Pinboard (jm)
https://pinboard.in/u:jm/public/
recent bookmarks from jmBlock YouTube Ads on AppleTV by Decrypting and Stripping Ads from Profobuf2023-08-29T08:25:08+00:00
https://ericdraken.com/pfsense-decrypt-ad-traffic/
jmblocking protobuf youtube google protocols appletv apps reverse-engineeringhttps://pinboard.in/https://pinboard.in/u:jm/b:9567c6ad4947/Introducing VirusTotal Code Insight: Empowering threat analysis with generative AI2023-04-27T09:55:54+00:00
https://blog.virustotal.com/2023/04/introducing-virustotal-code-insight.html
jmImpressively, when these models are trained on programming languages, they can adeptly transform code into natural language explanations. [...]
Code Insight is a new feature based on Sec-PaLM, one of the generative AI models hosted on Google Cloud AI. What sets this functionality apart is its ability to generate natural language summaries from the point of view of an AI collaborator specialized in cybersecurity and malware. This provides security professionals and analysts with a powerful tool to figure out what the code is up to.
At present, this new functionality is deployed to analyze a subset of PowerShell files uploaded to VirusTotal. The system excludes files that are highly similar to those previously processed, as well as files that are excessively large. This approach allows for the efficient use of analysis resources, ensuring that only the most relevant files (such as PS1 files) are subjected to scrutiny. In the coming days, additional file formats will be added to the list of supported files, broadening the scope of this functionality even further.
(via Julie on ITC Slack)]]>virustotal analysis malware code reverse-engineering infosec securityhttps://pinboard.in/https://pinboard.in/u:jm/b:8b4cef2b2507/moyix/gpt-wpre: Whole-Program Reverse Engineering with GPT-32023-03-20T11:07:38+00:00
https://github.com/moyix/gpt-wpre
jmThis is a little toy prototype of a tool that attempts to summarize a whole binary using GPT-3 (specifically the text-davinci-003 model), based on decompiled code provided by Ghidra. However, today's language models can only fit a small amount of text into their context window at once (4096 tokens for text-davinci-003, a couple hundred lines of code at most) -- most programs (and even some functions) are too big to fit all at once.
GPT-WPRE attempts to work around this by recursively creating natural language summaries of a function's dependencies and then providing those as context for the function itself. It's pretty neat when it works! I have tested it on exactly one program, so YMMV.
]]>gpt-3 reverse-engineering ghidra decompilation reversing llmhttps://pinboard.in/https://pinboard.in/u:jm/b:a04a9087ebec/Turning Google smart speakers into wiretaps for $100k2023-01-04T11:39:31+00:00
https://downrightnifty.me/blog/2022/12/26/hacking-google-home.html
jmI was recently rewarded a total of $107,500 by Google for responsibly disclosing security issues in the Google Home smart speaker that allowed an attacker within wireless proximity to install a “backdoor” account on the device, enabling them to send commands to it remotely over the Internet, access its microphone feed, and make arbitrary HTTP requests within the victim’s LAN (which could potentially expose the Wi-Fi password or provide the attacker direct access to the victim’s other devices). These issues have since been fixed.
]]>security google wiretapping exploits hacking iot reverse-engineeringhttps://pinboard.in/https://pinboard.in/u:jm/b:a2dc98e51556/Getting a root shell on a VTech Storio 3S tablet2022-12-20T16:39:45+00:00
https://ghettobastler.com/2022/12/04/vtech_storio_3s/
jmhardware hacking reverse-engineering vtech gadgets linux embedded-systemshttps://pinboard.in/https://pinboard.in/u:jm/b:856a8461c261/Hacking the Silvercrest (Lidl) Smart Home Gateway2022-01-19T12:17:03+00:00
https://paulbanks.org/projects/lidl-zigbee/#overview
jmreverse-engineering hacking gadgets iot lidl home home-assistanthttps://pinboard.in/https://pinboard.in/u:jm/b:7e191a3edcc6/Reverse Engineering Nike Run Club Android App Using Frida2022-01-17T10:15:05+00:00
https://yasoob.me/posts/reverse-engineering-nike-run-club-using-frida-android/
jmandroid scripting frida reverse-engineering security mobilehttps://pinboard.in/https://pinboard.in/u:jm/b:692a0527cb06/_The Ballot is Busted Before the Blockchain: A Security Analysis of Voatz, the First Internet Voting Application Used in U.S. Federal Elections_2020-02-13T14:56:06+00:00
https://internetpolicy.mit.edu/wp-content/uploads/2020/02/SecurityAnalysisOfVoatz_Public.pdf
jmvoting e-voting voatz security exploits android papers reverse-engineeringhttps://pinboard.in/https://pinboard.in/u:jm/b:7abec17f899f/Freeload -- "The Ocean Loader"2019-12-17T11:54:45+00:00
http://www.pauliehughes.com//freeload.htm
jmfreeload c=64 via:mikko history commodore-64 microcomputing reverse-engineering piracyhttps://pinboard.in/https://pinboard.in/u:jm/b:68e4c0e5fb14/How the Game Genie worked2018-02-09T11:26:03+00:00
http://www.eurogamer.net/articles/2016-09-24-game-genie-declassified-that-summer-i-played-230-game-boy-games
jm"Sometimes it was really easy to find cheats, because the code was very straightforward, and sometimes it was a massive pain in the arse," recalls Jon. "In simple terms, if a game started you with three lives I'd set up the logic analyser to stop when it found the value three being written to RAM. Then I'd use the Game Genie to change that 3 to say a 5, reboot the game and see if I started with 5 lives. If not, then I'd let it find the next time it wrote 3 into RAM and try that.
"Infinite lives codes were always the best. Once I'd found where in RAM the lives value was stored I'd then monitor when it got decremented. What I was looking for was where the game's original coder used -most likely - the DEC A (&H3D) instruction after reading the lives value from RAM, and then storing it back into RAM. If I found this then all I had to do was swap out the DEC A (&H3D) decrement operation with a NOP (&H00), which performed no operation. So the lives value would be left as-is and voila the player had infinite lives."
]]>games gameboy game-genie via:its logic-analysers reverse-engineering history hackinghttps://pinboard.in/https://pinboard.in/u:jm/b:7f2bfe0006e2/The Gremlin Loader2018-01-22T17:51:23+00:00
https://markhardisty.wordpress.com/2018/01/14/the-gremlin-loader/
jmpiracy reverse-engineering history zx-spectrum tape loaders gremlinhttps://pinboard.in/https://pinboard.in/u:jm/b:6ca5fc0f791f/How they did it: an analysis of emissions defeat devices in modern automobiles2017-06-20T14:18:22+00:00
https://blog.acolyer.org/2017/06/20/how-they-did-it-an-analysis-of-emissions-defeat-devices-in-modern-automobiles/
jmUsing CurveDiff, the team analysed 963 firmware images, for which analysis completed successfully for 924. 406 of the analysed images contained a defeat device, out of which 333 contained at least one active profile. In at least 268 images, the test detection affects the EGR. Firmware images released on Dec 3rd 2014 are used in VW Passat cars, and include the refinement to the defeat device to detect steering wheel angle that we discussed previously.
]]>cars driving emissions diesel volkswagen law regulation firmware reverse-engineeringhttps://pinboard.in/https://pinboard.in/u:jm/b:99140c6bd7a2/Reverse engineering the 76477 "Space Invaders" sound effect chip from die photos2017-05-02T11:32:34+00:00
http://www.righto.com/2017/04/reverse-engineering-76477-space.html
jmRemember the old video game Space Invaders? Some of its sound effects were provided by a chip called the 76477 Complex Sound Generation chip. While the sound effects1 produced by this 1978 chip seem primitive today, it was used in many video games, pinball games. But what's inside this chip and how does it work internally? By reverse-engineering the chip from die photos, we can find out. (Photos courtesy of Sean Riddle.) In this article, I explain how the analog circuits of this chip works and show how the hundreds of transistors on the silicon die form the circuits of this complex chip.
]]>space-invaders games history reverse-engineering chips analog sound-effectshttps://pinboard.in/https://pinboard.in/u:jm/b:08ec1c5c9802/Extracting the SuperFish certificate2015-02-19T21:56:54+00:00
http://blog.erratasec.com/2015/02/extracting-superfish-certificate.html#.VOZYG7CsVyQ
jmreverse-engineering security crypto hacking tls ssl superfish lenovohttps://pinboard.in/https://pinboard.in/u:jm/b:8f91913b0532/From Gongkai to Open Source2014-12-29T12:35:28+00:00
http://www.bunniestudios.com/blog/?p=4297
jmopensource china gongkai tinkering reverse-engineering bunnie-huang open-source mediatek copyright facts fair-use shanzhai patentshttps://pinboard.in/https://pinboard.in/u:jm/b:9c552f35dac4/#BPjMleak2014-07-08T08:53:04+00:00
https://bpjmleak.neocities.org/
jmhashes reversing reverse-engineering germany german bpjm filtering blocklists blacklists avm domains censorship fpshttps://pinboard.in/https://pinboard.in/u:jm/b:7ebb5a2bc5a1/Reversing Sinclair's amazing 1974 calculator hack - half the ROM of the HP-352013-08-31T20:44:55+00:00
http://files.righto.com/calculator/sinclair_scientific_simulator.html
jmIn a hotel room in Texas, Clive Sinclair had a big problem. He wanted to sell a cheap scientific calculator that would grab the market from expensive calculators such as the popular HP-35. Hewlett-Packard had taken two years, 20 engineers, and a million dollars to design the HP-35, which used 5 complex chips and sold for $395. Sinclair's partnership with calculator manufacturer Bowmar had gone nowhere. Now Texas Instruments offered him an inexpensive calculator chip that could barely do four-function math. Could he use this chip to build a $100 scientific calculator?
Texas Instruments' engineers said this was impossible - their chip only had 3 storage registers, no subroutine calls, and no storage for constants such as π. The ROM storage in the calculator held only 320 instructions, just enough for basic arithmetic. How could they possibly squeeze any scientific functions into this chip?
Fortunately Clive Sinclair, head of Sinclair Radionics, had a secret weapon - programming whiz and math PhD Nigel Searle. In a few days in Texas, they came up with new algorithms and wrote the code for the world's first single-chip scientific calculator, somehow programming sine, cosine, tangent, arcsine, arccos, arctan, log, and exponentiation into the chip. The engineers at Texas Instruments were amazed.
How did they do it? Up until now it's been a mystery. But through reverse engineering, I've determined the exact algorithms and implemented a simulator that runs the calculator's actual code. The reverse-engineered code along with my detailed comments is in the window below.
]]>reversing reverse-engineering history calculators sinclair ti hp chips silicon hackshttps://pinboard.in/https://pinboard.in/u:jm/b:189b1102b1d1/Literate Jenks Natural Breaks and How The Idea Of Code is Lost2013-02-18T16:41:08+00:00
http://macwright.org/2013/02/18/literate-jenks.html
jmjenks-natural-breaks algorithms chloropleth javascript reverse-engineering history software copyright via:nelsonhttps://pinboard.in/https://pinboard.in/u:jm/b:c9b9fb91dbe3/ChessBase.com - Chess News - A Gross Miscarriage of Justice in Computer Chess (part two)2012-01-04T22:07:43+00:00
http://www.chessbase.com/newsdetail.asp?newsid=7807
jmchess code games open-source licensing reverse-engineering copyright infringement via:nelsonhttps://pinboard.in/https://pinboard.in/u:jm/b:4a1f566d4544/Mallory: Transparent TCP and UDP Proxy – Intrepidus Group - Insight2011-04-13T21:34:43+00:00
http://intrepidusgroup.com/insight/mallory/
jmproxy security network sniffing transparent-proxies mobile reverse-engineeringhttps://pinboard.in/u:jm/b:f498cba129eb/Security Fix - Clampi Trojan: The Rise of Matryoshka Malware2009-08-01T10:21:06+00:00
http://voices.washingtonpost.com/securityfix/2009/07/clampi_trojan_the_rise_of_matr.html?wprss=securityfix
jmjoe-stewart secureworks malware reverse-engineering clampi trojans banking security danger risks windows microsoft fraudhttps://pinboard.in/u:jm/b:fef3de2648ed/