Programmatic String Deobfuscation in .NET Malware

In .NET assemblies, String obfuscation is most often implemented by passing a series of nonsensical arguments to a deobfuscation method which then returns the deobfuscated string to a method. In this post, you will learn some quick and dirty methods of using reflection to automate string deobfuscation in .NET assemblies.

CSAW CTF 2013 Qualification Round: Reversing

The 2013 CSAW Capture the Flag Qualification Round was held this past weekend with over 1300 participating teams. Like most Jeopardy-style CTFs, CSAW had several categories of problems, with Reverse Engineering as one of them. A small team from Digital Operatives participated in this competition; below are write-ups for the Reversing problems.