@@FreeDomSy-nk9ue In my original comment, it starts with "@Tommy Dylan", this is because there was a youtube comment made by a bot; which I replied to. If you look at the comments on videos, you'll sometimes find the exact same comment patterns made by inactive youtube channels. RUclips bot spam has been a problem for a very long time now
I love this series! Thank you for making these videos! Any chance you will continue? I think it would also be interesting to see you solve some reversing/binary exploit ctf challenges :)
Do you have any videos on reversing Virtualized Code? You talked about it at @43:10 but I mean, videos are way better than articles! I feel like nobody wants to talk about it because it seems to be vital for so many legitimate protected software like anti-cheats (VAC/EAC/Battleye) and others! Am I wrong?
Regarding the 2nd challenge you could extract more easily the value of the flag if you set a breakpoint at the CALL instruction. IDA shoould be capable to show you what's in memory . Then, convert the complete value on memory. I said SHOULD because I made this in Olly. I dunno if IDA works the same way.
watch 36:34 for his answer on blog challenges. For the encryption one he also provided a download link in the video which you can also see at that timestamp
Because the calling convention dictates that if the return value fits into a register it will be returned through the eax register, also called the accumulator register
>"No one wants to hear about my life, it's boring."
> - MalwareTech
@Tommy Dylan These spam'n scam comments are cancer.
@@LinucNerd @32:50. It's not spam tf are you talking about.
@@FreeDomSy-nk9ue In my original comment, it starts with "@Tommy Dylan", this is because there was a youtube comment made by a bot; which I replied to. If you look at the comments on videos, you'll sometimes find the exact same comment patterns made by inactive youtube channels. RUclips bot spam has been a problem for a very long time now
@@LinucNerd Yeah my bad
@@FreeDomSy-nk9ue It's no problem fam :)
Listening to this guys history and Operation Raven in Darknet Diaries, motivated me to learn RE and Malware Analysis.. so much fun.
I love this series! Thank you for making these videos! Any chance you will continue? I think it would also be interesting to see you solve some reversing/binary exploit ctf challenges :)
We need more content like this!!!
Had the pleasure of chatting to this guy last year. Sound dude
Tip: If you have the Windows Subsystem for Linux installed, you can use the Linux-version of tools like strings
"ReactOs is reverse engineered Malware.. i mean Windows." ... Freudian Slip :p
Great walkthrough!
Am I too dumb to understand? ^^
Very good videos. Could you suggest some resources to level up ?? i'm pretty weak at coding and scripting
Do you have any videos on reversing Virtualized Code? You talked about it at @43:10 but I mean, videos are way better than articles! I feel like nobody wants to talk about it because it seems to be vital for so many legitimate protected software like anti-cheats (VAC/EAC/Battleye) and others! Am I wrong?
What is the best book that you recommend learning malware analyzing?
CompTIA: Network Security
you're a fucking god man
Regarding the 2nd challenge you could extract more easily the value of the flag if you set a breakpoint at the CALL instruction. IDA shoould be capable to show you what's in memory . Then, convert the complete value on memory. I said SHOULD because I made this in Olly. I dunno if IDA works the same way.
whoa... thank you so much for sharing this info!!
You are truly awesome Marcus.... You inspired me to get deeper inside Reverse Engineering
where is suppose to get the code of the second part? the one with breakpoints in python.
Thank you so much for this content!
Have you ever been doing moding (game)
The second challenge has been busted, you can use a tool called "strings2" for windows (ironically names i know), to dump the flag.... qwq
The entire point of the challenge is to use IDA, you can cheat on any of the challenges, that's not the point.
Jonathan De La Paz I heard CSS is best for maleware analysis, try that first
Y
Who know that when usually he goes live?pls
Pirating XP would still be pirating legally speaking, it's still decades at least until it's not copyrighted, if it ever will
Awesome and interesting but can u provide the c,c++ source code of the samples ?
watch 36:34 for his answer on blog challenges. For the encryption one he also provided a download link in the video which you can also see at that timestamp
.ZWER EXTENSION N I CNT ACCESS MY WHOLE DATA ! HELP ME
gooooood
Excelente video amigo, se agradece el video que hiciste!, espero que sigas haciendo mas videos!!!
how did you know that the return pointer resides on EAX register?
Because the calling convention dictates that if the return value fits into a register it will be returned through the eax register, also called the accumulator register
What's you main OS?
How did you generate the false flags?
Loving the new content! More please. : )
why cant i unzip strings1.zip :/ on ubuntu
Hello sir awesome video 😍😍😘 you are great sir 🤩🤩🤩
need russian subtitles
NSA was paying attention @ 48:30 when they released Ghidra
kevin alexander Lol they would nvr release tools they actually use
Great tips!
Would appreciate your opinion on my first reversing tutorial which i just uploaded here :)
is IDA a program you can download for free?
This is necro, but in case anyone else wonders the same: There is a free version and a pro version.