donderdag 12 januari 2012

New blog, goto there;

So I havent been very active for a while, i apologize for that, i however plan to be more active on my other blog, on which i will be much more active since there is so much to write about.

This blog will become my dev blog, i will post sparsely but when i do you can expect quality content,
 so go to my other blog, follow, comment and hate.

zaterdag 7 januari 2012

Its been a while

So i havent blogged for a while, sorry guys.

But i havent done nothing, i have been figuring out how to code  the infector i was talking about earlier this week, and got all the information i need, i already got it to execute some of my own code manually by using a debugger/hex editor, nothing special, all it does is go back to the the original starting point and continue the program as if nothing happend, but hell, its a proof on concept, it actually worked!

You guys can expect a barebone, proof of concept program this week.
 (for the newbies: the program/virus will put some code (wich can basically do anything) inside a victim .exe file, so when the user decides to open the infected .exe file, all sorts of shit can happen, without the user noticing anything.)

Also the program is (will be*...) written in C++ instead of C, everytime i want to start a project in C i get scared off by weird shit like their file IO functions, just to let you know. 

Though i am kinda out of ideas what to do with such a program, maybe YOU have ideas as to for what to do with it, nothing scriptkiddy/blackhat, so no System("format C:/"); :-P.
(Maybe replace all strings of the victim with "trolololo" with the appropriate "lololo" size xD.)

dinsdag 3 januari 2012

Let's plays are awesome

hey guys,

As a lot of people i love to watch series, ive got a huge collection on my pc, most episodes watched so far are star trek, heroes and dragon ball /z (!).
But i occasionally also watch Let's plays of games, now usually you watch those because you care about the game, but i think you people should know about mikelat.

This guy is awesome, sure i love skyrim, but watching an LP of the game would be boring without his commentary, he knows exactly what interests me and is a boss at filling up boring parts.

  Also his coop Let's play of serious sam 3 is on my list of being watch currently, its funny when he makes references to other games wich would be great if they adapted a gameplay style like serious sam (*cough* duke nukem forever *couch*).

All in all i suggest you check this guy out, i will never watch an LP unless its by Mikelat.

maandag 2 januari 2012

Infecting an exe file

Hello viewer,

Today i will be blogging something more interesting, but not for the casual..
I decided to try to learn more about malware, since i already know loads about game "mods" and techniques (just theory) i might aswell try something myself.

I will be posting a guide/tutorial/whateveritwillbecome on writing a program that injects something, or possibly part of its own code into an executable, neato eh?

First of all lets start with the information i know, an exe file contains a header with important information, and mapable sections (people who have dabbled with reverse engineering know what i mean :-D)
my initial goal is to modify the EP (entry point) to point to my "evil" code, wich will return to the real origin after its done being evil.

after some quick googling i found a nice picture displaying the exe format in a simplistic way, the PE address is located in the Optional header (aka PE header) and is a RVA (relative virtual adress) so this needs to be converted to a usable address.

after our program has has collected the necasary data, we can begin to infect the file, i will be either searching for some unused space or somehow create my own, i am not sure of this but im sure that this will be resolved when im at the stage of writing the code :).

 This blog is just a bit of preperation on my side, i will be writing actual code soon when i feel like.

Hope i wasnt too technical.

zondag 1 januari 2012

Dear diary...

yesterday, after having lit all the firework (wich doesnt exactly start becoming more fun either) i broke my keyboard.
Dont you have those moments where you play a game of quake (quake live to be exact) and you play so bad that you actually get frustrated?
Well exactly that occured yesterday after having a few beers, very frustrating indeed it is, and my keyboard felt the  effects.

Dont worry, the keyboard wasnt expensive, a cheap black oldschool style benq keyboard, gotta love those oldschool IBM like ones.
Its a good thing that we have 2 spare keyboard here because im starting to fear that those keyboards with oldschool keys are starting to become rare, forcing weird ergonomic designs (wich strain my wrist really bad).

At the moment im using a spare keyboard, an oldschool one of the brand "mitsumi", never heard of it, but i like it, atleast this one doesnt have that annoying sleep button hehe.

ill post 2 pictures of both keyboards, the black one is the old benq, the "new" one is the mitsumi.

Wich one do you guys prefer?