Articles

Articles

Injective Code inside Import Table Date: 06/06/2006  Author: Ashkbiz Danehkar An introduction to the injection of code into an Import Table of a Portable Executable file. This thing is called API redirection technique. This article was released on codeproject.com.   The .NET File Format Date: 11/12/2005  Author: Daniel Pistelli This article describes the internal .NET File Format. The standards of the .NET format are public, you can find them on Microsoft and in your .NET SDK (look after "Partition II Metadata.doc"), but they are intended to be a more like a reference, not really a guide. So this is what you need if you want a simple guide to understand this subject. This article was released on codeproject.com and won the first prize in the C# category for January, 2006.   Inject your code to a Portable Executable file Date: 01/12/2005  Author: Ashkbiz Danehkar This article demonstrates in five steps how to inject your code in a portable executable (exe, dll, ocx,...) file without recompiling the source code. This article was released on codeproject.com and won the first prize in the MFC category for December, 2005.   .NET Manifest Resources Date: 28/10/2005  Author: Daniel Pistelli This article is about the internal format of .NET Manifest Resources (or better the ".resources" files contained in it). I don't know if the code can be useful to you or not (probably not), but I like to write about undocumented stuff. In fact, this article is nothing sensational, I just wrote it 'cause I haven't found any documentation about this subject on the net, not even in the .NET MetaData specifics: Partition II MetaData.doc. This article was released on codeproject.com.   AntiMida 1.0 Date: 10/04/2005  Author: Daniel Pistelli This article is just a general overview about protections who play with system structures like the SDT. It has nothing to do with reversing and no debugger or disassembler was used to write it. In addition TheMida will not implement a kernel-mode part in the near future. This is just a tool to bypass SDT hooking protections.   La Nuova Guida Al Cracking (.NET) Date: 01/01/2005  Author: Daniel Pistelli A general overview about .NET Software Security. The paragraphs are: MicroSoft Intermediate Language, Cracking, Debugging, Decompilers, Code Obfuscation, Protection Theory. It's a quite complete introduction.   Windows File Protection: How To Disable It On The Fly Date: 09/11/2004  Author: Daniel Pistelli In this article it's shown how to deactive the Windows File Protection without rebooting to safe mode or recovery console. The articles shows you how to change system files without the system noticing it and replacing the original files. This article was originally released on rootkit.com.   Tutto (o quasi) sul Portable Executable Date: 20/08/2003  Author: Daniel Pistelli The most accurate italian guide about the Portable Executable file format. It's the most important source in Italy about this subject.   Introducing The Windows Driver Foundation Date: no date  Author: Daniel Pistelli A little introduction to the Windows Driver Foundation before its actual release. This article was written when this technology was still in beta testing.

FROM:ntcore