cryptax

nixCraft, 9 hours ago to linux

#Unix or #linux desktop from the 90s. Awesome aesthetic 🔥

cryptax, 5 days ago to random

This handy radare2 extra plugin is great to rename "anything" in radare2 output.

I'm using it to rename Dart registers to PP (Pool Pointer) and THR (Thread Pointer) :)

afen PP r15

https://github.com/radareorg/radare2-extras/tree/master/afen

cc: @radareorg

jjLitke, 21 days ago to random

FYI if you use Medium it requires a sign-in to read posts. So I won’t ever read your posts because I don’t want to hand over my info to them.

Also I’m not interested enough to go through a bunch of extra clicks

And if a lot of other people aren’t in the first camp, you can bet a ton of them are in the second

nixCraft, 3 months ago to random

C is now illegal. Future Software Should Be Memory Safe lang like Rust and others https://www.whitehouse.gov/oncd/briefing-room/2024/02/26/press-release-technical-report/

root42, 3 months ago to random

Successfully repaired the charging dock for my mother's phone. The micro USB socket had broken off. All legs were cleanly snapped off. Replaced it with a new one.
#righttorepair

Backside of the charging cradle, reading "USE SPECIFIED Panasonic AC ADAPTOR ONLY" and showing the USB port.
The old 5 pin USB socket, with the legs only visible as little stumps.

cryptax, 3 months ago to android

Just analyzed a spyware sample that bypasses Android 13 Restricted Settings so as to drop another malware with full access to Accessibility API.

• use of malformed ZIP to break apktool and other tools.

https://cryptax.medium.com/android-spynote-bypasses-restricted-settings-breaks-many-re-tools-8791b3e6bf38

#SpyNote #SpyMax #Android #malware #accessibility #ZIP

cryptax, 3 months ago to random

I will be speaking on how to reverse Flutter applications at Nullcon, mid March.

https://nullcon.net/berlin-2024/conference-speakers

cryptax, 4 months ago to android

Interesting. This is how an Android/MoneyMonger detects if ADB is enabled or not: it looks for development settings. This is not a new technique, but I rarely see it in malware.

#Android #moneymonger #ADB #Flutter

it4sec, 4 months ago to random

Do you trust your car?

cryptax, 5 months ago to android

Using Colander to organize your malware analysis: example on Android/WyrmSpy

https://cryptax.medium.com/organizing-malware-analysis-with-colander-example-on-android-wyrmspy-1f3ec30ae33b

#Android #malware #WyrmSpy #APT41 #Colander @pts

cryptax, 5 months ago to android

I've just published a blog post on a new sample of Android/BianLian botnet which uses (1) an intentionally bad formed ZIP, and (2) uses a new packer.

https://cryptax.medium.com/bad-zip-and-new-packer-for-android-bianlian-5bdad4b90aeb

By the way, this will be covered in my @ringzer0 training.

#android #malware #zip #packer #kavanoz #medusa #JEB

cryptax, 5 months ago to android

I like to have lots of exercises on recent & real Android malware in my @ringzer0 training.

There will be exercises on GodFather, Chameleon, Kamran (Firebase), AhRat, SpyLoan (Flutter), Hook, Xenomorph and my favorite BianLian ;)

Am I missing something of 2023 you'd like to see?
#Android #malware #analysis

Register here: https://ringzer0.training/trainings/reverse-engineering-android-malware.html

cryptax, 6 months ago to random

Connaissez-vous des gens intéressés par les CTFs chez ST Microelectronics, Thalès, Amadeus?

On n'a pas de bon point d'entrée dans ces entreprises, résultat on a généralement personne de chez eux à @ph0wn alors que ça pourrait normalement les intéresser...

[Ph0wn CTF - 25 novembre 2023 - Sophia Antipolis]

cryptax, 6 months ago to random

You haven't ever played a CTF, and wonder what it is, and if it's some interest to you?

I've written a blog post on that: https://cryptax.medium.com/whats-a-ctf-is-it-interesting-will-i-enjoy-it-do-i-have-the-skills-for-a-ctf-e11c680df5b7

And if I've convinced you, I hope to see you at Ph0wn on Nov 25, in Sophia Antipolis, France. It's a local CTF, so you need to be physically on site to play. See https://ph0wn.org

cc: @ph0wn

cryptax, 6 months ago to random

Bonjour ! Y a-t-il qqun parmi mes followers qui travaille à la gendarmerie sur les arnaques phishing/bancaires ?

J'ai la fille d'un collègue qui s'est fait avoir par un truc très très bien monté, où l'arnaqueuse l'a contactée pendant des semaines avant, s'est arrangé pour devenir amie etc et finir par l'arnaquer de 10000 euros qd meme...

Il a deposé une plainte, évidemment, mais j'aimerais bien lui donner un petit coup de pouce.

cryptax, 7 months ago to random

This article on disinformation in computer science is really excellent, with lots of guidelines as how to deal with them at the end.

https://medium.com/@maldr0id/dismantling-spyware-disinformation-campaigns-2f4418500ef7

cc: @maldr0id

GossiTheDog, 8 months ago to random

deleted_by_author

cryptax, 8 months ago to random

My slides for the keynote of BruCON 2023 are available on GitHub: https://github.com/cryptax/talks/tree/master/BruCON-2023

#BruCON0x0F

albinowax, 8 months ago to random

"How do you choose what topic to research?" This was the number one question I was asked at Nullcon. As it happens I've already published a post exploring this!

Check it out here:
https://portswigger.net/research/how-i-choose-a-security-research-topic

cryptax, 8 months ago to random

I'm not sure people tell you often @radareorg but I often laugh at radare's welcome message. I like it (to be honest, I haven't tested all messages, but this one made me laugh).

DrH, 1 year ago to ageofsigmar

The hobbits on Weathertop.

These tiny figures are barely an inch tall, on the bases.
They're not called halflings for nothing.

Painted them up as they were dressed for the Weathertop scene in the film.
And gave them custom-made flagstone bases to match.

#PaintingMiniatures #Hobbits #LotR