TrueCrypt – WTF

Just a day ago, without any clues that something was amiss, Truecrypt – arguably one of the worlds most popular encryption applications announced that it was no longer safe for people to use it. Instead the developers advised users to immediately begin looking for an alternative. to facilitate this they…

We were at PHDays!

One of our resident developers (xvilka) was at PHDays to do a talk (A fast-track one): Application of Radare2 Illustrated by Shylock and Snakso.A Analysis The speaker will present his experience of applying Radare2 — an open-source reverse engineering tool, and illustrate it by the examples of the Windows trojan…

Loading iOS binaries

There are several posts explaining the process to decrypt an iOS app, this is not new, but no one explained the instruction to do it with r2. We have no aim in promoting piracy or cracking, but that’s the only way to analyze applications from the AppleStore. Retrieving information First…

Javascript in r2

One of the most prominent scripting languages right now is Javascript. Browsers rule the Internet and they all can execute code in this language, in addition, several other programming languages like C, C++, Go, Wisp, CoffeeScript, TypeScript, LUA, Python, Perl, Dart, Java, … can be transpiled into JS. For those…

Episode 17

[this email was in response to a thread which started as a distress call over the unusually poor quality of CFP proposals. It is the start of some thoughts over how to “fix” the Info Sec Conference problem. ] X-Mailer: iPhone Mail (9A405) From: the grugq <thegrugq gmail com> Subject:…

Mitigations detection

Since the Smashing The Stack For Fun And Profit article from Aleph1, a lot has been done on mitigation side: canaries, DEP/W^X, PIC (to allow ASLR), RELRO, SafeSEH, … Because radare2 is also designed to be a present in the exploit writer arsenal, jvoisin implemented detection for some of those…

Getting the latest radare2

Since radare2’s developement is pretty quick, the recommended version is the current git, and not the stable one. At least if you want to play with it in a comfortable way. You can always install it from your favorite packet manager if you are lazy: we are packaged in a…

RSoC selections results

We’re the 8th of May, and as planned, this is the day we announce the selected applicants/tasks. Money Thanks to the crowfunding, we managed to get a fair amount of money, less than we hoped, but it’s still nice. Euros: 1347 EUR Bitcoin: 0.45 BTC Dogecoins: 123935 XDG We didn’t…

Countries

A couple of weeks ago, we did some aggressive advertisement for the RSoC. Time to take a look at the results. It seems that xvilka’s post on habrahabr attracted many peoples, then comes reddit and twitter. The lobbying on stackexchange is starting to pay. Most people are landing on the…

Cleaning up

By default sys/install.sh puts everything under /usr. Just to make things easier There are several reasons for this, but it may polute your system if you install multiple versions of r2 or use the one contained in the package system of your distro. If you want to remove previous installations…

x86 Capstone tests

As you may know, we are using the capstone as a disassembling engine for several architectures. We are even planning to use it as main engine and to ditch udis86. Since the x86 is one of the most common architecture, we want to be sure that the transition does’t break…

Install service for Malware affiliates and individuals

This install service was running since a long time but the server recently died.People targeted are from Russia, Ukraine, Belarus, Kazakhstan, and Uzbekistan.Login:Statistics by days:(Date, Unique visits, General visits)Statistics by countries:(Countries, Unique visits, Percentage, General visits)Statistics by version:(Version, Unique visits, Percentage, General visits)Statistics by time:(Time,  Users)Downloads:(Date, Already installed, ???? installed,…

Install service for Malware affiliates and individuals

This install service was running since a long time but the server recently died.People targeted are from Russia, Ukraine, Belarus, Kazakhstan, and Uzbekistan.Login:Statistics by days:(Date, Unique visits, General visits)Statistics by countries:(Countries, Unique visits, Percentage, General visits)Statistics by version:(Version, Unique visits, Percentage, General visits)Statistics by time:(Time,  Users)Downloads:(Date, Already installed, ???? installed,…

Install service for Malware affiliates and individuals

This install service was running since a long time but the server recently died.People targeted are from Russia, Ukraine, Belarus, Kazakhstan, and Uzbekistan.Login:Statistics by days:(Date, Unique visits, General visits)Statistics by countries:(Countries, Unique visits, Percentage, General visits)Statistics by version:(Version, Unique visits, Percentage, General visits)Statistics by time:(Time,  Users)Downloads:(Date, Already installed, ???? installed,…