Activity Stream

Filter
Sort By Time Show
Recent Recent Popular Popular Anytime Anytime Last 24 Hours Last 24 Hours Last 7 Days Last 7 Days Last 30 Days Last 30 Days All All Photos Photos Forum Forums Articles Articles Blog Blogs
Filter by: Last 7 Days Clear All
  • WaxfordSqueers's Avatar
    May 31st, 2020, 14:11
    WaxfordSqueers replied to a thread ReverseMe in Off Topic
    I saw no obvious start point so I presumed the first POP statement had AX initialized to 0. I started following the statements one by one, doing the...
    8 replies | 121 view(s)
  • evaluator's Avatar
    May 30th, 2020, 23:19
    evaluator replied to a thread ReverseMe in Off Topic
    well, that explanation assumes code as 16bit, while I assumed as 32bit shell-code
    8 replies | 121 view(s)
  • WaxfordSqueers's Avatar
    May 29th, 2020, 13:08
    WaxfordSqueers replied to a thread ReverseMe in Off Topic
    Click the Spoiler button on my last post. It reveals a couple of links explaining exactly what it is. The first link gives a step by step solution to...
    8 replies | 121 view(s)
  • evaluator's Avatar
    May 29th, 2020, 08:09
    evaluator replied to a thread ReverseMe in Off Topic
    I tried to 'imagine' environment of this 'shellcode' but ESI & EDI are unknown. well we can think about EDI in range of this code.. but nothings...
    8 replies | 121 view(s)
  • Kayaker's Avatar
    May 29th, 2020, 07:19
    Kayaker replied to a thread ReverseMe in Off Topic
    If you're protected you shouldn't be able to make a copy of that file (ctrl-c ctrl-v). Avast won't let me unless I do it in one of my 'excluded from...
    8 replies | 121 view(s)
  • blabberer's Avatar
    May 29th, 2020, 06:56
    blabberer replied to a thread ReverseMe in Off Topic
    the file itself tells what it is Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 00000000 58 35 4F 21 50 25 40 41 50 5B 34 5C 50...
    8 replies | 121 view(s)
  • Kayaker's Avatar
    May 28th, 2020, 18:55
    Kayaker replied to a thread ReverseMe in Off Topic
    I've been looking at the Windows Antimalware Scan Interface (AMSI) lately, and its relation to exploits particularly with PowerShell. ...
    8 replies | 121 view(s)
  • WaxfordSqueers's Avatar
    May 28th, 2020, 14:43
    WaxfordSqueers replied to a thread ReverseMe in Off Topic
    I started working through it with the assumption that first statement POP AX was 0000. Got about 10 steps down then decided to check 'and ax,...
    8 replies | 121 view(s)
  • Kayaker's Avatar
    May 28th, 2020, 10:56
    Kayaker started a thread ReverseMe in Off Topic
    This is well known code. Harmless. What is it? Disassembly of File: reverseme.com Code Offset = 00000000, Code Size = 00000044 Data Offset =...
    8 replies | 121 view(s)
No More Results