack frame Download solution: main.py Overview “[…] You must call callme_one(), callme_two() and callme_three...

ROP Emporium split Tools: IDA Free 7.0, gdb-gef, checksec, ropper Prerequistes: Stack frame Download solution: main.py Overview “You can do the […] 64bit challenge with a 3 link chain...

ROP Emporium ret2win Tools: IDA Free 7.0, gdb-gef, checksec Prerequistes: Stack frame Download solution: main.py Overview “[…] there is a magic method we want to call and we’ll do so ...

Context Information related to the PE header I collected here and there. My favorite resources on the subject, however, are Goppit and Iczelion’s tutorials (both available on tuts4you), but it’s j...

This page centralizes the current status of my writeups about samples from the book Practical Malware Analysis. Some of them are quite lengthy because I can’t help myself when it comes to go down t...

Overview Filename Size MD5 Lab09-02.exe 24 KB 251f4d0caf6eadae453488f9c9c0ea95 TL;DR: The malware has to be renamed ocl.exe i...