Khan Academy


hi there,

It’s been a month or two that i am seriously trying to learn every basics of linear algebra. I’ve googled alot about this theme, found thousands of pdf craps out there, but every book i found, i couldnt even understand from them.

So I just came up on idea to watch some video tutorials. Since i love youtube, i tried to find there something related to linear algebra :)

And i found this wonderfull place with full of material for every freaking subject :D

http://www.youtube.com/user/khanacademy

and here is the link related to Linear algebra

http://www.youtube.com/user/khanacademy#p/c/FD0EB975BA0CC1E0

I hope you will enjoy this place

Leave a comment

Unpacking simple ransomware


Well, I’ve just configured my XP VM under virtualbox, and now I tried to work on some malwares.

And here, Xylitol sent me 1 ransomware. Well, it’s kinda easy too unpack, because it’s using upx and mystic compressor.

Well, im sure, that all people know how to unpack upx, so i wont explain it here. And once i unpacked upx, i saw another packer there. Xylitol told me that it’s mystic compressor. Name isnt that important, now important thing is how to unpack this packer :)

Well, after doing some analysis, i found that this packer is as easy as upx. I’ve started tracing code, and found call dword ptr xxxx on the same section, where programm started, and then i hit on F7, and started analyzing another section of code (in my machine 003XXXXX). Ofcourse this section was created by VirtualAlloc, so if you do not want to lose your time on just tracing, you can just do BP on it. Anyway, i traced inside it’s call too, and after getting on 003E04D3, which is return of packer’s stub, i pressed F7, and im already on OEP :)

it’s 004018A0

there’s no any import redirection, or any anti dumping tricks, so you can easily dump it via ollydmp and fix imports via ImportRec. So it’s easy packer.

and now the question is.. how to kill this ransomware? :P

.

2 Comments

N1ghtm4r3 keygenme 4


hi people,

today i was browsing over tuts4you, and found, that a guy with a name N1ghtm4r3, posted a new keygenme there.Some time ago I’ve solved one of his another keygenmes, and I thought it would be good to try this one too :)

Protection was base-24 mainly, but theres a lot of tricks in it. So i could finish my keygen in 30 mins. For those who want to have a look at my lame asm src, heres the link

Leave a comment

Hello world!


Hello world, i was thinking about starting a new blog about rce, where i can share some of my knowledge with you :)

I hope you will find this blog useful, and excuse me for my bad english :D

thanks for attention,

-qpt

Leave a comment

Follow

Get every new post delivered to your Inbox.