New Bug Found in NSA’s Ghidra Tool

A medium severity bug reported on Saturday impacts Ghidra, a free, open-source software reverse-engineering tool released by the National Security Agency earlier this year. The vulnerability allows a remote attacker to compromise exposed systems, according to a NIST National Vulnerability Databas...

EfiGuard - Disable PatchGuard And DSE At Boot Time

EfiGuard is a portable x64 UEFI bootkit that patches the Windows boot manager, boot loader and kernel at boot time in order to disable PatchGuard and Driver Signature Enforcement DSE. Features Currently supports all EFI-compatible versions of Windows x64 ever released, from Vista SP1 to Server...

NSA to release its GHIDRA reverse engineering tool for free

The United States' National Security Agency NSA is planning to release its internally developed reverse engineering tool for free at the upcoming RSA security conference 2019 that will be held in March in San Francisco. The existence of the framework, dubbed GHIDRA, was first publicly revealed by...

Sandsifter - The X86 Processor Fuzzer

The sandsifter audits x86 processors for hidden instructions and hardware bugs, by systematically generating machine code to search through a processor's instruction set, and monitoring execution for anomalies. Sandsifter has uncovered secret processor instructions from every major vendor;...

Delving deep into VBScript

In late April we found and wrote a description of CVE-2018-8174, a new zero-day vulnerability for Internet Explorer that was picked up by our sandbox. The vulnerability uses a well-known technique from the proof-of-concept exploit CVE-2014-6332 that essentially "corrupts" two memory objects and...

CVE-2016-8390

An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file wi...

CVE-2016-8390

An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file wi...

Out-of-bounds

An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file wi...

CVE-2016-8390

CVE-2016-8390 concerns Hopper Disassembler 3.11.20, where the ELF Section Headers parsing has an out-of-bounds write due to attacker-controlled data in the section header table. Multiple connected sources describe a vulnerability in ELF parsing that can cause memory corruption via a crafted ELF f...

CVE-2016-8390

An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file wi...

PT-2018-5002 · Unknown · Hopper Disassembler

Name of the Vulnerable Software and Affected Versions: Hopper Disassembler version 3.11.20 Description: An exploitable out of bounds write issue exists in the parsing of ELF Section Headers. A specially crafted ELF file can cause attacker-controlled pointer arithmetic, resulting in a partially...

Peanalyzer - Advanced Portable Executable File Analyzer And Disassembler

Advanced Portable Executable File Analyzer Python 3.6.4 Tested Working Usage python pyanalyzer.py --file file.exe --show all python pyanalyzer.py --file file.exe --disassemble all Video Dos Header File Header Optional Header Section Headers...

RetDec - A Retargetable Machine-Code Decompiler

RetDec is a retargetable machine-code decompiler based on LLVM. The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code. Supported architectures 32b...

Retargetable Machine-Code Decompiler: RetDec

RetDec is a retargetable machine-code decompiler based on LLVM . The decompiler is not limited to any particular target architecture, operating system, or executable file format: Supported file formats: ELF, PE, Mach-O, COFF, AR archive, Intel HEX, and raw machine code. Supported architectures 32...

radare2 denial of service vulnerability (CNVD-2017-32251)

radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in the 'wasmdis' function in the libr/asm/arch/wasm/wasm.c file in radare2 version 2.0.0. A remote attacker can exploit this vulnerability to cause a denial of service stack-based buffer...

Disassembler and Runtime Analysis

This post was authored by Paul Rascagneres.IntroductionIn the CCleaner 64bit stage 2 previously described in our blog, we explained that the attacker modified a legitimate executable that is part of "Symantec Endpoint". This file is named EFACli64.dll. The modification is performed in the runtime...

Hopper Disassembler ELF Section Header Size Code Execution Vulnerability(CVE-2016-8390)

Summary An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper App. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with...

APKiD - Android Application Identifier for Packers, Protectors, Obfuscators and Oddities

APKiD gives you information about how an APK was made. It identifies many compilers, packers, obfuscators, and other weird stuff. It's PEiD for Android. For more information on what this tool can be used for, check out: Android Compiler Fingerprinting Detecting Pirated and Malicious Android Apps...

Plasma - An Interactive Disassembler for x86/ARM/MIPS

PLASMA is an interactive disassembler. It can generate a more readable assembly pseudo code with colored syntax. You can write scripts with the available Python api see an example below. The project is still in big development. wiki : TODO list and some documentation. It supports : architectures ...

GNU Binutils 'opcodes/i386-dis.c' File Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives. A security vulnerability exists in the...