Kartone Infosec Blog

Topic

reverse engineering

A collection of 7 issues

The p0sT5n1F3r Backdoor

P0sT5n1F3r, a stealthy Apache backdoor built to sniff HTTPS traffic. Undetected by anti-malware platforms, the module used RC4 encryption to hide its activities. Reverse engineering revealed the key, exposing a targeted payload designed to steal credit card data.

WannaCry, two years later: a deep look into its code

My own reverse engineering of a WannaCry sample.

An extensive step by step reverse engineering analysis of a Linux CTF binary

...or in other words, when failing to reverse a CTF binary makes you loose a job

Reverse engineering the router Technicolor TG582N

During last months, my interest in hardware hacking got an exponential growth due to the fact I had the chance to get my hands on some so-ho routers unretired from local Telcos. So what a great opportunity to open and try to crack them, without worrying about irreparable damage? Inspecting

Pony stealer: a malware analysis - The sample analysis - Part three

In this post we continue the analysis of the Pony sample.

Pony stealer: a malware analysis - The sample dry run - Part two

In this post we go further into the analysis of the sample unpacked in the previous part.

Pony stealer: a malware analysis - Unpacking the sample - Part one

During my day by day job, I had the chance to came across a mail that was blocked by an antispam platform. Attached to this mail there was a sample recognized as a variant of Pony Stealer malware. Since I've been greatly interested into malware analysis in the