Articles on hacking, reverse engineering, and software development.
We take a deep dive into the Apple SummarizationKit model which applies safety classification and summarization to text across several Apple products such as Notes, Mail, Messages, and Safari. We'll also reverse engineer the encrypted safety configuration files which contain a number of country-specific text summarization rules around politcs, stop words, and more.
Amazon's Kindle DRM is notoriously annoying and difficult. After spending a weekend working reverse engineering each layer of the DRM protection, I was able to figure out how to convert a Kindle book to a format that I can actually read on my Kindle. Yes, it's as ridiculous as it sounds.
Every Apple device has several neural network models that perform various offline classification tasks. In this post, we reverse engineer one of their safety models, SafetyNetLight, and discover a parent model, SceneNetv5, which produces embeddings for scene classification, entity recognition, safety classification, object detection, and more.
Using static, dynamic, and behavioral analysis, we will look at all stages of the WinRAR zero-day malware that was spread via online trading forums, then emulate the C2 TCP protocol to find out what kind of information it is receiving from the victim's.
Using ICANN zone files, we can search all active domains for fraudulent sites that have a similar domain and look-and-feel of legitimate products they're trying to copy. These fake sites offer downloads to software that look real, but have malware attached. In this article, we'll look at a fake Quickbooks site offering a download which contains the infamous Redline Stealer.
FOSCAM firmware is encrypted with openssl using a salted key. This post will demonstrate how to extract the firmware using an $14 SPI flash programmer, and reverse engineer the decryption keys for the firmware, and RSA keys that ship with the firmware using Ghidra.
One of the largest shared-hosting companies in the US said as much as 50%+ of their customer Wordpress sites were impacted by a December 2022 malware campaign. This post analyzes an infected host and shows how reverse engineering the C2 protocol give a glimpse into how it works, and what functions it provides to the attacker.
Using simple hardware and software, this post will show you how to extract and analyze the firmware of a GL.iNet GL-B1300 router. Identifying UART pins and connecting a JTAGulator will allow us to transmit and receive through the serial connection, access the U-Boot bootloader, and get a root shell on the main filesystem, allowing us to extract the firmware from memory.