Visual mode

One of the main complain we get about radare2 is that it has no GUI. Maybe we’ll get one someday, but for now, if you don’t like the CLI, you can use the visual mode, by entering V. Like with very command in r2, you can get help with the…

Binary diffing

Yesterday, a new feature was pushed to radare2: offset-based function diffing. We’d like to take this opportunity to write a bit about radare2’s diffing features before showing the shiny new one. Let’s take a copy of a cracked crackme as an example, and the true and false binaries. Without parameter,…

Payloads in C

Writing exploits requires to perform several steps to achieve the final purpose of the attack. find a vulerability reverse engineer the bug achieve code execution write the payload profit This post will focus on the later step: write the payload. The payload can spawn a shell, reuse a socket or…

Jihadist Fan Club CryptoCrap

Think of Mujahideen Secrets as a branded promotional tool, sort of like if Manchester United released a branded fan chat app. Although there has been a lot of FUD written about the encrypted messaging systems developed and promoted by jihadis groups, very little has focused on the how they are…