This is static copy of The Legend of Random as it was on Thu, 19 Sep 2013. Some of the links are not functional. View the source code on GitHub.

New Weekly Challenge

by on Sep.26, 2012, under Challenges

I have just posted this week’s challenge. It is a very simple patch, but unfortunately, you can’t patch it :)

The object is to use code caves in order to display a message box that, after entering a username/password combo, says “Please try this password: XXXXXX” where “XXXXXX” is the correct password for the target for that username. Then, after entering the proper username/password, the target should display the goodboy.

For extra credit, have the target copy the proper password into the clipboard, so that when we re-run the target, we enter the username and simply paste in the correct password from the clipboard.

The challenge is located on the challenges page as “crackme #4″.

Good luck.

No tags 6 Comments more...

The Year So Far (In Spam)

by on Sep.25, 2012, under Random's Ramblings

Securelist has released a report on spam usage for this year. apparently, overall spam has dropped 1.6% (yippee) to 70.2%. Of this 70.2%, 69.8% is directed at this site, so at least the Legend Of Random moderators are keeping all other sites on the internet pretty spam-free.

Another interesting statistic is that the vast majority of US spam originated in the US (bastards):

and the biggest categories for spam are finance and medicine:

Here’s my suggestion. We create a botnet from half of the spammers computers by sending them emails containing malicious programs. We then commandeer this botnet to mass spam the other half of the spammers computers. Maybe the first set will blow up the second set…

No tags 1 Comment more...

R4ndom’s Guide to RadASM: Creating Our First Project

by on Sep.24, 2012, under Beginner , Tools , Tutorials

We continue our tutorials on RadASM by creating a new project that creates a dialog box with two bitmaps and two buttons. You can download the required files in the download of this tutorial on the tutorials page.

(continue reading…)

No tags 4 Comments more...

Shellcode Converter Released by Levis

by on Sep.24, 2012, under Tools

Levis (of the REPT team) has released a new shellcoder’s tool, ShellOp Converter. This tool allows you to enter shellcode, then view the appropriate opcodes, as well as a disassembly of the code:

You can download the tool on the tools page.

No tags Leave a Comment more...

New Version of TLSCatch Olly Plugin Released

by on Sep.24, 2012, under Tools , Uncategorized

Just in time for my next tutorial on TLS callbacks, Waliedassar has been gracious enough to release a new version of his awesome plugin TLSCatch for OllyDBG 1.0. In case you don’t know, TLS callbacks allow code to be run BEFORE Olly has a chance to trap execution. This technique is used often (and more and more so recently) by malware to thwart reverse engineers. TLSCatch enables Olly to stop execution at the beginning of a TLS callback, allowing the very first code that is run in the executable to be viewed.

You can download v 0.3 on the tools page. I will also be including it in the download of my next tutorial.

No tags 2 Comments more...

Looking for That Perfect Cracking Assistant

by on Sep.22, 2012, under Tools , Uncategorized

As some of you know, in the forums I brought up what the ultimate cracking/reversing tool would look like. There are several cracking tools out there. By ‘cracking tool’ I mean tools that are specifically designed to make a cracker/reverse engineer’s life easier. These currently include such features as

  • Conversion between hex, decimal, binary, ASCII etc.
  • Trying out various encoding/decoding algorithms for text.
  • Running various hashes on a string.
  • Bruteforcer.
  • Performing various encryption schemes (AES, Blowfish…).
  • Scanning for cryptographic signatures.
  • Performing various bit modifications (AND, OR, XOR…)

I decided to have a look at some of the various tools that perform some of these functions, just to get a frame of reference on what’s available and what’s not. I have thus compiled a list of the more popular ones, what their functions are, and my opinion of them. At the end, I will propose some addition features that would go into an ‘ideal’ tool. Who knows, maybe someone will pick up the charge.

Note: I will not be including any tools that just do one thing, for example packer detectors that only identify packers.

(continue reading…)

No tags 6 Comments more...

R4ndom’s Guide to RadASM: Installing and Set Up

by on Sep.21, 2012, under Beginner , Reverse Engineering , Tutorials

RadASM is a very good IDE (Integrated Development Environment: think Visual Studio) for developing in most programming languages, though assembly language is where it shines. Not only is it one of the few IDEs out there that will work with assembly language, but the author has also put a significant amount of time and effort into it, making it extremely feature rich and robust. Many people use inline assembly in Visual Studio (using __Asm directives) but you really can’t get the level of control in these big-name IDEs as you can in this product. I used WinASM, a very good product, for years, but when I finally tried RadASM, it felt like someone had created it that really knew assembly language, and the hardships that can bring.

In this series of tutorials I will go over installing RadASM, running it, and creating programs in it, as well as some additional plugins and features. In the download for this tutorial (available on the tutorials page) I have included all of the installation files for RadASM, as well as the Masm SDK, providing everything you need to program in assembly language. So let’s get started.

Please keep in mind that this is not an assembly language nor a Windows programming tutorial. It is assumed that both of these have already been learned. If you are rusty (or a beginner) I highly recommend the Windows assembly tutorials by Iczelion. Fortunately, they are also based on RadASM, so the transition should be very easy.

http://www.woodmann.com/RCE-CD-SITES/Iczelion/index.html

(continue reading…)

No tags 9 Comments more...

R4ndom’s Tutorial #22: Code Caves and PE Sections

by on Sep.20, 2012, under Intermediate , Reverse Engineering , Tutorials

In this tutorial we will be talking about code caves as well as PE sections, and touching on the PE header. We will be adding code caves to two crackmes, both available in the download of this tutorial. We will also be using the Multimate Assembler plugin which is also available in the download, as well as LordPE and CFF Explorer which are available on the tools page. This tutorial, as well as all of my others, can be downloaded on the tutorials page.

(continue reading…)

No tags 9 Comments more...

Click and Drag (and drag and drag and…)

by on Sep.19, 2012, under Uncategorized

This is a fun little comic , as well as an interesting web hack. If you would like to see how it’s done, click here .

No tags 2 Comments more...

New eBook released: Network Forensic tracking

by on Sep.19, 2012, under Uncategorized

As a nice follow up to my last post about the hacker getting his laptop back, here is an ebook free for download .

check it out.

No tags 1 Comment more...

Copyright © 1996-2010 The Legend Of Random. All rights reserved.
Jarrah theme by Templates Next | Powered by WordPress