4th August, 2008

Debugging ACPI Using WinDBG /--evilbitz   

Hi,

Here are some tips about debugging Windows ACPI DSDT/ASL using windbg.

Installing the checked version of acpi.sys

You need to get the checked version of acpi.sys by downloading the checked version of your service pack, then unpack it locally and expand the acpi._sy file (it is actually a .cab file). The checked version will let you use the amli debugger in order to trace and step through ASL code.

Tracing ACPI ASL Code and Object evaluation

!amli set traceon spewon verboseon - This is a bit slow but produces a nice log file (for real man only).

ASL Debug Print

If you can change the code (dump and disassemble the DSDT and then compile and embed it again), you can add some string outputs to the ASL code, you can do that by two ways, if you connect a debugger then use the simple method of storing a string into the Debug local variable (example below), the other way is to use my asl print function which prints to an io port of your choice, this is not useful if you are not a platform developer or use a virtual machine.

Examples:

Store (”Debug asl print example - 1″, Debug)
\ZDBG (”Debug asl print example - 1″)

Break Points

  • If you want to debug ASL code, you can set breakpoints with !amli bp
  • You can embed a breakpoint by changing the DSDT and put the BreakPoint directive in the ASL code where you want the debugger to break.

After you broke onto the amli debugger, you can trace and step() through the code.



Posted in programming, lowlevel | Be The First To Comment!

28th July, 2008

My favorite challenges website /--evilbitz   

Hi,

I wanted to share with you my favorite challenges website, +Ma’s Reversing. Although I wasn’t very active in this website in the last two years (don’t have a lot of free time), it is still a nice place to come back to and spend a day or two on solving a tough ridlle :-)

Two things you should know:

  1. The plus sign next to +Ma, indicates that the founder of Ma’s reversing, Malattia, was an active student in the +HCU academy which was foudned by +ORC in 1997. +ORC really gave a big push forward to spread the knowledge of cracking/reversing through his tutorials.
  2. If you’ll visit +Ma’s Reversing, you’ll notice a weired domain name. Well… the numbers actually represents a 32bit value of his old server’s IP address :-) I find it quite amusing.

Anyways, if messing with steganography or solving classical ciphers (let’s say Playfair) is your thing, this website will appeal to you.
Try to deserve it :-)



Posted in hacking, reversing | Be The First To Comment!

22nd July, 2008

Fake Police Light bar for your N95 /--eitama   

Turn your Nokia N95 (Tested) into a police light bar. This was Eitam’s sick idea :)

  1. Install Pyhton for S60 on your Nokia N95
  2. Extract Fake police light bar for your N95 and copy police.py to your N95 (to the Python directory)
  3. Start Python on your phone
  4. Choose Options -> “Run Script…”
  5. Select the file police.py, click OK
  6. Place your N95 on the front of your cars dashboard when it is pointing outside, this is for cars that are in front of you so they would see the lights when the driver look at their rear mirror
  7. Start using the horn so cars in front of you will move aside and make way 8)

Cheers,
Guy & Eitam.



Posted in random, programming | Be The First To Comment!

22nd July, 2008

The Pinky Principle /--evilbitz   

It came to me that most people that need to decide whether to recruit a person that will work with them or under their management, will usually recruit a person that is a bit weirder than them. This is so they will feel normal around them. I’m just seeing it here and there… :)

The pinky principle says that with time, most of the workers in a certain company will be weird because the amount of weird people will grow and grow… the weird workers will finally reach a management position and will recruit other people that are even weirder than them.

If you’ll look at it from a different angle then every brain needs a pinky, but not every pinky needs a brain.



Posted in random, philosophy | 1 Comment

21st July, 2008

RS232 to TCP Using TCL /--eitama   

There is a wide selection of applications that allow bridging the serial port to TCP sockets,
Some of them are not free, and those which are free, do not run on linux.

This drove me to write my own solution to my needs.
As I currently enjoy the simplicity of TCL (Tool Command Language) I wrote the application in pure TCL.
It runs on Windows And Linux without the need to install anything.

The application runs on a computer (Windows / Linux) that is connected to some device via a serial port (RS232)
It will listen on a TCP port of your choice, accepting TCP connections up to the maximum defined by you.
All TCP clients may interact with the serial port at the same time, and all TCP clients recieve all the events
from other TCP clients.
This allows for multiple people to work on the same serial at the same time.
Installation steps :

  1. Download the zip file.
    RS232 to TCP
  2. Extract it to a folder of your choice.
  3. Read the readme.txt file, it is not too long and is very helpful.
  4. Edit tcp2com.cfg to suite your needs.
  5. Install the standard free distribution of ActiveState TCL.
    From : www.activestate.com
  6. Run tcp2com.tcl using TCLSH.

I have adapted the application to suite my needs,
I invite you to do the same 8)

Cheers,
Eitam.



Posted in programming | Be The First To Comment!

« Older Entries
Top »
"If you can't join them, beat them!"
Search Evilbitz: