☠️ HOW HACKERS READING EXE FILES [HACKING BASICS]
HTML-код
- Опубликовано: 27 июл 2024
- ‼️ FOR EDUCATIONAL PURPOSES ONLY ‼️
🔥 github.com/0xD3struction/0xD3... 🧨
In my opinion, this skill is absolutely fundamental if you want to become a hacker.
Ofcourse it isn't last video about exe files.
Will be much more.
Its much better for start, then using nmap for example!
Because, even if you will find som vuln app, how do you want to write Exploit if dont understand how EXEs working ?
You have to start walking before you start running.
C VIRUS EXAMPLE:
• 💾 C VIRUS EXAMPLE + CO...
PE FORMAT:
en.wikipedia.org/wiki/Portabl...
learn.microsoft.com/en-us/win...
IMAGE FILE HEADER:
learn.microsoft.com/en-us/win...
IMAGE OPTIONAL HEADER:
learn.microsoft.com/en-us/win...
IMAGE DATA DIRECTORY:
learn.microsoft.com/en-us/win...
IMAGE SECTION HEADER:
learn.microsoft.com/en-us/win...
IMAGE NT HEADERS:
learn.microsoft.com/en-us/win...
0:00 - INTRO
0:15 - BEFORE WE START
1:22 - IN THIS VIDEO
1:52 - PE HEADER
3:01 - CONST EXE & VAR EXE
3:51 - LOCATING PE HEADER
6:20 - HEX PRINT
8:17 - IMAGE FILE HEADER
12:11 - IMAGE OPTIONAL HEADER
16:14 - SECTION HEADERS
19:45 - IMAGE NT HEADERS
23:08 - OUTRO Наука
🔥SOURCE CODES🔥
github.com/0xD3struction/0xD3struction/tree/main/HACKING%20BASICS/%5B2%5D%20READING%20EXE
Instead of memcpy you can simply typecast the buffered file data to the structure type and read the file data directly from the buffered file data, thereby reducing memory usage and run time.
This method is already use in next video, to show another way of filling the struct 🙃
For those who don't know what it is, struct could be filled up also in this way:
---------
IMAGE_NT_HEADERS32 *NTHeaders;
NTHeaders = (IMAGE_NT_HEADERS32*)(FILE_BUFF+Pe_Offset);
----------
Ofcourse, I will upload both versions on Github 😎
Great content mate, keep it up 👍👍🔥
I know 😁
Thx a lot! ❤️
I'll do my best! 💪