Didier Stevens

Tuesday 14 August 2007

3 Comments »

1. […] XORSearch V1.2.0: XOR & ROL – I look forward to Didier’s upcoming post with further details. Last week I analyzed a piece of malware that had each byte of its strings ROL 1 (ROtate Left) encoded. I’ll give more details about this trick in an upcoming post. […]

   Pingback by www.andrewhay.ca » Suggested Blog Reading - Thursday August 16th, 2007 — Friday 17 August 2007 @ 11:24

2. If you ROL 7 times you have effectively ROR’d an 8 bit byte 🙂

   Comment by Tony — Monday 10 September 2007 @ 15:22

3. “Een kus van de juffrouw en een bank vooruit!”

   In Flanders this means: a kiss of the teacher and move one bench closer to the blackboard! 😉

   Comment by Didier Stevens — Friday 14 September 2007 @ 20:11

RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated) Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (Address never made public)

Name

Website

You are commenting using your WordPress.com account. ( Log Out /  Change )

You are commenting using your Google account. ( Log Out /  Change )

You are commenting using your Twitter account. ( Log Out /  Change )

You are commenting using your Facebook account. ( Log Out /  Change )

Cancel

Connecting to %s

Notify me of new comments via email.

Notify me of new posts via email.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

• Didier Stevens Labs

  
  Visit my company, Didier Stevens Labs

• Pages

  • About
  • Didier Stevens Suite
  • Links
  • My Software
  • Professional
  • Programs
    • Ariad
    • Authenticode Tools
    • Binary Tools
    • CASToggle
    • Disitool
    • EICARgen
    • ExtractScripts
    • FileGen
    • HeapLocker
    • Network Appliance Forensic Toolkit
    • Nokia Time Lapse Photography
    • oledump.py
    • OllyStepNSearch
    • PDF Tools
    • Shellcode
    • SpiderMonkey
    • Translate
    • USBVirusScan
    • UserAssist
    • VirusTotal Tools
    • XORSearch & XORStrings
    • YARA Rules
    • ZIPEncryptFTP
  • Public Drafts
    • Cisco Tricks
  • Reverse Engineering Mentoring
  • Screencasts & Videos
• Search for:

• Top Posts

  • PDF Tools
  • oledump.py
  • Howto: Make Your Own Cert With OpenSSL on Windows
  • My Software
  • Quickpost: ZIP Password Cracking With John The Ripper

• Categories

  • .NET
  • 010 Editor
  • Announcement
  • Arduino
  • Bash Bunny
  • Beta
  • bpmtk
  • Certification
  • Didier Stevens Labs
  • Eee PC
  • Encryption
  • Entertainment
  • Fellow Bloggers
  • Forensics
  • Hacking
  • Hardware
  • maldoc
  • Malware
  • My Software
  • N800
  • Networking
  • Nonsense
  • nslu2
  • OSX
  • PDF
  • Personal
  • Physical Security
  • Poll
  • Puzzle
  • Quickpost
  • Release
  • Reverse Engineering
  • RFID
  • Shellcode
  • smart card
  • Spam
  • technology
  • UltraEdit
  • Uncategorized
  • Update
  • video
  • Vulnerabilities
  • WiFi
  • Windows 7
  • Windows 8
  • Windows Vista
  • Wireshark
• 

• Blog Stats

  • 6,338,956 hits

• Twitter @DidierStevens

  • RT @campuscodi: A malware gang named Epic Manchego has successfully used a .NET library named EPPlus to create Excel docs that bypass some… 1 week ago
  • RT @sans_isc: Office Documents with Embedded Objects isc.sans.edu/diary/26558 https://t.co/QRz3BwD6NQ 1 week ago
  • RT @virusbtn: On the SANS ISC blog, @didierstevens explains how to handle Office documents with embedded objects isc.sans.edu/diary/rss/26558 ht… 1 week ago
  • RT @virusbtn: NVISO researchers analyse 'Epic Manchego', a malware campaign that uses a different kind of Excel file to fly under the radar… 1 week ago
  • New blog post "Quickpost: dig On Windows" blog.didierstevens.com/2020/09/10/qui… 1 week ago

• Archives

  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • April 2017
  • March 2017
  • February 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • May 2015
  • April 2015
  • March 2015
  • February 2015
  • January 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • August 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • December 2011
  • November 2011
  • October 2011
  • September 2011
  • August 2011
  • July 2011
  • June 2011
  • May 2011
  • April 2011
  • March 2011
  • February 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006

• August 2007

  M	T	W	T	F	S	S
  		1	2	3	4	5
  6	7	8	9	10	11	12
  13	14	15	16	17	18	19
  20	21	22	23	24	25	26
  27	28	29	30	31