This tool will extract the opcodes from the .text section and display in different hex formats for different syntaxes. Works only with valid PE files. Coded in C++Builder XE5.
Download: https://github.com/OsandaMalith/ShellCode-Extractor/releases
Year: 2016
2014 Flare On Challenge 2
You can download the challenge from here : http://www.flare-on.com/files/C2.zip
The zip file contains a html file and an image as the logo of the html file inside the img folder.
If we open the image in a hex editor we can see at the end it contains PHP code.
Share this:
2014 Flare On Challenge 1
You can download the challenge from here: http://www.flare-on.com/files/C1.exe
As we run the application we get this.
When we click on decode the we get this encrypted string.
Share this:
Hiding Data Inside Memory Addresses
This is a small finding I found while I was experimenting on pointers in C. Usually in C the arithmetic on pointers depend on the size of the data types. If we initialize a int variable, the compiler will allocate 4 bytes in memory since its 32 bits. I assume you are well aware of these basics in C 🙂 I wanted to store data inside the empty addresses allocated by int data type. This is a bit challenging in a high level programming language. Of course using inline assembly I could have achieved this. But I wanted to achieve this using native C operators.
To understand this let’s begin from a simple approach.
|
1 2 3 4 5 6 7 8 9 10 |
#include <stdio.h> int main() { unsigned int var = 100; unsigned int var2 = 200; printf("%u\n",var); printf("%u\n",var2); } |
