Return to Main Index
This page is my answer to the various "scene" news pages that you may or may not be aware of. Of course the news I consider worthy of reporting is a lot different to the "scene" pages :). Therefore, this news column will be dedicated only to those matters of interest to reversers. If you have any newsworthy inclusions drop me an e-mail (anonymity is not a problem). The opinions expressed here are of course my own.
Be sure you are looking at the most recent version of this page by hitting your browsers refresh button (you never know, I might have updated :-) ).
Sept 1st - Sept 30th
Okay, I've gotten my hands on the alleged IDA 3.84b key generator which has been splashed around the message boards, and as I pretty much expected its a hoax, yet maybe a pretty good patch. The keyfile generator is a rather aesthetic touch, so I don't know how the crack's author talks about breaking the weakness in the RSA 1024-bit encryption, because evidently his keyfile generator just writes an ida.key with the name in reverse starting at offset EDh. The rest you can just zero out, the length on the keyfile is also incorrect as students of IDA will also know.
A bit of very late news, PE Rebuilder v0.95b by TiTi [BLiZZARD] & Virogen [PC] (71k) was released a few months back, coded totally in Win32 ASM with the source code included, this is a very nice utility, bear in mind however that re-aligning your Windows SYSTEM files is generally NOT a very good idea.
Those of you interested in RSA may well like to check out 2 resources, http://ghiribizzo.tsx.org from Ghiri contains a very good RSA toolpack (specifically the Hiew v6.15 tutorials which have an error or two), also the very good MIRACL libraries can be found at ftp://ftp.compapp.dcu.ie/pub/crypto/miracl.zip - this leads me neatly on to new versions of IceDump and finally an NT port, although this is or was undergoing testing (a later version is almost certainly available at http://icedump.tsx.org ).
fOSSiL has finally updated his very good InstallShield tools (97k) to support v5.5+ .cab files, no doubt the warez releasers will love it (although interested reversers may care to study the source). As I suggested in a previous news update, SoftICE 4.01 is now available, the readme lists just 3 changes, all of them insignificant, so Japanese Windows 98 users and Windows 2000 build 2072 testers are only those that need apply. A capable reverser has also finally done what I suggested a month or so back and thats enable String References for VB programs in W32Dasm 8.93, change the bytes at offset 0x16B6C/16B6D to 98 F4 (previously 28 F6).
NuMega DriverStudio v1.0 has been released, this I assume is the real final version as opposed to the beta that was available a few months back, just find it on your favourite site. IDA has reached v4.0 and is no longer a console application!, guess what also, old keyfiles will no longer work so expect protection hell (1024-bit PGP). Hiew is now onto v6.20, and SEN has also increased the length of his key as well (something over 800-bits), I'll send a fine wine from my own personal collection to the first key generator :-).
As a final note, Fravia's site was apparently hacked fairly recently, although fortunately the perpetrator seems not to be malicious :-).
Return to Main Index