Julian Davis

Documenting my adventures in Reverse Engineering

CTF Challenge – Stage 3

Continuing from Stage2, now I’m on Stage3. It’s getting user input with a call to fgets and then passing that user input to a call to vsscanf using the format-control string "%d %d %d %d %d". Right after the call to vsscanf there’s a cmp eax,5. vsscanf returns the number of fields that are successfully... » read more

CTF Challenge – Stage 2

This is a continuation from this post. Stage2 is different in that it’s waiting on user input with a call to fgets. I started with just a simple string to observe the functionality. You’ll notice it’s executing a xor on the first byte of our input string with the lowest byte in ecx. This part... » read more

CTF Challenge – Stage 1

This is a CTF built by my good friend Colin that consists of five stages, each progressively more difficult. Here are the guidelines and rules. Taking a look at Stage1 the first interesting call I see is _stat64i32 which takes a path to a file and gets the status information of that file. The path... » read more

Reversing an Encryptor

This is another brief exercise created by my good friend Colin. The goal for this exercise was to reverse the encryption methodology and create a decryptor. This is what the binary looks like when running. And here’s the assembly. There’s five local variables here. Four of these are right at the start, the hex bytes... » read more

Static Analysis Test

My good friend Colin, who has taught me literally everything I know about RE, wanted to challenge me with a static analysis test. During my process of learning RE I have relied heavily, if not entirely, on dynamic analysis. While discussing the idea of some future projects he agreed I needed more time and practice... » read more

Unlocking Hidden Debug Features

One of the first things I do when reversing a game is look for any debug features. These can give valuable information that can help you understand the game more closely. When searching for debug features in Fallen Earth I noticed there was a lot of string formatting with information that I would like to... » read more

Unpacking a PAK File

This was a small exercise in curiosity. I actually did this months ago, when I was first starting in the world of RE. I had no real use for reversing this file, it was more an effort to learn more about the tools used, specifically the hex editor. After using computers in a casual sense... » read more

Bypassing a Client Updater

This was one of my very first exercises in reverse engineering video games. The game is Fallen Earth which is an older MMORPG that is currently free-to-play on Steam. The game has a patcher which always runs first and once updated it will then initialize the game client. Ideally I want to be able to... » read more