安笑生 yeah we can learn programming from reverse engineering stuffs 你好同志

lol

@@wanderingpalace 安笑生

@@wanderingpalace i love xi jinping's huge cawk

@@wanderingpalace no you absolutely can't

@@tomatonyable takes one to know one! unless you're a reptilian

read the book Code by Charles Petzold. You will understand how the CPU and assembler works even if you are a total noob. After that you will automatically understand how programming languages work, reverse engineering too and so on.

@Rajath Pai trust me. Petzold is a guru

@@ThisDaveAndThatJohn code by charles petzold?

Ok BOOMER

I prefer ollydbg 2.01 or x64dbg for 64 bit, ghidra makes really easy the reverse process, can get a source code... I prefer analyze asm instructions one by one for understand fully process but this isn't the best stategy.. one by one can take you a lot of time i use call stack window for locate specific part i want to analyze!

@@vladysmaximov6156 keep us posted mate

@@vladysmaximov6156 weird flex but ok

@@vladysmaximov6156 I tried out ghidra and improved my performance like 10 times (mainly due to being shit in reading asm fast).

@@vladysmaximov6156 You absolute pleb. Version 1.10 or GTFO.

what the H E C C is a carrer

@@xyphoes345 it's a carrer

@@glowingone1774 isnt it meant to be a *career* tho

@@xyphoes345 no this is much different.

but wannacry isnt a man

hijacking this to say WE NEED PART 2

Inserts his too powerful(smart) to be kept alive meme*

looks pretty standard to me

Plot twist: he is the hacker who made wanna cry

marv b first 20 minutes is really basic stuff. Its just general reversing and assigning names

Yes

Just gotta learn GDB, Radare, OllyDBG for Windows, and assembly. And even then the assembly is the part that while takes the longest isn't too bad once you get used to it.

Oh and IDA / Binary Ninja are good too.

@starshipeleven He could use a VM.

What is an entrusted place?

starshipeleven presumably you download the sample from within the VM, then disable the Ethernet adapter that gives the VM Internet access to prevent worms from going through the connection.

starshipeleven forgot about that option, thanks for reminding me.

Just something that scares me : They are easy accessible websites to download loads of virus to try antivirus and understanding how they work ? I hope they tell the user several warnings before sending the file

Hopefully tomorrow :) life has been busy

what do you mean years younger

@@Decentsito I'm too old to start studying in depth reversing, now.

No one is too old to learn.

@@freeweed4all how old are you?

@@UCnPE-cqd00o5SHPn0rHxphg thanks for the support. I made a choice some years ago, leaving netsec to start studying at University a totally different thing: knowing today how this sector is growing, maybe my choice wasn't the right one. Today, with these excellent resources, is far more easy to fill the gap with skilled reversing ppl: some years ago they appear like a part of a niche, like an out of reach status. This effect is an outcome of how much the reversing job offers are growing (US government choice about Ghidra isn't random).

macOS*

@@rohitas2050 woops

more like Reclass: Am I a Joke to you ?

@@Elffi LOL

tbh, i think they knew that they would affect millions of devices. humble people

Kind, maybe not, but they were reasonable. Do as we ask and we promise all will be well. And see we have written in clear language what we want you to understand. Give us the money and have a nice day 😊

professionals have *standards*

cant get money from someone who cant understand what they are reading

@@kahlzun Investigations show that this was most likely an attack by the North-Korean Government-Controlled Lazarus hacking group to fund nuclear programs and Fatass Jong Un's Sanction-Bypassing Goldschlager run. Eh, probably not Goldschlager. The fatass is probably going for something more expensive.

RubenCO what language is this in?

@@elijahburnham7882 The left side of Ghidra is x86 Assembly and the right side is C.

​@@Slenderman63323you need low level knowledge to be able to do stuff like this since the c code that is outputed is very low level

they make locale translators for batch translating, prob took them about 5 minutes to translate all locales. The least impressive part

@@hiddenaether then why hide it with such levels of encryption? it would be easy to just use english, but instead they have the ambition to take on the world.

That's awesome to hear, thank you! Feel free to let me know what else you have trouble with, maybe it's something I can feature in the future

@@stacksmashing I'll be sure to comment it when I find more stuff, but seeing you work already solves a lot of problems!

@@stacksmashing greaat tut, can please explain if possible im chrome devtools save the changes i make in offline? i want change a pwa web worker app that works online and offline but the changes i made nolt save when i restart the app, exist any trick to save?if i not save i only get the cache of pwa app and not possible open and edit i think, thanks

I have a few questions. I've done vb coding for years, but more as a supplement to my other work loads, I'm not a full blown dev. First, what was so hard about spotting the kill switch? There must have been a lot of the best devs looking at this code globally for 4 days, the guy who killed it even did that on accident. Secondly, and I'm not advocating for better viruses, but would a kill switch that the owner had exclusive controle over not be possible? They went to great lengths coding this but left the kill switch free for anyone to use.