Pull to refresh
170.31

Reverse engineering *

Disassemble and understand how it works

Show first
Rating limit
Level of difficulty

Import chat history to Telegram (приглашение)

Level of difficultyMedium
Reading time3 min
Views3.9K
image

I'm seeking anyone who is skilled enough to develop a simple Python script using TDLib, Telegram API, and JSON manipulation to make it possible to perform simple tasks listed below:

1. Import Telegram chat JSON backup back to Telegram similar to what these scripts are doing github.com/alexlyzhov/telegram-import
github.com/Suberbia/UltimateChatRestorer
github.com/mygrexit/UltimateChatRestorerForGroupchats
but for any chat (not only to «saved messages») including group chats (not only 1 to 1 chats) and improve the code to make it work faster, more reliable, write log file, allow continuing from the stop point in case of errors and keep all the original chat data including formatting and everything that telegram can handle.
Some kinda combine all the script in one universal, flexible, high quality tool.
The most important aspect of the whole task is that the imported messages have to keep not only the formatting, but its original date and time when they were actually sent. Like it is done in the original telegram tool for importing history from some other apps — telegram.org/blog/move-history

2. Make it very simple to use. Perfect solution will be: Download, put the script next to JSON backup and run it in the interactive mode or with some specific options. Let the script ask for all the credentials and briefly explain where to get them. If possible, keep all the job on one device with no need of transferring the WA format zip file to the phone for importing. If not possible, make it an android app which will get the JSON, process it and feed the result to the Telegram app for import.

This is the basic I'm going to pay for.
Read more →
Total votes 4: ↑1 and ↓30
Comments2

Top 10 incident response mistakes

Reading time9 min
Views1.2K

Imagine someone withdrew money from a company's account at night. The next morning panic breaks out, leading to yet more problems. The IT department can reinstall a compromised system from scratch or restore it from backup. Reinstalling from scratch will wipe out all traces left by the attackers, and external investigators will have to search for clues in other systems. Restoring from backup carries the risk of accidentally reinstating a compromised image. In this paper, we will describe common mistakes that experts make when responding to security incidents.

Read more
Rating0
Comments0

Let’s deal with WeChat — the second most popular messenger in the world

Reading time5 min
Views2.7K


  • A short excursion into WeChat;
  • About the platform, the version of the application, the utilities used and the decryption of the executable file;
  • • About two protocols (old one and new one);
  • About serialization of objects;
  • Used cryptography and key exchange;
  • About headers and hash-functions;
  • About the exposures found.

Read more →
Total votes 5: ↑5 and ↓0+5
Comments1

On the recent vulnerability in Diebold Nixdorf ATMs

Reading time8 min
Views4.2K

Hi there! A while ago, Positive Technologies published the news that ATMs manufactured by Diebold Nixdorf (previously known as Wincor), or more specifically, the RM3 and CMDv5 cash dispensers, contained a vulnerability which allowed attackers to withdraw cash and upload modified (vulnerable) firmware. And since my former colleague Alexei Stennikov and I were directly involved in finding this vulnerability, I would like to share some details.

Read more
Total votes 5: ↑5 and ↓0+5
Comments2

How to see and save Instagram requests on an android device

Reading time6 min
Views6.1K

Once I was asked to save a traffic dump of an Instagram app while viewing one particular user profile. Simply saving the traffic dump on the router didn't make sense because the app used TLS to communicate with the server. Existing solutions didn't work because they worked with an older version of Instagram.

Below I will describe how I managed to do it myself using mitmproxy, ghidra and frida.

Read more
Rating0
Comments1

GDB Tutorial for Reverse Engineers: Breakpoints, Modifying Memory and Printing its Contents

Reading time4 min
Views21K

GDB is THE debugger for Linux programs. It’s super powerful. But its user-friendliness or lack thereof can actually make you throw your PC out of the window. But what’s important to understand about GDB is that GDB is not simply a tool, it’s a debugging framework for you to build upon. In this article, I’m gonna walk you through GDB setup for reverse engineering and show you all of the necessary commands and shortcuts for your debugging workflow.

Читать далее
Total votes 1: ↑1 and ↓0+1
Comments0

How to Start Reverse Engineering in 2021

Reading time4 min
Views57K

Reverse engineering might seem so complex, that not everyone has the bravery required to tackle it. But is it really that hard? Today we are gonna dive into the process of learning how to reverse engineer.

First of all, try to answer yourself, what are you hoping to achieve with reverse engineering? Because reverse engineering is a tool. And you should choose the right tool for your task. So when reverse engineering might be useful?

Read more
Total votes 3: ↑3 and ↓0+3
Comments0

NSA, Ghidra, and Unicorns

Reading time12 min
Views934

NSA, Ghidra, and Unicorns

This time, the PVS-Studio team's attention was attracted by Ghidra, a big bad reverse-engineering framework allowing developers to analyze binary files and do horrible things to them. The most remarkable fact about it is not even that it's free and easily extensible with plugins but that it was developed and uploaded to GitHub for public access by NSA. On the one hand, you bet NSA has enough resources for keeping their code base clean. On the other hand, new contributors, who are not well familiar with it, may have accidentally introduced bugs that could stay unnoticed. So, we decided to feed the project to our static analyzer and see if it has any code issues.
Read more →
Rating0
Comments0

Full disclosure: 0day vulnerability (backdoor) in firmware for Xiaongmai-based DVRs, NVRs and IP cameras

Reading time6 min
Views94K

This is a full disclosure of recent backdoor integrated into DVR/NVR devices built on top of HiSilicon SoC with Xiaongmai firmware. Described vulnerability allows attacker to gain root shell access and full control of device. Full disclosure format for this report has been chosen due to lack of trust to vendor. Proof of concept code is presented below.
Read more →
Total votes 13: ↑12 and ↓1+17
Comments15

Writing a laptop driver for fun and profit, or How to commit to kernel even if you're not that smart

Reading time5 min
Views2.7K

Where it all began


Let’s start with our problem statement. We have 1 (one) laptop. A new, gamer laptop. With some RGB-backlight on its keyboard. It looks like this:

image
Picture taken from lenovo.com

There’s also a program installed on this laptop. That’s the thing that controls our backlight.

One problem – the program runs under Windows, and we want everything to work on our favourite Linux. Want LEDs to flash and those pretty colours to blink on and off and such. A natural question arises, can we do all that without reverse-engineering and writing our own drivers?

A natural answer arises, no. Let’s open IDA and get cracking.

Read more →
Total votes 5: ↑5 and ↓0+5
Comments0

Technical analysis of the checkm8 exploit

Reading time25 min
Views95K

Most likely you've already heard about the famous exploit checkm8, which uses an unfixable vulnerability in the BootROM of most iDevices, including iPhone X. In this article, we'll provide a technical analysis of this exploit and figure out what causes the vulnerability.

Read more →
Total votes 22: ↑22 and ↓0+22
Comments4

Bypassing LinkedIn Search Limit by Playing With API

Reading time7 min
Views16K
[Because my extension got a lot of attention from the foreign audience, I translated my original article into English].

Limit


Being a top-rated professional network, LinkedIn, unfortunately, for free accounts, has such a limitation as Commercial Use Limit (CUL). Most likely, you, same as me until recently, have never encountered and never heard about this thing.

image

The point of the CUL is that when you search people outside your connections/network too often, your search results will be limited with only 3 profiles showing instead of 1000 (100 pages with 10 profiles per page by default). How ‘often’ is measured nobody knows, there are no precise metrics; the algorithm decides it based on your actions – how frequently you’ve been searching and how many connections you’ve been adding. The free CUL resets at midnight PST on the 1st of each calendar month, and you get your 1000 search results again, for who knows how long. Of course, Premium accounts have no such limit in place.

However, not so long ago, I’ve started messing around with LinkedIn search for some pet-project, and suddenly got stuck with this CUL. Obviously, I didn’t like it that much; after all, I haven’t been using the search for any commercial purposes. So, my first thought was to explore this limit and try to bypass it.

[Important clarification — all source materials in this article are presented solely for informational and educational purposes. The author doesn't encourage their use for commercial purposes.]
Read more →
Total votes 10: ↑9 and ↓1+8
Comments3

Reverse engineering a high-end soldering station

Reading time15 min
Views20K


(This is the translation of the original article performed by baragol)

We had a bunch of photographs of the main PCB, a YouTube video with drain-voltage waveforms of MOSFETs, a forum post with a breakdown of the capacitance values of LC circuit capacitors and also a number of unboxing videos showing the heating-up of the soldering tip. The only thing that really worried me was the video with the measurement of the peak power consumption during the heating-up. There is nothing in the world more helpless and irresponsible and depraved than burned cartridge newly bought for 60 bucks from Amazon. But let me start from the beginning.
Read more →
Total votes 24: ↑23 and ↓1+22
Comments1

How I discovered an easter egg in Android's security and didn't land a job at Google

Reading time11 min
Views34K
Google loves easter eggs. It loves them so much, in fact, that you could find them in virtually every product of theirs. The tradition of Android easter eggs began in the very earliest versions of the OS (I think everyone there knows what happens when you go into the general settings and tap the version number a few times).

But sometimes you can find an easter egg in the most unlikely of places. There’s even an urban legend that one day, a programmer Googled “mutex lock”, but instead of search results landed on foo.bar, solved all tasks and landed a job at Google.

Reconstruction
image

The same thing (except without the happy ending) happened to me. Hidden messages where there definitely couldn’t be any, reversing Java code and its native libraries, a secret VM, a Google interview — all of that is below.
Read more →
Total votes 20: ↑19 and ↓1+18
Comments0

Writing a wasm loader for Ghidra. Part 1: Problem statement and setting up environment

Reading time7 min
Views12K

This week, NSA (National Security Agency) all of a sudden made a gift to humanity, opening sources of their software reverse engineering framework. Community of the reverse engineers and security experts with great enthusiasm started to explore the new toy. According to the feedback, it’s really amazing tool, able to compete with existing solutions, such as IDA Pro, R2 and JEB. The tool is called Ghidra and professional resources are full of impressions from researchers. Actually, they had a good reason: not every day government organizations provide access to their internal tools. Myself as a professional reverse engineer and malware analyst couldn’t pass by as well. I decided to spend a weekend or two and get a first impression of the tool. I had played a bit with disassembly and decided to check extensibility of the tool. In this series of articles, I'll explain the development of Ghidra add-on, which loads custom format, used to solve CTF task. As it’s a large framework and I've chosen quite complicated task, I’ll break the article into several parts.

By the end of this part I hope to setup development environment and build minimal module, which will be able to recognize format of the WebAssembly file and will suggest the right disassembler to process it.
Read more →
Total votes 18: ↑17 and ↓1+16
Comments1

Making Git for Windows work in ReactOS

Reading time10 min
Views4.9K

Good day to you! image


My name is Stanislav and I like to write code. This is my first english article on Habr which I made due to several reasons:



This article is an english version of my very first article on russian.


Let me introduce the main figures in this story who actually fixed the bug preventing Git from running in ReactOS — the French developer Hermès Bélusca-Maïto (or just Hermes with hbelusca nickname) and of course me (with x86corez nickname).


The story begins with the following messages from the ReactOS Development IRC channel:


Jun 03 18:52:56 <hbelusca> Anybody want to work on some small problem? If so, can someone figure out why this problem https://jira.reactos.org/browse/CORE-12931 happens on ReactOS? :D
Jun 03 18:53:13 <hbelusca> That would help having a good ROS self-hosting system with git support.
Jun 03 18:53:34 <hbelusca> (the git assertion part only).
Read more →
Total votes 44: ↑43 and ↓1+42
Comments1

Chemistry lesson: how to expose a microchip's crystal for photography

Reading time6 min
Views2K

Introduction


If you have dabbled into microchip photographing before, then this article will probably not offer much to you. But if you want to get into it, but don’t know where to start, then it’s exactly for you.


Before we start, a fair warning: while the procedure is quite entertaining, at first it’ll probably be physically painful. The chemicals used during the process are toxic, so please handle them carefully – that way it’ll still hurt, but less so. Also, if you have even a slight amount of common sense, conduct the procedure in a fully-equipped chemical laboratory under supervision of trained professionals: we’ve had to deal with people who tried to do it at home immediately after reading the guide. And finally: if you don’t know whether you need to pour acid into water or water into acid without a Google search and don’t realize what this lack of knowledge will entail – stop reading this immediately and go to a chemistry 101 course in a local college or something.


Read more →
Total votes 25: ↑24 and ↓1+23
Comments0

Authors' contribution