Open in app
Eviatar Gerzi
52 Followers
About

Sign in

Open in app

Apr 24

This blog post is about an annoying Adware that infected my browser and how I cleaned it. If you are interested just in how to clean it, scroll to the bottom of this post.

One day, while browsing through a particular website, it succeeded in infecting me with Adware. Adware is unwanted software designed to throw advertisements up on your screen, most often within a web browser. How I was aware of it, only when the Windows notification system pop-up this message:

Read more · 5 min read

Nov 5, 2020

We got a binary file ttt2.exe and when I run it, I received the following error:

Read more · 4 min read

Oct 29, 2020

Tools

We received a capture network file named: re_crowd.pcapng.

Notice that there are number of records with PROPFIND:

Read more · 12 min read

Oct 29, 2020

I noticed the file is packed with UPX:

Read more · 5 min read

Oct 29, 2020

We received a packed TPK file that we can just unpack with 7zip. Inside the “bin” folder we had number of interesting DLLs, the one that was the most interesting was the “TKApp.dll”, so we analyzed it with dnSpy.

Read more · 3 min read

Oct 29, 2020

When I tried to open the report.xls file I received an error:

Read more · 6 min read

Oct 29, 2020

Tools to use:

  • IDA
  • x64dbg

When start the program, we received a game menu:

Read more · 3 min read

Oct 29, 2020

Tools to use:

  • x64dbg
  • HxD
  • pestudio
  • upx-3.96-win64
  • IDA
  • Python

When I tried to load the file to x64dbg I received a message that this is an invalid PE file:

Read more · 4 min read

Oct 29, 2020

We received the application binary file together with the python source code.

Tools to use:

  • notepad++

When you start the application, you get:

Read more · 3 min read

Oct 29, 2020

This year I participated in Flare-On 7 (2020) and I wanted to share my thoughts about this great CTF.

Overview

The challenges were great this year, I learned a lot and they were pure reversing. For anyone wants to strength his reversing skills, flare-on is a great choice. This is like an intensive reversing course for six weeks that you will suffer and enjoy both together.

Solutions

I separated my solutions into different pages to make it more readable:

  1. Challenge #1 - Fidler
  2. Challenge #2 - garbage
  3. Challenge #3 - wednseday
  4. Challenge #4 - report
  5. Challenge #5 - TKApp
  6. Challenge #6 …

Read more · 2 min read

Eviatar Gerzi

Security researcher interested in reversing, solving CTFs, malware analysis, penetration testing and DevOps security (docker and Kubernetes)

About

Write

Help

Legal

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store