Friday 18 March 2016

MIL Lab Hack Exposed

 The Hack


Mil-Lab-Hack-ExposedThis hack mostly exploits the fact that assembly illiterates cannot actually differentiate the difference between a binary generated by C programing and assembly language.

The basic prerequisites for this hack are good knowledge of C language and good knowledge of Assembly language. When your assembly code doesn't work you recode the same thing in C language and then replace the assembly generated binary with the binary generated by C code. Once this process is completed , all traces of C programing are erased.

Below is the hack in action....







Note:- I recently noticed that some browsers are facing difficulty showing this video content, either the plugins are absents or script blockers are blocking it.
I have thus made this video file available on mediafire. In case , you still face any issues feel free to leave a comment.



In case you have been impressed by this hack. Let me give you reasons so that you refrain from using this hack.




How To Detect This Hack

1.Size of Executable

The size of this Executable will obviously be larger. In fact, way too larger. Often when code is to be optimized small procedures are written in assembly and then called in program. The C code is converted into binary using a compiler. This binary generated by the compiler isn't the same as one generated by a Assembly programmer.

2.The code

Since the person resorted to using this trick for deception.The assembly code is likely to have some error. Careful inspection of assembly code will reveal that the binary shouldn't have actually given this output.

3.Objdump

This is the best way to deduce the fact that the binary was generated using C programing. No assembly programmer will ever write a assembly  code similar to as generated by a C programmer compiler. So just one terminal command is sufficient to give away the fact that C was used.
objdump -M intel -D name_of_binary 

-M intel :This specifies that Intel format is to be used.

4. Nm command

This command will give information about the symbols used in an exe or obj file. And since the symbols in a C program and assembly program are quite different, your cover is blown....
nm name_of_executable




* Warning
    This article is strictly written for educational purposes. I take no responsibility for your actions or any damage that you cause. I do not in any way promote malicious activity.






Posted by
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)