Hi! I just updated the crackmes with #5 from MSJ challenge and added a new tool for encrypting/decrypting apple encrypted binaries. I had planned to do this tool but it鈥檚 great that someone did it first! It鈥檚 good to see people developing tools for OS X, even if they are very simple. Thank you to the author and to the guy who pointed me to it and sent the crackme 馃槈....
I had this one working for a long time but I hadn鈥檛 released it because I was trying to hijack fork and vfork calls. My objective was to introduce an int3 so I could attach the debugger to a selected process. At that time I suspected that VLOK was forking and I couldn鈥檛 debug the new process since follow on fork GDB function isn鈥檛 implemented in OS X (so this looks like a good idea for a protection 馃槈)....
Hello, I have just added a page to collect crackmes for OS X. I have added the ones that I already had and some recommended from user comments. Since corruptfire.com seems down I cannot retrieve the other ones they had. If you have more crackmes please mail them to me so I can add them to the page. It would be nice to start having more crackmes developed for OS X....
I was bored and decided to fix gdbinit to support 64 bit binaries. I had tried it before but the solution was a piece of crap (not that this one is much better). I was testing the registers to see if the binary was 32 or 64 bit. Now there is a default setting to 32 bit (change it if you want to default to 64 bit) and two commands, 32bits and 64bits to change between the two types of targets....
I have been thinking about this and how to get this blog back to life. My free time has been almost zero but I miss the motivation to put my brain to tinker and create new things to publish, because reversing and everything around it sometimes is a great relaxing activity for me. The last couple of days I had to revisit one of my favourite books ever, where it is written that 鈥淒O NOT COVET YOUR IDEAS: Give away everything you know, and more will come back to you....