XlogicX Blog

Tools    PoC||GTFO_Mirror    Talks    BootMe_-_CrackMe    ARM_Atlas    

12-19-2015 - Assembly_is_Too_High-Level_-_Self_Modifying_Code_with_Basic_Arithmetic

Use simple math instructions to modify other instructions for some fun self modifying code.


11-25-2015 - Follow-up_on_creating_Vm0wd2Qy_-_9000

There were some questions to my methods for the original post on Vm0wd2Qy, so this is a follow-up to explain everything.


11-08-2015 - Assembly_is_Too_High_Level_-_Jump_Near_When_Short

Encoding of the JMP instruction can have reduncancies, here we explore using less common encodings.


11-06-2015 - Vm0wd2Qy

Some recursive Base64 magic.


11-05-2015 - Assembly_is_Too_High_Level_-_Subtracting_by_Comparing_-_Propeller

SUB and CMP are already similar enough in x86, but in Propeller, they are even encoded super similar, to where you can do some stupid assembly syntax to convert one into the other.


10-20-2015 - Assembly_is_Too_High-Level_-_AAD-AAM,_Even_the_Math_is_Too_High-Level

This is by far my favorite x86 encoding thing; you can unlock way more functionality with this instruction that requires machine encoding beyond just basic assembly.


09-27-2015 - Assembly_is_Too_High_Level_-_Propeller_NOPs,_like_if_never

Pretty much any insctruction can be a NOP, due to a 'never' condition. ARM is very similar in this way.


09-19-2015 - Obscure_FISTing

Using the FIST instruction as an obfuscation technique, because fisting.


09-17-2015 - Assembly_Is_Too_High_Level_-_Undocumented_Code_Exploration

Taking a look at some blank spots in the Intel manuals opcode map.


09-12-2015 - Assembly_Is_Too_High-Level_-_Full_Offsets

Intel tries to abuse the ModR/M table for variable byte NOPs, read on to see how we can do some better abuse for multibyte NOPs that are also still sledable.


Older PagesNewer Pages

XlogicX - Copyright 2021 - Powered by some shitty python scripts