Skip to content

Category Archives: Malware forensics

Debugging the MBR with IDA Pro and Bochs

Analyzing the MBR is sometimes required during a forensic process, if you suspect a malicious activity that is not detected on-line. With static analysis, you may see if an obvious corruption happened, but you will need to debug to learn more. Prerequisite : IDA Pro (6.0) with the IDA Python plug-in (1.4.3) Steps : Prepare [...]

Posted 20 January 2011 § Assembler / Reversing § Security Comments (6) ° Tagged: , , , , , , ,

A link between Stuxnet and the OpenBSD IPSEC backdoor rumor ?

Found on Full Disclosure, a weired but troubling connection of two security affairs : the OpenBSD backdoor rumor and the stuxnet worm.

Posted 16 January 2011 § News § Security Comments (0) ° Tagged: , , , ,

Beware of source code (even from your favorite portal/forum/…)

The other day I stumbed upon a weired piece of software on howtoforge.com : dns-add (code on sourceforge.net). Actually, the purpose of dns-add was very intriguing : update your DNS in one command ! The output should look like this: Who would need it these days where all distros include tools and script to update [...]

Posted 24 April 2010 § Admin § Cryptography § Linux § openSUSE § Security Comments (3) ° Tagged: , , , , , , , ,