Carl Schou / vm

@vm_call

bored high school student.

Denmark
Joined June 2015

Media

  1. Jan 28
    Replying to and

    > last person in the shout out list

  2. Jan 26

    I ported from Jekyll to Wordpress in hopes that the "comments" feature would be used to provide meaningful commentary to my content. Let's just say that I am pleased with my decision

  3. Jan 24
    Replying to

    Call me petty but i have no remorse for a company that literally steals personal files from my computer. We can keep doing this all year baby

  4. Jan 21
    Replying to
  5. Jan 20

    > bruger udelukkende disassembler til risc

  6. Jan 20
    Replying to

    Det var alligevel nogle overkomplicerede løsninger folk fra Cyberlandsholdet fik bikset sammen, bare skriv en decompiler næste gang i stedet for alt det selvpineri ;) binexp1:

  7. Jan 17
    Replying to
  8. Jan 13
    Replying to
  9. Jan 13

    BattlEye is uploading device drivers from your machine as a part of its larger system enumeration routine, which sends unfiltered dumps of process names, window titles, module names, certificates and more to their server - stay put

    Show this thread
  10. Jan 13

    Who would've thought anti-cheats were still using old timing checks to detect generic virtualization

    Show this thread
  11. Jan 11
    Replying to

    The single-step shellcode is more fun :-) this time i'll prep multiple articles so i can drip feed the good info, so i need to finish this first

  12. Jan 11

    Low effort obfuscation :-(

    Show this thread
  13. Jan 11

    This is honestly a great example of *bad* opaque predicates. It takes no effort to comb through and clear the garbage operations, which isn't what opaque predicates should aim for

    Show this thread
  14. Jan 11
    Replying to

    Update was pushed yesterday, which is why i find it so hilarious - it's still obfuscated and most people wouldn't be able to reverse this, but this is nowhere near the capacity modern VMP has. This protection is just a fun little exercise in patching

  15. Jan 6

    For those interested, i will release a full write-up and analysis of BattlEye's infamous stack walker, which people don't really seem to know about. This is actually a great way to detect internal cheats that try to conceal themselves.

    Show this thread
  16. Jan 5

    Got it, BattlEye is blacklisting old D3DCompiler and d3dx9_32 binaries

    Show this thread
  17. Jan 4

    Guess the next article will be an analysis of devirtualized BattlEye shellcode :-) they didn't remove the opaque checks that i pointed out last time, maybe they get the memo this time. Tons of new juicy stuff that the public isn't aware of.

    Show this thread
  18. 31 Dec 2019

    Everyone knows that 0-days are only valid if you pop calc.exe or notepad.exe:

  19. 30 Dec 2019

    I wonder if vs project arbitrary code execution is another wont-fix🤔

    Show this thread
  20. 18 Dec 2019

    Er bare træt af ikke at vide om der er fejl i opgaverne, for det ville ikke komme bag på mig

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·