[Ideas for future eps]

Would be cool if chris went over grabbing the private key from an ssl certificate and use it to view ssl traffic in wireshark.

[Episode 4x11]

nice episode, seemed much more relaxed this episode.

[Coding challenge]

I thought olly only decompiled code to assembly. It can decompile to C++? PLEASE Let me know how or PM me link to a tutorial. thanks

Dunno if that was sarcasm or not... So I will answer as if it isn't.

Ollydbg cannot do that.

IDA on the other hand can generate pseudo C with a plugin.

[[C#] Local proxy?]

I am trying to redirect all outgoing traffic on a port to my application to process and finish sending.

Anyone have some example code to do this?

[AI programming]

if, tons and tons of ifs.

[MyspaceJuke Myspace Music Downloader!]

I went to Borders yesterday to look for Books on ASM and Debugging and Dissasemblers, and they had nothing. Know of any good books(aside from looking online, I'd rather have some offline material to go over while at work) to get started? Like an ASM Bible or something. How did you get started with ASM?

http://www.tuts4you.com/

Welcome to Tuts 4 You the home of Reverse Code Engineering!

This site is dedicated to all the researchers and reverse engineers interested in Reverse Code Engineering (RCE) techniques and practices and all things related.

You will be able to find a wide breadth of information retained on this site to help in your research ranging from; anti-debugging, virtual machines, unpacking, coding, disassembling, debugging, keygenning, cryptography and much, much more.

On the left is the main control menu which you can use to tour around this site for the areas you wish to view and access. All latest releases are shown on the right under Latest Downloads menu. Before you begin browsing this site you may also want to take a few minutes to read through the FAQ page because a lot of common questions that get asked about this site have already been answered there.

Should you have any questions or queries regarding RCE please do not feel afraid to ask on the community forums.

A nice site for reversing resources.

And a good tutorial series for learning reversing.

http://www.tuts4you.com/download.php?list.17

[MyspaceJuke Myspace Music Downloader!]

The reason behind this, is that simply put, new/delete call the constructors/destructors of an object. malloc()/free() won't. Indeed, you can use new to allocate raw memory, but this is not its main usage. Use one, and stick with it. Want to keep using malloc/free? Go back to C.

From what I can see, you're just coding C, so don't advertise it like C++. I don't see classes, I don't see any heritage, I don't see any kind of OO programming.

In C++, we don't use char *. char* is a pointer to a char. char* to string literal is deprecated in C++. See ISO 14882:2003 Annex C Subclause _lex.string. Use char const* to point at the first character of a string literal. Use std::string::c_str() to get a char const* to a c string from std::string. For old C functions that accept char* and promise not to alter the string, you may use const_cast.

The reason why people actually use a different file for headers and code, is that they're two distinct things. I haven't looked at your code, so I'm just assuming a few things, but this is what you should know:

It is "ok" to put member functions of an object in the header if it is a one liner (e.g: int getX() { return x; }). It is not OK to put whole functions in the header file. Yes "it works", but it's wrong.

Want an argument about that? Sure:

The first reason one could use, is that it's just easier to maintain. Having correctly organised files is a huge time-saver, and allows for anyone new to the project to get a sense of direction fairly quickly. Having a ton of different shit in a few files is the best way to confuse the shit out of everyone.

The second point is the whole inline mess.

If you declare a function in a header, it must be inline. In any case, then it will appear in every .o that includes the header. Marked inline won't give collisions because it will be put in a special 'link once' section. The implication is thus: longer compile times and link times, more diskspace etc etc... You should only inline functions that are small and need it for run time speed.

You may feel these are little cons, but trust me, it's poor practise, and poor coding style. You'll get slammed for it if you do something like that at work or in any kind of official (read collaborative) coding project.

I think as a whole, you should probably try to pick up C++ as a language; cuz you're just coding C. None of what I've seen is C++. Oh yeah. You use std::string. At least you don't abuse using namespaces.

Someone is a bit pissy.

[Do you code software?]

Problem is that sometimes in the corners of the internet people do not know you and that person completely gets away with it.

Just something about spending weeks working on something just to have someone else take all the credit is like a swift kick to the balls.

[Do you code software?]

Agreed.

I love sharing my knowledge with others but it pisses me the fuck off when others take your hard work and plaster their name on it.

[Assembly Language]

You were using functions specific to the 9.0 runtime.

As for the .NET dependency for C#, most up to date Windows systems have the latest .NET framework installed.

I also believe this is bad advice. Don't learn Assembly as your first language.

nah, actually there is a library in the VS9 lib folder named MSVCRT.lib which is actually MSVCR90.lib.

Made a new folder C:\MSVCRT\ and plopped the real MSVCRT.lib file into it and then added it as a library directory and it compiled using MSVCRT.dll.

Although it gave me some warnings.

1>LINK : warning LNK4098: defaultlib 'LIBCMT' conflicts with use of other libs; use /NODEFAULTLIB:library
1>Generating code
1>Finished generating code
1>MSVCRT.lib(cinitexe.obj) : warning LNK4254: section '.CRT' (40000040) merged into '.data' (C0000040) with different attributes
1>MSVCRT.lib(cinitexe.obj) : warning LNK4254: section '.CRT' (40000040) merged into '.data' (C0000040) with different attributes

adding /NODEFAULTLIB breaks it but I didn't seem to matter with those warnings.

[Assembly Language]

To disable MSVCRT90.dll

simply change /MD to /MT

I haven't seen how to have it use MSVCRT.dll though, I would imagine you just import the library.

edit:

Tried importing msvcrt.lib and it used msvcrt90.dll 0,o...

[Assembly Language]

Mine never links to that 0,o...

nm it does,

let me look how to disable.

[Assembly Language]

java is dependent on the java framework XD.

Also you probably werent using MSVC++ 2008 right because you can code unmanaged code in it

[Assembly Language]

Thanks for that positive reinforcement. ;)

Actually, part of what goes on around here is we like to debate over stuff like this. It gets old after a while, but it's nice to get other peoples perspective on things and you can make your mind up for yourself on what direction to go in after reading everyones opinions. Consensus does not mean any one language is better than the other, just that more people like it over another.

I personally would love to learn assembly more in depth as right now I can see how much it helps. Especially in the debugger/dissasembler department while trying to break down malware to see what they are really doing.

There is a difference between debating and bashing languages.

also steve C# is basically java made by microsoft XD.

[Assembly Language]

Wow this thread quickly turned from a simple question into a "My language is better, fuck you".