Disclosure: On this site you won’t find specific advice on “how to call function xyz()”. Interpreting C++ ARM and #pragma dwim is also out of scope.
We’re treating our readers as intelligent beings who can use Google and/or StackOverflow, where all such specific questions were answered more than once.
What you will find is opinions, more opinions, and even more opinions on all the aspects of software development - and with a large chunk of them based on real-world experience too.
Your mileage may vary. Batteries not included.
Bot Fighting 103. Code Integrity Checks, Code Scrambling
December 12, 2017 by • “No Bugs” Bunny
Quote:
Bingo! We’ve got an executable, which automagically performs TONS of integrity checks, which checks are spread all over the executable, and are extremely non-obvious too.
Another Quote:
This approach of 'not revealing code until attack costs are high' is certainly not limited to payments.
Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention
Read moreBot Fighting 102: System-Specific Kinda-Protection. Anti-Debugger, Anti-DLL-Injection, VM Detection.
December 5, 2017 by • “No Bugs” Bunny
Quote:
it is fundamentally impossible to prevent (or detect) debugging, at least as long we’re staying on one single box.
Another Quote:
DON’T spend more than 10% of your overall anti-bot-fighting time budget on system-specific protections.
Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention
Read moreBot Fighting 101: Don’t Feed the Hacker
November 28, 2017 by • “No Bugs” Bunny
Quote:
Some of the system calls are not absolutely necessary, and using them will significantly simplify life of the attacker
Another Quote:
Scrambling will help to protect your protocol even if the attacker manages to F.L.I.R.T. with your TLS library
Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention
Read moreMOGs: Hacks and Hackers
November 21, 2017 by • “No Bugs” Bunny
Quote:
One of the nastier-for-us features of IDA Pro is so-called F.L.I.R.T.
Another Quote:
All the popular protection methods lag well-behind capabilities of the average-attacker-on-a-100K-simultaneous-player-game.
Filed under: Book: D&D of MOGs1st beta of Vol. VII-IXOn.SecurityFraud Prevention
Read more



