profile
viewpoint
Glenn Smith CouleeApps Vector35 Vermont Security, games, game "security." C++/Rust and sometimes web/C#. @RPISEC

CouleeApps/mach_inject_32 7

Inject libraries into 32 processes on macOS Mojave

CouleeApps/MenuBarFilter 4

iOS-like dark menu bar for OSX

CouleeApps/DifViewer 3

Renders .dif files (MB Specification)

CouleeApps/bn_function_view 2

Function dialog with all of the parameters, like I've always wanted (except not pretty)

CouleeApps/BlazeBall 1

3D game engine, planned on turning into a marble game

CouleeApps/ropthing 1

ROP plugin for binja, in attempts to do Cool Stuff TM

CouleeApps/SpotifyOriginalMixer 1

Gets the Original Mix and Extended Mix for songs in trance radio shows

CouleeApps/ArgsGenerator 0

Generates C API functions for Torque 3D that will be used for linking with C#

CouleeApps/assimp 0

Official Open Asset Import Library Repository. Loads 40+ 3D file formats into one unified and clean data structure.

CouleeApps/backtrace-rs 0

Backtraces in Rust

starteddarksylinc/betsy

started time in a day

startedzenorogue/hyperrogue

started time in 3 days

startedetu/webpaste.el

started time in 6 days

startedapple/swift-nio-ssh

started time in 7 days

startedphilc/vimium

started time in 7 days

startedzardus/ezmp

started time in 8 days

startedCouleeApps/bn_function_view

started time in 9 days

fork dobrakmato/vulkano

Safe and rich Rust wrapper around the Vulkan API

fork in 9 days

startedytdl-org/youtube-dl

started time in 10 days

startedtamius-han/ultrawidify

started time in 10 days

startedpkeir/cest

started time in 10 days

startednix-rust/nix

started time in 13 days

fork zwade/cpython

The Python programming language

https://www.python.org/

fork in 14 days

startedAliveToolkit/alive2

started time in 16 days

startedgsingh93/pollard-p-minus-one

started time in 16 days

startedcoljamkop/eww-layer

started time in 16 days

startedjboulter11/VotingSim

started time in 18 days

startedzwild/eshell-prompt-extras

started time in 20 days

startedCouleeApps/mach_inject_32

started time in 22 days

created repositorydobrakmato/corona-data-slovakia

created time in 23 days

startedairbus-seclab/crashos

started time in 23 days

PublicEvent

issue commentVector35/debugger

Self-Modifying Code

Certainly. You can definitely use BN to write new bytes directly into its binaryview based on the unpacked file contents. Just use the debugger view to copy bytes as hex and paste them into the binary view. There's no automation that does it automatically, but it should work fine otherwise.

johannesmono

comment created time in a month

startedgithub/gitignore

started time in a month

issue commentVector35/debugger

Self-Modifying Code

I can't second this hard enough. Alternatively there were a way to perhaps guide BN through making the same modifications the code itself would?

I'm currently fiddling with a Windows binary that was packed with PECompact v3. At about four instructions in from the entry point, eax is xor'd to set its value to 00000000 which is then passed as eip which of course throws an exception. Said exception is caught via SEH, wherein a bunch of stuff appears to happen ending with eax being set to the correct value and execution then proceeds.

As far as BN can tell though, the binary is just.... FUBAR'd.

johannesmono

comment created time in a month

startedborzacchiello/seninja

started time in a month

startedVector35/arch-x86

started time in a month

startedpwncollege/pwnkernel

started time in a month

startedlrvick/youtube-dl

started time in a month

startedmietek/sf

started time in a month

more