Learn Cyber Security

How to use Socat and Wireshark for Practical SSL Protocol Reverse Engineering? Secure Socket Layer (SSL) Man-In-the-Middle (MITM) proxies have two very specific purposes. The first is to allow a client with one set of keys to communicate with a service that has a different set of keys without either side knowing about it. This is typically seen as a MITM attack but can be used for productive ends as well. The second is to view the unencrypted data for security, educational, an reverse engineering purposes. For instance, a system administrator could set up a proxy to allow SSL clients that don’t support more modern SSL methods or even SSL at all to get access to services securely. Typically, this involves having the proxy set up behind your firewall so that unencrypted content stays within the confines of your local area. Being able to analyze the unencrypted data is very important to security auditors as well. A very large percentage of developers feel their services are adequat...

How to Analyze Applications With Olly Debugger? The process of analyzing a computer program’s structure, functions and operations without having source code available is called reverse engineering. In this article, I would like to introduce you the one of the most important tools for reverse engineers – Olly debugger. While reading this article, I will introduce Olly debugger, explain the basic features and functions and ways of using them, and later we will analyze two programs (crackmes). “Crackme” is a program that is used for practicing your reverse engineering skills. As reverse engineering of commercial applications may violate some laws, we will stay with crackmes during this article. In the first program, we will use program patching to change its functionality, in the second program we will try to reverse the algorithm behind its password checking routine. After reading the article, you should be able to open a program in Olly debugger and start analyzing it. If necessar...