Almost everyone involved in the reverse engineering knows about the timer checks used for antidebugging. Generally functions such as GetTickCount or KeTickCount are used to detect and prevent any debugging attempts. Recently in the Hackers Reversing Challenge 2007, one of the less known timer checks have been used which makes use of functions QueryPerformanceFrequency & [...]

Read Full Post »

Debuggers are the main tool used in reverse engineering. It is used by serial crackers to break the software protection or to uncover the algorithm used in the proprietary applications. On the other hand it is also used by researchers to analyze the malwares.
Detecting the presence of debuggers is an important step in this direction. [...]

Read Full Post »

Charles Miller, security researcher at Independent Security Evaluators claims that he got the offer of $80,000 for remotely exploitable flaw in Linux, sighs that he could have asked for more. Though he could not get that price due to several conditions but finally managed to sell it for $50,000.
He has written an interesting paper based [...]

Read Full Post »

NetShareMonitor is the security tool to watch your shared files from the intruders and to protect your shares from unauthorized access. As soon as remote user connects to your machine, NetShareMonitor detects it and displays information about that session. The session information includes remote host address, remote user name, [...]

Read Full Post »