Didier Stevens

Sunday 19 April 2009

Update: XORSearch V1.4.0

Filed under: My Software,Update — Didier Stevens @ 16:43

Miles Wolbe was looking for some strings in a Dell BIOS update; it took him some time to figure out they are ROT-1 encoded.

I updated my XORSearch tool to support ROT encoding.

2 Comments »

  1. Excellent tool! I will definitely use this. I doubly appreciate the lack of windows system calls. It built without any modifications on gcc. Thanks.

    I did a little looking at your exe with a tool of my own. It’s mostly a neat toy, but I thought you might be interested. http://randommusingsofarealgeek.blogspot.com/2009/04/why-are-windows-executables-so-big.html

    Comment by Bryan Harris — Tuesday 21 April 2009 @ 13:39

  2. That’s one of my requirements for this tool: being able to compile it with a standard C compiler on different OSes.

    The EXE is compiled with Borland, and the C library (like printf) is linked in. And then there is also a digital signature (Authenticode) adding to the size.

    Comment by Didier Stevens — Tuesday 21 April 2009 @ 14:11


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

Please log in to WordPress.com to post a comment to your blog.

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Theme: Rubric. Blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 83 other followers