One day I was developing a program to work with a python source code. A kind of analyzer for the static code analysis. I found a library
Redbaron and wanted conduct some research to understand its capabilities.
No so fast cowboy I wrote a lot of python code in
Pycharm created by the
JetBrains. After my tests via
pytest I’ve got the first bug. I’ve got the same problem like in #119 (Really, Is it a problem of IDE by the JetBrains?).
After debugging, I found some solutions, patches, and hacks.
Next, I’m telling you, dear reader, a story about a difference between hacks, patches, and solutions.
And Yeah, It hasn’t been a problem of IDE. Continue reading “Heisenbug: the true story of undefined behavior, part 1”
Sometimes ago I had finished the book about computer viruses and anti-viruses. This short article is just a summary of my recordings. Moreover, it is a translate from Russian to English(the book is in the Russian). I’ve got a lot of fun. Great work of the author, thanks a lot for it. ( Климентьев К.Е. “Компьютерные вирусы и антивирусы: взгляд программиста” – link to order).
I would like to talk about common technologies that use in some viruses, such as Win32.Zmist andWin32.MetaPHOR and etc. I am not a malware guy and don’t want to describe all stuff about internals, but just rewrite some concepts of those two from the book and other sources. Because viruses just use approaches of those two. Look:
- RPME – Real Permutation Engine
- UEP – Unknown Entry Point (same as EPO) : this method inserts first commands (entry point of a virus) inside of the middle of an original program.
- ETG – Executable Trash Generator : this method generates trash commands to hide original commands of a virus inside of a program.
- MistFall – mixing code of program and virus
- disassembler – this creates disassembly code of a program.
Let’s explore some principles.
Continue reading “Computer Viruses: Programmer’s View”