Physical Security: Access Card Cloning with Proxmark in Red Team Operations
1. Introduction and Objectives In this article, we will explore how easy it can be to clone certain types of cards that are widely used, not only in access controls of private organizations (hotels, etc.) but also in public institutions. To achieve this, we will make use of Proxmark3, which can be acquired from its official website: In this article, we will not demonstrate how to set up the environment to be able to use Proxmark3, as there are several tutorials available on the Internet that provide clear instructions for that: Therefore, to carry out this practice, we should have …
Analysis and Reverse Engineering of a Banking Trojan Malware from the Zeus Family
1. Introduction and Objectives In this article, we will demonstrate how to conduct a reverse engineering analysis of a banking trojan from the Zeus family. For our study, we have been provided with a single binary file named “fichero.bin.” You can download it from the JMSec GitHub repository: To undertake a study of this nature, you’ll need some basic knowledge of reverse engineering. 2. Setting Up the Laboratory and Description of Materials To begin the exercise, it should be noted that the analysis of the binary is conducted under the Windows 10 operating system. The following list enumerates the tools …
REVERSING: Study and programming of a KEYGEN.
1. Introduction and Objectives In this article, we are going to superficially explain how certain software licenses are generated. To do this, we will study a particular code, with the aim of subsequently programming a key generator that can generate a correct key from any text string. For this, we will need to have at least basic knowledge in assembler programming (ASM), and in reverse engineering. As tools, we will use the OllyDbg debugger and the DevCpp compiler to program the key generator (Keygen) in C/C++. If you are interested in conducting a cybersecurity audit of your applications, you can …