• Reverse engineering a high-end soldering station



      (This is the translation of the original article performed by baragol)

      We had a bunch of photographs of the main PCB, a YouTube video with drain-voltage waveforms of MOSFETs, a forum post with a breakdown of the capacitance values of LC circuit capacitors and also a number of unboxing videos showing the heating-up of the soldering tip. The only thing that really worried me was the video with the measurement of the peak power consumption during the heating-up. There is nothing in the world more helpless and irresponsible and depraved than burned cartridge newly bought for 60 bucks from Amazon. But let me start from the beginning.
      Read more →
    • How I discovered an easter egg in Android's security and didn't land a job at Google

      • Translation
      Google loves easter eggs. It loves them so much, in fact, that you could find them in virtually every product of theirs. The tradition of Android easter eggs began in the very earliest versions of the OS (I think everyone there knows what happens when you go into the general settings and tap the version number a few times).

      But sometimes you can find an easter egg in the most unlikely of places. There’s even an urban legend that one day, a programmer Googled “mutex lock”, but instead of search results landed on foo.bar, solved all tasks and landed a job at Google.

      Reconstruction
      image

      The same thing (except without the happy ending) happened to me. Hidden messages where there definitely couldn’t be any, reversing Java code and its native libraries, a secret VM, a Google interview — all of that is below.
      Read more →
    • Writing a wasm loader for Ghidra. Part 1: Problem statement and setting up environment


      This week, NSA (National Security Agency) all of a sudden made a gift to humanity, opening sources of their software reverse engineering framework. Community of the reverse engineers and security experts with great enthusiasm started to explore the new toy. According to the feedback, it’s really amazing tool, able to compete with existing solutions, such as IDA Pro, R2 and JEB. The tool is called Ghidra and professional resources are full of impressions from researchers. Actually, they had a good reason: not every day government organizations provide access to their internal tools. Myself as a professional reverse engineer and malware analyst couldn’t pass by as well. I decided to spend a weekend or two and get a first impression of the tool. I had played a bit with disassembly and decided to check extensibility of the tool. In this series of articles, I'll explain the development of Ghidra add-on, which loads custom format, used to solve CTF task. As it’s a large framework and I've chosen quite complicated task, I’ll break the article into several parts.

      By the end of this part I hope to setup development environment and build minimal module, which will be able to recognize format of the WebAssembly file and will suggest the right disassembler to process it.
      Read more →
    • Making Git for Windows work in ReactOS

        Good day to you! image


        My name is Stanislav and I like to write code. This is my first english article on Habr which I made due to several reasons:



        This article is an english version of my very first article on russian.


        Let me introduce the main figures in this story who actually fixed the bug preventing Git from running in ReactOS — the French developer Hermès Bélusca-Maïto (or just Hermes with hbelusca nickname) and of course me (with x86corez nickname).


        The story begins with the following messages from the ReactOS Development IRC channel:


        Jun 03 18:52:56 <hbelusca> Anybody want to work on some small problem? If so, can someone figure out why this problem https://jira.reactos.org/browse/CORE-12931 happens on ReactOS? :D
        Jun 03 18:53:13 <hbelusca> That would help having a good ROS self-hosting system with git support.
        Jun 03 18:53:34 <hbelusca> (the git assertion part only).
        Read more →
      • Chemistry lesson: how to expose a microchip's crystal for photography

        Introduction


        If you have dabbled into microchip photographing before, then this article will probably not offer much to you. But if you want to get into it, but don’t know where to start, then it’s exactly for you.


        Before we start, a fair warning: while the procedure is quite entertaining, at first it’ll probably be physically painful. The chemicals used during the process are toxic, so please handle them carefully – that way it’ll still hurt, but less so. Also, if you have even a slight amount of common sense, conduct the procedure in a fully-equipped chemical laboratory under supervision of trained professionals: we’ve had to deal with people who tried to do it at home immediately after reading the guide. And finally: if you don’t know whether you need to pour acid into water or water into acid without a Google search and don’t realize what this lack of knowledge will entail – stop reading this immediately and go to a chemistry 101 course in a local college or something.


        Read more →