Anatomy of a GDB anti-debug trick
Well, it seems this is the GDB post season! The past days have been dedicated to mess around with GDB source code and today I have what I think it’s…
Anatomy of a GDB anti-debug trick
Well, it seems this is the GDB post season! The past days have been dedicated to mess around with GDB source code and today I have what I think it’s…
Fix for Apple’s GDB bug or why Apple forks are bad…
It’s not a breakthrough post but I finally found where the bug that messed up gdbinit is located. I got obsessed into this problem and started browsing GDB source code.…
Fix for Apple’s GDB bug or why Apple forks are bad…
It’s not a breakthrough post but I finally found where the bug that messed up gdbinit is located. I got obsessed into this problem and started browsing GDB source code.…
Workaround for Apple’s GDB bug…
I had unconsciously found the workaround a few months ago while hacking around Little Snitch with kernel debugging. To make things easier I had a small GDB script to call…
gdbinit 7.1.7 and some bla bla bla…
Greetings ! For the past weeks I have been pretty much bored with any kind of reversing so all my projects are stopped. Today I decided to fix some bugs…
Enforcing the Law at the Mid Atlantic Collegiate Cyber Defense Competition (MACCDC)
The MidAtlantic Collegiate Cyber Defense Competition (MACCDC) is one of the many regional CCDCs that includes a somewhat unique aspect: law enforcement and investigations. For those unfamiliar with CCDC’s, they…
A little disassembler for MPress packer…
Since otool and otx can’t disassemble the packed binary, Andreas Gumundsson wrote a quick tool to do that job, using Udis86, a disassembler library for x86 and AMD64. Check the…
How to dump a MPress packed binary…
Someone at macserialjunkie board posted a problem with the mpress packer. Since packers are a pretty rare thing at OS X and I was bored, I decided to give it…
A memory dumper for Apple crypted binaries! Hurray !!!
Here it is, another example of my super l33t lame coding skills! This wonder code will decrypt an Apple crypted binary via memory dumping. Maybe direct decryption (based on Amit…