background preloader

Articles, Docs, Info

Facebook Twitter

Program-Transformation.Org. The Program Transformation Wiki Program transformation techniques are used in a many areas of software engineering ranging from program synthesis, via program optimization and program refactoring, to reverse engineering and documentation generation.

Program-Transformation.Org

Many theories, tools and applications have been developed over the last 30 years. Often the results of these efforts are used only in the community that developed them. Program-transformation.org is dedicated to collecting, organizing and disseminating information about all aspects of program transformation in order to share results across communities. Such an effort cannot possibly be achieved by a static web site. Entry Points There are a number of EntryPoints that focus on specific aspects of program transformation. Categories Another way to browse the pages is by considering the various categories. CategoryCategory: full list of all categories Collections Tools History ProgramTransformationOrg was founded in April 2000 by EelcoVisser. Www.agner.org/optimize/objconv-instructions.pdf.

The H - Oline, Internet Security

KPNC. Simple, but effective system independent anti-debug trick based on well-documented APIs and does not involve assembly inline (means: it could be implemented in pure C). also it works as anti-dump sensor. caution: I would recommend do _not_ use this thick in production code, because it’s based on the bug (two bugs actually: one in Windows, another in OllyDbg), which could be fixed at any moment. however, noting terrible happens if the bug would be fixed - the application just could not detect debugger/dumper. in passing: I found this bug working on the project for a spectrography cherry group, well, not a cherry actually, but I prefer to keep the real name if it under the mat, anyway it’s all about Ciscar Fon - my first love, a gothic type, very kinky and yet creative. in a nutshell: the whole idea based on PAGE_GUARD attribute.

KPNC

ReadProcessMemory: normally, /* I mean _normally_ */ ReadProcessMemory() returns error if it meet a page with PAGE_GUARD attribute. does it make sense? Of course!

Hex Blog

EM_386. Hardware Download. How main() is executed on Linux LG #84. Starting The question is simple: how does linux execute my main()?

How main() is executed on Linux LG #84

Through this document, I'll use the following simple C program to illustrate how it works. It's called "simple.c" main(){ return(0);} Build gcc -o simple simple.c What's in the executable? To see what's in the executable, let's use a tool "objdump" objdump -f simple simple: file format elf32-i386architecture: i386, flags 0x00000112:EXEC_P, HAS_SYMS, D_PAGEDstart address 0x080482d0 The output gives us some critical information about the executable.

What's ELF? ELF is acronym for Executable and Linking Format. In the above structure, there is "e_entry" field, which is starting address of an executable. What's at address "0x080482d0", that is, starting address? For this question, let's disassemble "simple". Objdump --disassemble simple The output is a little bit long so I'll not paste all the output from objdump.

Looks like some kind of starting routine called "_start" is at the starting address. PLT and GOT - the key to code sharing and dynamic libraries : technovelty. (this post was going to be about something else, but after getting this far, I think it stands on its own as an introduction to dynamic linking) The shared library is an integral part of a modern system, but often the mechanisms behind the implementation are less well understood.

PLT and GOT - the key to code sharing and dynamic libraries : technovelty

There are, of course, many guides to this sort of thing. Hopefully this adds another perspective that resonates with someone. Dynamic Linking in Linux and Windows, part one. By Reji Thomas and Bhasker Reddy This article discusses the shared libraries concept in both Windows and Linux, and offers a walk-through through various data structures to explain how dynamic linking is done in these operating systems.

Dynamic Linking in Linux and Windows, part one

The paper will be useful for developers interested in the security implications and the relative speed of dynamic linking, and assumes some prior cursory knowledge with dynamic linking. Part one introduces the concepts for both Linux and Windows, but will focus primarily on Linux. Next time in part two, we'll discuss how it works in Windows and then continue to compare the two environments. Static Libraries vs.

A library is a collection of sub-programs which allow code to be shared and changed in a modular fashion. In the most basic sense, libraries can be divided into two categories: static libraries and shared libraries. In contrast to static libraries, with shared libraries the library code is not bound to the executable at link time. Symbol Hashtable. Dynamic Linking in Linux and Windows, part two. By Reji Thomas and Bhasker Reddy This article discusses the shared libraries concept in both Windows and Linux, and offers a walk through various data structures to explain how dynamic linking is done in these operating systems.

Dynamic Linking in Linux and Windows, part two

The paper will be useful for developers interested in the security implications and the relative speed of dynamic linking, and assumes some prior cursory knowledge with dynamic linking. Part one introduced the concepts for both Linux and Windows and focused primarily on Linux. ARTeam ezine 4th. How to Disassemble DLL on Linux.