[HINT] BinaryNinja: how to view 2 IL views at the same time | reHex Ninja
Short blogpost about viewing 2 binary views (ghidra-like) in BinaryNinja| rehex.ninja
The fun adventure of running VSCode locally with purely native functionalities.| reHex Ninja
iOS Forensics Cheatsheet - reHex Ninja| rehex.ninja
Writeup - Cosy Casino - reHex Ninja| rehex.ninja
How to find the libc version without having its local copy.| rehex.ninja
How to perform the attack against the binary with randomized addresses of libaries in memory - ret2libc & pwntools by example.| rehex.ninja
!e MITM Proxy - reHex Ninja| rehex.ninja
radare2 / rizin cheatsheet| rehex.ninja
!e Fix Broken PE - reHex Ninja| rehex.ninja
Short blogpost about viewing 2 binary views (ghidra-like) in BinaryNinja| rehex.ninja
247CTF - The Secret Lock Writeup - reHex Ninja| rehex.ninja
Hello, this is the very first post of my new series where I will show the big potential of frida on practical examples.| rehex.ninja
Frida Cheatsheet - reHex Ninja| rehex.ninja
It is very easy to upload something to the Internet, but hard to delete. This is short story about searching for “deleted” resources in the Internet.| rehex.ninja
Note about qiling and basic usage| rehex.ninja
Let’s compare the most populare reverse-egineering with strong focus on personal usage: BinaryNinja, Ghidra, IDA and radare2.| rehex.ninja
Warmup Warmup : Welcome to securinets CTF In this task we are dealing with very simple function main: undefined8 main(void) { int64_t iVar1; undefined8 uVar2; uint32_t var_8h; undefined8 var_4h; write(1, 0x988, 0x1a); read(0, 0x201080, 0x31); iVar1 = strlen(0x201080); *(undefined *)(iVar1 + 0x20107f) = 0; var_8h = 0; strcpy(rsi, 0x201080); uVar2 = strlen(0x201080); memfrob(0x201080, uVar2); var_4h._0_4_ = 0; while ((int32_t)var_4h < 0x14) { var_8h = var_8h + (int32_t)(char)(*(uint8_t *)((int6...| rehex.ninja
[re] Snake (10) Description Short info about task: Name: Snake Difficulty: easy Score: 10 Flag should be in the format: HTB{username:password} Overview We have got the python script that is waiting for some username and password: $ python snake.py ___________.__ _________ __ \__ ___/| |__ ____ / _____/ ____ _____ | | __ ____ | | | | \_/ __ \ \_____ \ / \__ \ | |/ // __ \ | | | Y \ ___/ / \ | \/ __ \| <\ ___/ |____| |___| /\___ > /_______ /___| (____ /__|_ \___ > \/ \/ \/ \/ \/ \/ \/ The Snake...| rehex.ninja
Plugins worth installing| rehex.ninja
How to expose any port to the Internet without exposing your private IP (for free).| rehex.ninja
Prerequisities Make sure that you have dumped binary from memory (optionally) Fix PE headers if necessary Unmap With PE bear Open PE-bear > Sections > Section Headers Make sure that VA and VS matches RA and RS, so: RA[i] = VA[i] RS[i] = RA[i+1] - RA[i] RS.reloc = 0 VS[i] = RS[i] If you see some red blocks it means that PE is probably misalligned, check: Fix misalligned sections Fix misalligned sections Open binary in hex editor Go to the 1st section (on example above to 0x1000) Section should...| rehex.ninja
Linux echo 0 | sudo tee /proc/sys/kernel/randomize_va_space radare2 # disable ASLR & reanalyse dor aslr=no aaa Windows Windows 7 Open RegEdit Goto: HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\ Create new value (not a key): MoveImages with value 0. Reboot. Windows 10 Disable ASLR per file Set-Processmitigation -Name name.exe -Disable ForceRelocateImages Disable ASLR by default Search in Windows for: “windows defender Security Center” Click on the second icon fro...| rehex.ninja
Journey of finding ideal note-taking app TL;DR: If you want to transfer your bear notes to markdown goto Move your bear notes, if you want to emulate Bear multi-tagging check Multitagging support. Once upon a time I was using Bear.app for writing and organizing notes. It had really good features like multi-tagging and couple of other nice features like pseudo markdown support. Unfortunatelly a lot of things were bugged, developers slow in fixing them so I decided to move my notes from Bear to...| rehex.ninja
Structures C struct vs C++ class C struct functions are loosely correlated with paramaters, parameters are usually passed via pointer, it may look like array for struct with 2 identical parameters in struct, for structures created dynamically look for malloc with non-usual size. C++ class Find constructor, it have always 1 argument (this pointer -> thiscall), main() function have initialization function __main with ctor initlizers, after creation of class with new operator the class construct...| rehex.ninja
How to bypass the stack canary with . (dot) and scanf.| rehex.ninja
