In early September, radare2 users and developers from around the globe gathered in Barcelona for r2con, an annual conference celebrating the r2 multi-platform, open-source, reverse engineering framework supported by NowSecure. Around 200 attendees enjoyed four days of hacking, teaching, discussing, coding, socializing and having fun.
Imagine a man confined in a room and observed by a researcher over video surveillance. Imagine that the surveillance cameras can also, at any time, zoom in-and-out to scrutinize the atoms, molecules, cells, tissues, organs, or organ systems that make up the man.
Android Dirty COW patch released On Monday, Google announced putting the Dirty COW vulnerability (CVE-2016-5195) out to pasture with the 2016-12-05 patch level in the December 2016 Android Security Update. That’s welcome news for owners of Google Nexus and Pixel devices. Of course even with the patch from Google, the long standing problem of Android
A blog post providing an introduction on how to use Radare for Android malware analysis. After reading this post, you’ll understand how to use Radare2 to disassemble Android binaries, how to identify suspicious or malicious app behavior, and some of the benefits and limitations of using Radare2 for this use case.
The Dirty COW vulnerability impacts many mobile devices. I analyzed it and its exploit and ended up writing a plug-in for Radare2.
When analyzing the behavior of specific applications or services it is useful to understand how the execution directly or indirectly affects the filesystem.