Activity Stream

Filter
Sort By Time Show
Recent Recent Popular Popular Anytime Anytime Last 24 Hours Last 24 Hours Last 7 Days Last 7 Days Last 30 Days Last 30 Days All All Photos Photos Forum Forums Articles Articles Blog Blogs
Filter by: Popular Clear All
  • Kayaker's Avatar
    July 2nd, 2020, 09:06
    Kayaker replied to a thread Don Wooma in Off Topic
    Heh heh. Hi wbe, it's nice to see some old names resurfacing here. There must be a proverb or something for that. "Old Reversers never die,...
    1 replies | 35 view(s)
  • wbe's Avatar
    July 1st, 2020, 11:16
    wbe started a thread Don Wooma in Off Topic
    Just to let you know: I'm still alive.:cool:
    1 replies | 35 view(s)
  • esther's Avatar
    June 30th, 2020, 16:04
    hi, if you have procdump,it still works in win10 32 bit for dumping upx.
    32 replies | 1366 view(s)
  • Kayaker's Avatar
    June 25th, 2020, 18:45
    Kayaker replied to a thread Windbg Syntax in General Reversing
    Well, after hours mucking around with Windbg scripting I came up with this monstrosity that worked to extract the function name. I wasn't able to...
    4 replies | 193 view(s)
  • blabberer's Avatar
    June 24th, 2020, 07:07
    blabberer replied to a thread Windbg Syntax in General Reversing
    I understand you want to use dx but for the last example you posted where you escape quotes etc you don't need the dx at all in fact you...
    4 replies | 193 view(s)
  • esther's Avatar
    June 23rd, 2020, 22:30
    esther replied to a thread real DOS in Off Topic
    someone created a 64 bit program NTVDMx64 by Leecher1337,it's not a microsoft program,dunno if it works in 64 windows,I didn't tried coz I don't have...
    1 replies | 154 view(s)
  • Kayaker's Avatar
    June 22nd, 2020, 16:26
    Kayaker replied to a thread Windbg Syntax in General Reversing
    Thanks Blabberer, that's some good useful info. Unfortunately there's a bit of weird behaviour to deal with. If I step or break on a Call...
    4 replies | 193 view(s)
  • blabberer's Avatar
    June 22nd, 2020, 09:53
    blabberer replied to a thread Windbg Syntax in General Reversing
    windbg provides two Pseudo Register ea and ea2 that corresponds to effective address 1 and effective address 2 if you have broken on some rip...
    4 replies | 193 view(s)
  • Kayaker's Avatar
    June 21st, 2020, 16:53
    I've been trying to make use of the Windbg 'dx' command and some of the fancy Natvis/LINQ stuff. There are a couple of recent examples of the types...
    4 replies | 193 view(s)
  • esther's Avatar
    June 19th, 2020, 02:30
    esther replied to a thread waves in Off Topic
    lol,my "knowledge" has given back to the rce cd archive :devil: Nice to see you,Kayaker :)
    2 replies | 184 view(s)
  • Kayaker's Avatar
    June 17th, 2020, 12:44
    Kayaker replied to a thread waves in Off Topic
    Greetz esther, nice to see old faces. Feel free to stop by and flame or teach anytime ;)
    2 replies | 184 view(s)
  • esther's Avatar
    June 17th, 2020, 02:22
    esther started a thread waves in Off Topic
    Hi guys, ltns,just passed by to say hello :)
    2 replies | 184 view(s)
  • evaluator's Avatar
    June 8th, 2020, 06:32
    created little CPUIDflags progy :) so much strings sorted in this thread, so I made from them progy. test it & upgrade. write if more interesting...
    5 replies | 777 view(s)
  • evaluator's Avatar
    June 7th, 2020, 07:19
    this SYSTOOLS>cpuid.exe looks fun but.. are you sure it knows encls,wrpkru etc?? did simple string search & not found in :) just dump CPUID.EAX=1 &...
    5 replies | 777 view(s)
  • blabberer's Avatar
    June 7th, 2020, 06:51
    SysTools>cpuid.exe -v | grep -iE "encls|enclv|cldemote|ptwrite|tpause|umonitor|umwait|movdir64b|movdiri|sha1msg1|rdpid|invpcid|rdpkru|wrpkru" EBX...
    5 replies | 777 view(s)
  • evaluator's Avatar
    June 6th, 2020, 22:24
    are suspect opcodes for desktop Cpus? While Kayaker is out for hlep, guess, ourselves should examine CPUID EAX=7;ECX=0 CASE where EBX can hold these...
    5 replies | 777 view(s)
  • Kayaker's Avatar
    June 6th, 2020, 11:01
    What kind of info are you looking for? Most seem to be Googleable. I patched a few of those opcodes into Ghidra and not only did it recognize them,...
    5 replies | 777 view(s)
  • evaluator's Avatar
    June 6th, 2020, 08:47
    so, as I am adding "new" itnel opcodes to rosasm assembler, need some help in understanding; as manual is now (325462-sdm-vol-1-2abcd-3abcd.pdf) in...
    5 replies | 777 view(s)
  • Kayaker's Avatar
    June 6th, 2020, 01:24
    Kayaker replied to a thread ReverseMe in Off Topic
    And they say DOS is dead. Yep, that's a nice way to do it. I've been using this little bit of SMC as an excuse to try to learn to create an...
    14 replies | 1887 view(s)
  • blabberer's Avatar
    June 4th, 2020, 09:44
    blabberer replied to a thread ReverseMe in Off Topic
    @kayaker if you want to run that code in windows 10 download and install vdos to say f:\vdos download grdb by ladsoft and copy grdb.exe to...
    14 replies | 1887 view(s)
  • WaxfordSqueers's Avatar
    June 3rd, 2020, 15:25
    WaxfordSqueers started a thread real DOS in Off Topic
    Had a bit of a laugh today. Reading up on ntvdm.exe which is the DOS emulator for Windows. I am running XP and I opened a CMD window to see if it...
    1 replies | 154 view(s)
  • evaluator's Avatar
    June 3rd, 2020, 00:49
    evaluator replied to a thread ReverseMe in Off Topic
    those are text-char range opcodes, I met likes of them previously in shell code analyzes. however in 32bit, code needs to find self address, thus...
    14 replies | 1887 view(s)
No More Results