Mach-O binary offset calculator

I made a mistake in this tutorial! The way to calculate offsets to patch is wrong because I commited an inference error (analysed only a few binaries and assumed it to be correct). Found this while creating a program to calculate everything automatically. Check the code if you are interested in understanding how it’s done. Meanwhile I will update the tutorial… Without any further delays, I present you with Binary offset calculator....

March 13, 2009 · 2 min · 333 words · fG!

Why is kernel debugging fun?

Just look at this: I just got Little Snitch to keep working even with network filter being off (that should be equivalent to expired 3 hour trial). The game is still not over because only the Once button is working but it seems I have my entry point 😄. Little Snitch works by using a socket filter (Apple document here) installed when kernel module starts (Correction: Little Snitch kernel module is an IOKit driver and not a simple kernel extension)....

March 9, 2009 · 1 min · 118 words · fG!

Mac OS X Kernel debugging with VMware

I love VMware (used it since its first releases) and I love it even more now 😄. Yesterday I had the not so crazy idea (and not original) to use VMware for Mac OS X kernel debugging because newest Little Snitch version seems to have a new anti-debug trick and I don’t have another Mac at hand. After some trial and error I managed to get it working, so let’s show how it’s possible....

March 5, 2009 · 7 min · 1407 words · fG!

Serial phishing tutorial !!! It’s hot hot hot ;)

Hey, today is a slow day and I got a suggestion to write about serial phishing. Someone else suggest an easy target and here it is a tutorial about serial phishing. The target is a very easy one so you should be able to understand everything and practice your GDB skills a little more. Here are the files: serial-phishing.txt macdvix.dmg (SHA1(MacDviX.dmg)= 9eb463acff18d003c4a0d619171ce0cd93bc53e6) (Unfortunately I lost the installer and can’t find it on my backups 😦)....

February 23, 2009 · 1 min · 92 words · fG!

World’s best Mac OS X reversing tutorial for newbies (or maybe not!)

Things are a bit slow around here. GMAT is taking most of my free time and day job been busy. Last week I had some free time and decided to take on this small project. By popular demand here it is, a long tutorial explaining how to reverse/crack a Mac OS X application, starting with tools (GDB and otx) and then a step by step of how to crack a time trial protection....

February 23, 2009 · 2 min · 223 words · fG!