When I was younger, I had an interest in reversing and stumbled across Lena's Reversing tutorials... I couldn't quite grasp it back then but I now have a renewed interest. The amount of effort and clarity you put in these videos is amazing. Thank you.
I really like the presentation in these tutorials. It's like you are communicating to us from your secret bunker base--letting the people know how to use the systems that were built for them. I've used strace a bit, and your explanation will make my future use of it even better.
I'm a RE and malware analysis junkie. About 10 years ago I set up a virtual machine with Windows XP on it, downloaded dozens of gigabytes of malware, set up file + registry + network monitors and just randomly executed malware in the VM. It was a lot of fun. One of the malware samples was a keylogger which stored my keystrokes, and sent it over plain FTP to a server in Nigeria. Through Fiddler I discovered that the username and password for that FTP server was in plain text, so I tried logging in to that server and it worked. Before my eyes, on the FTP server, there were hundreds of folders, each filled with data harvested from victims of the malware. The data included also tons of banking and credit card information. I was able to discover the identity of the man running the Nigerian server and managed to find him on social media. Pretty crazy. Another malware sample I tested launched a little chat window in the middle of the screen and the chatbox literally had the title "You're Now Speaking With Mr. Hacker!"... and the person running the malware backend was typing to me, boasting about how I got haxx0red. I played along and begged him not to do any harm to my computer and he was just laughing in my face. Then I told him it's a virtual machine... and reverted to a clean snapshot. When it comes to reverse engineering, I use IDA Pro and Ghidra to discover how exactly some of my favorite older games work under the hood. Mostly Sega Genesis/Atari ST (Motorola 68000) but also x86. In one case I got in the mood to remake an 1988 game I was reversing, in C/C++, to achieve its compatibility with modern systems and fix some of the gameplay bugs. You can see some of the results of that on my channel :)
I LOVE this tutorial and presentation. very adhd friendly and adorable. Thank you for taking the time on this video. There are people that appreciate the work you've done. :)
The fact that you don't edit out the "errors" you make on the console while recording makes the video flows perfectly because it feels more real and like a dynamic study session instead of a pre-recorded unreal stuff. Thanks for talking about such very specific subjects.
Forgot to mention your videos are a great introduction to mobile malware analysis for someone like me, coming from workstation malware analysis, so thank you for them. That damn Fishy tune though lol, I can't get rid of it from my head
I find the system call code extremely interesting from a signal path perspective. I got recommended sysinternals by GPT4 for psexec to get a peek inside the kernel. I'm curious if anything in sysinternals or syscalls can do this signal path analysis for AI behaviour, just as deep. Thanks for the video Laurie.
I need to run an strace to detect the last time I needed to run strace. I wish you well, and I hope you never stop, but just remember that there might be a day when it's gonna be the last time you will ever run strace. You won't realize it, but you will never use strace ever again after that day. Sad...
Why do you suppose the order of parent/child output is different after executing fork_example with the -f flag versus without? Is the timing of parent/child process execution indeterminate?
It's actually just happenstance what gets printed first since calling fork creates a new process that executes at the same time. You could even get these printed in a different order each time you run
