Computer
-
Triton DBA Framework Build for Windows x64Computer/Program Analysis 2016. 11. 3. 18:12
For Ubuntu, the build process is straightforward. For Windows x64, I failed to build with Visual Studio 2015 giving some errors related snprintf. Even after I installed VS2013 build tools, it failed with the same error. So, I installed Visual Studio 2013.Before building Triton, dependent libraries - Z3, capstone with VS2013 - are rebuilt with x64 option. Python x64 is reinstalled. Finally I succ..
-
Gephi run on 64bit WindowsComputer/Software 2016. 10. 17. 11:06
I need to draw a huge graph requiring more than 4GB memory. Graphviz or D3JS cannot draw such huge graphs. Gephi is a good choice in this case. However Gephi visualization platform is run on 32bit Java by default. We need to change the configuration in order to run 64bit Java. In C:\Program Files (x86)\Gephi-0.9.1\etc\gephi.conf, deafult_options and jdkhome need to be modified. For example, defa..
-
x64dbg ScyllaHide NtUser* API Address missingComputer/Program Analysis 2016. 9. 20. 15:29
I encountered following message box while I am using x64dbg + scyllahide. In the manual (ScyllaHide.pdf), it says that we need to download NtAPITool.rar and copy NtAPICollection.ini to x64\plugins folder.But the NtAPITool.rar does not fix this error. The OS minor version of the ini file is incorrect. So we need to fix the OS minor version. I am using Windows 8.1, so the OS minor version is 3. So..
-
VMWare Professional 12 on Ubuntu 14.04 LTS amd64Computer/Software 2016. 6. 20. 10:04
I have the following errors after installing. Gtk-Message: Failed to load module "canberra-gtk-module": libcanberra-gtk-module.so: cannot open shared object file: No such file or directoryGtk-Message: Failed to load module "overlay-scrollbar": liboverlay-scrollbar.so: cannot open shared object file: No such file or directoryGtk-Message: Failed to load module "unity-gtk-module": libunity-gtk-modu..
-
Intel Pin 3.0 & Visual Studio 2015 Solution FileComputer/Program Analysis 2016. 4. 20. 11:35
The visual studio solution file in Intel Pin 3.0 needs to be fixed to build onVisual Studio 2015. The solution file at \pin\source\tools\MyPinTool is for Visual Studio 2010. It is converted to Visual Studio 2015 with warnings. The following file describes what is needed to build. https://software.intel.com/sites/default/files/managed/8e/f5/PinCRT.pdf The converted solution file already have most..
-
calling convention in Windows x64 binaryComputer/Program Analysis 2015. 6. 19. 18:42
Visual Studio compiled programs use fastcall calling convention. Functions use RCX, RDX, R8, R9 first. After using them, functions use the stack. In variable argument functions such as printf, stack values are used.