m4n0w4r
New member
Nice series, thanks so much!
Regards,
ida pro plugin labeless, sync IDA with OllyDbg by a1ext
- Thread starter Storm Shadow
- Start date
Regards,
Thanks
greenpiece
New member
Hey guys, glad if posts in Check Point blog are useful for you!
If there are any concerns and/or suggestions on improvement of this info sharing, don't hesitate to tell us about them.
We're planning to show how Labeless scripting is used both in Olly2 and in x64dbg, starting with theory and following with script samples. And yes, these are not sandbox samples but real malware research cases.
If you have any preferences on future publications, feel free to share them.
In the meantime a1ex.t is actively developing Labeless and wants to add bunch of useful features. Probably when articles are published, Labeless will be far ahead of the described tool
If there are any concerns and/or suggestions on improvement of this info sharing, don't hesitate to tell us about them.
We're planning to show how Labeless scripting is used both in Olly2 and in x64dbg, starting with theory and following with script samples. And yes, these are not sandbox samples but real malware research cases.
If you have any preferences on future publications, feel free to share them.
In the meantime a1ex.t is actively developing Labeless and wants to add bunch of useful features. Probably when articles are published, Labeless will be far ahead of the described tool
samoray
New member
@greenpiece:
Thank you for your time on making tutorials, please drop links in this forum whenever new "Labeless" tutorials are released.
I really like your step by step explanation.
Thank you for your time on making tutorials, please drop links in this forum whenever new "Labeless" tutorials are released.
I really like your step by step explanation.
greenpiece
New member
He-he, it's a pleasure to hear that something you've made is helpful for people. Hopefully we will keep it up!@greenpiece:
Thank you for your time on making tutorials, please drop links in this forum whenever new "Labeless" tutorials are released.
I really like your step by step explanation.
As soon as there are new articles on Labeless (and not only) - we will share updates on this forum.
Stay tuned and have fun
P. S. I do not suffer from megalomania and this mystical word "we" actually consists of a1ex.t and me
Although articles are written by me - it wouldn't be possible without collaboration with Alex and thus I cannot help but use "we" here and there.
m4n0w4r
New member
@a1ext:
Can you add the link to Part 3 at the end of Part 2 (https://research.checkpoint.com/installing-labeless/), cause i must visit forum to read your post and get the link
Update: Wow i found it ("So, let’s proceed to the next lesson <--"), but i think make it "bold" for other. And this link is different from your post:
https://www.research.checkpoint.com/19558-2 <-- Blog (can not view)
https://research.checkpoint.com/19558-2/ <-- Your post
Regards,
Can you add the link to Part 3 at the end of Part 2 (https://research.checkpoint.com/installing-labeless/), cause i must visit forum to read your post and get the link
Update: Wow i found it ("So, let’s proceed to the next lesson <--"), but i think make it "bold" for other
. And this link is different from your post:https://www.research.checkpoint.com/19558-2 <-- Blog (can not view)
https://research.checkpoint.com/19558-2/ <-- Your post
Regards,
Last edited:
@a1ext:
Can you add the link to Part 3 at the end of Part 2 (https://research.checkpoint.com/installing-labeless/), cause i must visit forum to read your post and get the link
Update: Wow i found it ("So, let’s proceed to the next lesson <--"), but i think make it "bold" for other
https://www.research.checkpoint.com/19558-2 <-- Blog (can not view)
https://research.checkpoint.com/19558-2/ <-- Your post
Regards,
Thanks, I'll tell somebody to improve that.
Regarding links, we will fix that soon, thanks
Last edited:
Guys, new version released https://github.com/a1ext/labeless/releases/tag/v_1_1_2_85
Changelog:
Changelog:
Code:
[IDA] IDA 7 for Linux project fixed
[IDA] Python editors now have line numbers
[IDA] Toolbar added
[github] Issue template added
[fix] Fixed issue #41
[IDA] now we could navigate to an error line when click at the debugger's script error line
[IDA] log outputs of the debuggee were made read only
[IDA] added debug visualizer for Qt5 to the project
[labeless] logging function was adjusted to the plugins code which don't add extra line endings
[IDA] debuggee's stderr spaces displaying fixed
[README] Added PyPI badge
[README] donate badge was added
[README] Discord channel badge added
[README] gitter badge removed, rooms were removed
Remote memory allocation for scripting added ll.memory.RemoteAllocRWE/ll.memory.RemoteFreeGuys, new blog posts are ready for you:
* Labeless Part 4: Scripting
* Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm
* Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware
Credits:
* Raman Ladutska (part 4 and 5)
* Alexey Bukhteyev (part 6)
* Labeless Part 4: Scripting
* Labeless Part 5: How to Decrypt Strings in Boleto Banking Malware Without Reconstructing Decryption Algorithm
* Labeless Part 6: How to Resolve Obfuscated API Calls in the Ngioweb Proxy Malware
Credits:
* Raman Ladutska (part 4 and 5)
* Alexey Bukhteyev (part 6)
Last edited:
Thanks a lot. I've took a look at some of them, the images are scaled and unreadable, are there some way to keep them, for example, as svg to preserve their quality?
greenpiece
New member
@samoray, thanks for great idea! Haven't thought about it initially.
Now when you've provided PDFs and we're meditating on them, I'm thinking in this direction... Having all the original documents, I can convert all the images to vector graphics so that zoom issue will be resolved - as pointed by @a1ext - and then convert documents to PDFs with all the original formatiing.
If it sounds like a plan, I will share updated PDFs soon.
m4n0w4r
New member
Yup, it always great idea!!
We can view offline with a good quality pictures and also a must have plug-in for IDA!!
Regards,
samoray
New member
greenpiece
New member
Here we go, guys, PDFs are attached to this message and are ready to be used right away.
Images there are usual PNGs, not SVGs, I've found it surprisingly difficult to convert colourful images from PNG\BMP format to SVG.
Hopefully it will not be an issue for you.
Feel free to share any feedback that comes to your minds!
Images there are usual PNGs, not SVGs, I've found it surprisingly difficult to convert colourful images from PNG\BMP format to SVG.
Hopefully it will not be an issue for you.
Feel free to share any feedback that comes to your minds!
samoray
New member
@greenpiece:
Thank you for your efforts, waiting for more...
do you mind if I share this in other forums!
Thank you for your efforts, waiting for more...
do you mind if I share this in other forums!
Yes, please ^__^@greenpiece:
Thank you for your efforts, waiting for more...
do you mind if I share this in other forums!
greenpiece
New member
Sure, please do! Spreading tutorials is an excellent idea@greenpiece:
Thank you for your efforts, waiting for more...
do you mind if I share this in other forums!
Just keep the link to this forum and/or Check Point blog so that community stays aware of updates when they appear.