For a long time I have been annoyed by the information displayed by otool -l because it mixes hexadecimal with decimal information. For example, offsets are displayed in decimal and relative to the CPU architecture in the fat binary. So I had to convert and calculate things by hand everytime I wanted to peek or modify something at the hex editor. HTE allows to see this information and even edit it, but it doesn’t support fat binaries (and I have to start it under iTerm to support the keyboard shortcuts – I didn’t want to waste time researching to get it to work with Terminal....

November was a pretty busy month with exams and assignments to be delivered. I have been having a lot of fun with the MBA since analysing financial statements is some kind of reverse engineering and I missed Economics stuff (I have a undergraduate degree in Economics). I really like to go outside the box for some time to gain new perspectives. Since the 1st term is finished, I decided to finally upgrade to Snow Leopard....

Some folks were complaining about problems with otx and Snow Leopard so I decided to boot my Snow Leopard install and give it a try… Well they were right since Snow Leopard compiles 64 bit binaries by default. otx v0.16b seems to have problems so you will need to download from the SVN and compile yourself the most recent version. If you try to follow the tutorial you will have problems because you will have 64 bit registers (rax instead eax, for example) so you need to adapt the tutorial....

Things have been very quiet since the beginning of September… Well my MBA has started and my free time until now has been ZERO! It has been a fun but very busy ride and comeback to the world of economics. The first weeks are recruit like, pretty intensive with many assignments to be delivered. The recruit is now over and I should have more free time for playing again with reversing 😄....

Here you have the patches I did for GDB: To fix problem with gdbinit To display raw bytes in x/i and disassemble commands To warn about possible number of sections anti-debug trick You can download a single patch for all changes or one for each individual change. A patched GDB binary for Intel only is available, if you trust my binaries (copy to /usr/libexec/gdb). PHP max upload size doesn’t let me add the patched source package (can’t change it due to its impact on others)....