HackerTrans
TopNewTrendsCommentsPastAskShowJobs

nullpt_rs

no profile record

Submissions

Show HN: I'm building a browser for reverse engineers

nullpt.rs
348 points·by nullpt_rs·9 miesięcy temu·55 comments

Reversing the licensing on a Quantum Scalar i40

blackjack.codes
2 points·by nullpt_rs·10 miesięcy temu·0 comments

comments

nullpt_rs
·9 miesięcy temu·discuss
I actually wrote a separate blog post about this! Changing the debugger keyword :) see: https://nullpt.rs/evading-anti-debugging-techniques
nullpt_rs
·9 miesięcy temu·discuss
D'oh! You are correct :-) Good catch and thanks for teaching me something!
nullpt_rs
·9 miesięcy temu·discuss
Someone mentioned this as well in another comment. Turns out most of this could’ve been done as an extension after all :-)

edit: actually, wouldn’t you still need to override the global you’d like to instrument? At that point, the toString of the modified function would leak your hook.

see: https://gist.github.com/voidstar0/179990efe918d1028b72f292cf...

Regardless, I do have some interesting ideas that should hopefully make my pain of compiling Chromium for 3 hours worth it though :p

Cheat Engine for site scripts? Who knows. Mostly just using this as an opportunity to learn some browser internals so id say it still paid off :)
nullpt_rs
·9 miesięcy temu·discuss
Thanks for sharing some examples! Someone shared a similar project in the other thread. I didn’t realize this at the time of writing haha.

FWIW I still think modifying the browser has some positives wrt stealth and hooking out of process frames (could be wrong on the second part, haven’t actually tested!)

Still good to know though will leave a note in the article :-)
nullpt_rs
·9 miesięcy temu·discuss
Ooh nice, I haven’t seen this project! I actually tried attempting this as an extension at first but wasn’t able to override page window functions. I’m curious to know how they accomplished this. (edit: I see that I missed the chrome.scripting API facepalm)

Thank you for sharing :)

FWIW I still think a custom browser approach has some benefits (stealth and executing in out of process iframes. could be wrong on the second part, haven’t actually tested!)