Malware Developmet

Disassemble stripped binary A stripped binary is a program that is compiled with a strip flag that tells the compiler to discard these debugging symbols and compile to program  Simply, A binary with no debugging symbol  In GCC if we want strip a binary we can compile with -s option/parameter In normal program debuggers like GDB disassembles a binary using those mechanisms Debug Information: GDB relies on debug information that is often generated during the compilation of a program with debugging symbols enabled. These symbols provide a mapping between the source code and the corresponding machine code instructions. Symbol Table: The debug information includes a symbol table that associates functions, variables, and other code elements with their memory addresses and data types. This information is crucial for GDB to understand the structure of the program.   So lets cut to the chase Here is how we disassemble stripped binary  I have created some c program for te...

  Description Can you get the flag? Reverse engineer this binary .   Hint:    What is UPX? Solution First I was trying to see upx and i downloaded it   sudo apt install upx   check out this link to learn more about upx   https://upx.github.io/   It is free open source executable packer and decompresser tool and as the hint for this challenge says we have to check upx and how it works. Step-1: Lets decompress our packed executable file        Step-2:   Now we can disassemble or de-compile. we can do what ever we want to the binary Personally, I use radare2 for disassemble  Now Lets Disassemble the program So here is our disassembled code at 0x00401e9c the program print what is my favorite ..... at 0x00401ec0 it takes input using scanf function at 0x00401ec8 the program is trying to compare the integer we input and this hex 0xb83cb Step-3:    Lets try to convert it to decimal the hex Now lets try this intege...

Description Find the pass, get the flag. Check out this file .   Solution    lets decompile the app using jadx-gui    Link to download jadx-gui   wget https://github.com/skylot/jadx/releases/download/v1.1.0/jadx-1.1.0.zip unzip jadx-1.1.0.zip -d jadx cd jadx ./jadx-gui           Lets launch and open two.apk and seek to com.hellocmu.picoctf.FlagstaffHill         At this function we have seen an array containing string and the if condition is trying to access the array.   Above that there is a variables and i try to represent those like this      then I create a simple python program because I don't like in Java for real. here is the program         Now, lets try this password    dismass.ogg.weatherwax.aching.nitt.garlick   Flag: picoCTF{what.is.your.favourite.colour}    

  Malware is malicious software specifically designed to damage, steal, or exploit information from computer systems and networks. It can take various forms, such as viruses, worms, Trojans, ransomware, and spyware. Developing, distributing, or using malware is against the law and can lead to severe legal consequences, including fines and imprisonment. It is essential to use your programming skills for legitimate and ethical purposes, such as creating useful applications, enhancing cybersecurity, and contributing positively to the digital world. If you are interested in cybersecurity, ethical hacking, or learning how to protect computer systems from potential threats, there are legitimate and legal ways to pursue knowledge and training in these fields. There are various courses, certifications, and resources available that focus on ethical hacking and cybersecurity practices. By choosing the ethical path, you can contribute positively to society and help create a safer and more sec...