194 matches found
Using LLMs as a reverse engineering sidekick
This research explores how large language models LLMs can complement, rather than replace, the efforts of malware analysts in the complex field of reverse engineering. LLMs may serve as powerful assistants to streamline workflows, enhance efficiency, and provide actionable insights during malware...
CVE-2024-44083
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
CVE-2011-1049
Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Macho-O file...
Our secret ingredient for reverse engineering
Nowadays, a lot of cybersecurity professionals use IDA Pro as their primary tool for reverse engineering. While IDA is a complex tool that implements a multitude of features useful for dissecting binaries, many reverse engineers use various plugins to add further functionality to this software. W...
Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst
Posted by Ivan Fratric, Google Project Zero Recently, one of the projects I was involved in had to do with video decoding on Apple platforms, specifically AV1 decoding. On Apple devices that support AV1 video format starting from Apple A17 iOS / M3 macOS, decoding is done in hardware. However,...
CVE-2024-44083
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue...
CVE-2024-44083
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue...
CVE-2024-44083
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue...
CVE-2024-44083
CVE-2024-44083 affects Hex-Rays IDA Pro (IDA64.dll)
CVE-2024-44083
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue...
RESim - Reverse Engineering Software Using A Full System Simulator
Reverse engineering using a full system simulator. Dynamic analysis by instrumenting simulated hardware using Simics Trace process trees, system calls and individual programs Reverse execution to selected breakpoints and events Integrated with IDA Protm debugging client Fuzz with a customized AFL...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
Memory corruption
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
CVE-2022-32441
The CVE-2022-32441 entry describes a memory corruption in Hex-Rays IDA Pro v6.6 that can cause a Denial of Service via a crafted file. The root cause is described as Data from Faulting Address controlling the subsequent Write Address starting at msvcrt!memcpy+0x56. The vulnerability affects IDA P...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
FindFunc - Advanced Filtering/Finding of Functions in IDA Pro
FindFunc is an IDA Pro plugin to find code functions that contain a certain assembly or byte pattern, reference a certain name or string, or conform to various other constraints. This is not a competitor to tools like Diaphora or BinNavi, but it is ideal to find a known function in a new binary f...
VulFi - Plugin To IDA Pro Which Can Be Used To Assist During Bug Hunting In Binaries
The VulFi Vulnerability Finder tool is a plugin to IDA Pro which can be used to assist during bug hunting in binaries. Its main objective is to provide a single view with all cross-references to the most interesting functions such as strcpy, sprintf, system, etc.. For cases where a Hexrays...