Home Previous
From UIC
UIC Essays
Risolviamo il crackme guelter2 [Crackme Contest 2011]
..Read more... (Viewed: 1017 times)
Today we're going to analyze Morto.A a malware which, in this weeks, is spreading in many Internet places. It's a worm that allows unauthorized access to an infected computer and tries to compromise administrator passwords for Remote Desktop connections, through RDP protocol, on a network. Indeed this threat infecting computers by targeting accounts that have "weak" passwords...
Read more... (Viewed: 1911 times)
Risolviamo il secondo crackme di Zorks56...
Read more... (Viewed: 1482 times)
We are going to talk about Trojan Banker Carberp from a Reverse Engineering point of view. Carberp is a Botnet delivered in the usual ways of Blackmarket selling, designed to be a Trojan Spy and specifically a Banker similar to SpyEye and ZeuS, able to perform Man in the Browser attacks, steal victim credentials, kill antivirus softwares, remove other bots like SpyEye and Zeus and much more.....
Read more... (Viewed: 5933 times)
Rootkit Banker Win64.Banker Reverse Engineering, this is the first rootkit able to steal banking account credentials even on x64 systems. We'll take a look into the functionalities of this interesting rootkit, focusing mainly on the techniques used to disable UAC, to install the certificate and to steal information from the infected machines...
Read more... (Viewed: 2633 times)
We are going to make a step forward starting from my previous tutorial about DKOM. In this one we are going to see an extended driver compared to the previous version and three main new things: a Windows service, a driver inverse call and signatures.
All targetting a Windows XP machine...Read more... (Viewed: 1960 times)
In this tutorial we are going to see how to setup a Debugging Environment for our Drivers. This is not a complete guide, it's just a quick tour intended to give a fast overview of Windbg and problems involved into Driver Debugging...
Read more... (Viewed: 9053 times)
We are going to make a small step forward starting from Quequero's tutorial about writing our first driver. In this small essay we are going to see a very easy (even thou not fully legit, i will explain later)
Direct Kernel Objects Manipulation targetting a Windows XP machine...Read more... (Viewed: 2351 times)
Just a little starter for people interested in starting Kernel-Mode Development. This tutorial is a flexible one, time by time I'll Reload and Expand it...
Read more... (Viewed: 4258 times)
Well, let's start this new year with an IRC Botnet commonly identified as Backdoor.AgoBot.
The aim of this paper is to show not only the Botnet itself, but also the Evolution of involved Droppers via a classical Reverse Engineering Approach. This time we will deal with .NET Targets, at the same time I want to show, from a classical Forensic point of view how informations can be carved out from such kind of Executables. Successively we will discuss about Generic Botnet Tracking process...Read more... (Viewed: 6558 times)
UIC lives on your donations only, if you like our effort, please support us :)
