Disclosure: On this site you won’t find specific advice on “how to call function xyz()”. Interpreting C++ ARM and #pragma dwim is also out of scope.

We’re treating our readers as intelligent beings who can use Google and/or StackOverflow, where all such specific questions were answered more than once.

What you will find is opinions, more opinions, and even more opinions on all the aspects of software development - and with a large chunk of them based on real-world experience too.

Your mileage may vary. Batteries not included.

Bot Fighting 103. Code Integrity Checks, Code Scrambling

December 12, 2017 by “No Bugs” Bunny

You're under arrest for asking the right question at the wrong time

Quote:

Bingo! We’ve got an executable, which automagically performs TONS of integrity checks, which checks are spread all over the executable, and are extremely non-obvious too.

Another Quote:

This approach of 'not revealing code until attack costs are high' is certainly not limited to payments.

Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention

Read more

Bot Fighting 102: System-Specific Kinda-Protection. Anti-Debugger, Anti-DLL-Injection, VM Detection.

December 5, 2017 by “No Bugs” Bunny

Wizard of OS

Quote:

it is fundamentally impossible to prevent (or detect) debugging, at least as long we’re staying on one single box.

Another Quote:

DON’T spend more than 10% of your overall anti-bot-fighting time budget on system-specific protections.

Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention

Read more

Bot Fighting 101: Don’t Feed the Hacker

November 28, 2017 by “No Bugs” Bunny

Don't Feed the Hacker

Quote:

Some of the system calls are not absolutely necessary, and using them will significantly simplify life of the attacker

Another Quote:

Scrambling will help to protect your protocol even if the attacker manages to F.L.I.R.T. with your TLS library

Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention

Read more

MOGs: Hacks and Hackers

November 21, 2017 by “No Bugs” Bunny

Hackers attacking! IDA Pro, Cheat Engine, Hexinator, WinAPIOverride

Quote:

One of the nastier-for-us features of IDA Pro is so-called F.L.I.R.T.

Another Quote:

All the popular protection methods lag well-behind capabilities of the average-attacker-on-a-100K-simultaneous-player-game.

Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention

Read more