Profile cover photo
Profile photo
Souhail Hammou
17 followers
17 followers
About
Souhail's posts

Post has attachment
RCTF 2017 - Crackme 714 pts Writeup
Crackme 714 pts (9 solves) : Please submit the flag like RCTF{flag} Binary download : here The crackme is an MFC application :   We can locate the routine of interest by setting a breakpoint on GetWindowTextW. Keep in mind that the input is in Unicode. Late...

Post has attachment
Nuit du Hack XV Quals - Reverse 350: Matrioshka step 4 (I did it again)
Binary file download : https://goo.gl/MhVl0g This script, when executed under IDA, writes the correct input to an output file : The flag is simply the md5sum of this file : Full write-up : http://resources.infosecinstitute.com/saving-time-effort-idapython/

Post has attachment
Boston key party 2015 - Community College Reversing 300 Writeup
Hi, The binary is a c++ compiled code under MIPS architecture. The binary takes the flag as a command line argument. The binary uses a c++ list to store the whole flag in binary form. The binary uses a class called Wires to store 3 'bits' (words in fact) in...

Post has attachment
Windows Internals - Thread resumption and synchronization objects
Hello, in the two previous blog entries I discussed how thread suspension works. I'll dedicate this post to share my research concerning thread resumption, it was crucial to explore some parts of the internal synchronization mechanisms to achieve a better u...

Post has attachment
Windows Thread Suspension Internals Part 2
Hi, In the last blog post I talked about both NtSuspendThread and PsSuspendThread kernel routines. If you didn't check the first part I recommend to check it first : here This part is dedicated to KeSuspendThread and KiSuspendThread routines (fun stuff). Le...

Post has attachment
Windows Thread Suspension Internals Part 1
Hi, It's been a while since I haven't shared anything concerning Windows internals and here I am this time to talk in detail about how Windows thread suspension and resumption works. I'm going to discuss the mentioned topics in this blog post and incoming o...

Post has attachment
ASIS CTF Finals 2014 - Satellite Reloaded Reverse 250 Writeup
Hello, I really enjoyed playing this CTF with Spiderz team and we ended at position 23. This reversing challenge was for 250 points , and here's a brief write-up about it : The binary expects a string as a command line argument and it starts in the beginnin...

Post has attachment
CSAW CTF 2014 - "saturn" Exploitation 400 Write-up
Hi, The description for this task was :     You have stolen the checking program for the CSAW Challenge-Response-Authentication-Protocol system. Unfortunately you forgot to grab the challenge-response keygen algorithm (libchallengeresponse.so). Can you stil...

Post has attachment
**
Hi, The description for this task was :     You have stolen the checking program for the CSAW Challenge-Response-Authentication-Protocol system. Unfortunately you forgot to grab the challenge-response keygen algorithm (libchallengeresponse.so). Can you stil...

Post has attachment
CSAW CTF 2014 - Ish Exploitation 300 Write-up
Hi, This time with a quick writeup . Well , I took some time to reverse the binary under IDA and I soon discovered that the vulnerability was a memory leak which leaks 16 bytes from the stack and the vulnerable function was cmd_lotto , here's the full explo...
Wait while more posts are being loaded