Since my last post I started reversing from what I determined to be the entry point of the malware.
Due to my inexperience, I am afraid that I spent the last couple of days working on what appears to be system library code. It was a tedious work, that unsurprisingly wasn't yelding any "real" results (that is: a deeper understanding of how the binary behaves).
Fortunatly (before I wasted any more time) I mentioned this to a friend of mine, and he brought to my attention that I was probably reversing a statically linked binary, and that I was in fact reversing a lot of code that didn't matter for the task at hand.
Basically I have learnt how to be more cautious, the hard way ...
Due to my inexperience, I am afraid that I spent the last couple of days working on what appears to be system library code. It was a tedious work, that unsurprisingly wasn't yelding any "real" results (that is: a deeper understanding of how the binary behaves).
Fortunatly (before I wasted any more time) I mentioned this to a friend of mine, and he brought to my attention that I was probably reversing a statically linked binary, and that I was in fact reversing a lot of code that didn't matter for the task at hand.
Basically I have learnt how to be more cautious, the hard way ...
tive hoje a ler com mais atenção o teu blog... e de facto só uma coisa deste genero pra te por a escrever um blog lol
ReplyDelete