Luigi Auriemma


17 Apr 2015 Research: XWB/ZWB files unpacker 0.3.5
fix for MS ADPCM (thanks CTPAX-X) and additional choice to overwrite all the files

02 Apr 2015 MyToolz: Offbreak 0.3.1b
fixed the generation of the command-line of the program to execute

01 Apr 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.2
tons of new compression algorithms, new Makefile for Linux, calldll from encryption/comtype with #INPUT_SIZE# and #OUTPUT_SIZE#, String with multiplication and hex2uri/uri2hex operators, a '0' added to the String operator allows to set an empty VAR1 in case of errors, rc6 encryption, xor_prev/xor_prev2/xor_next/xor_next2 encryptions, fix for getarray, added adler32 to the available crc functions, fix for a rare bug in reimporting, append 1 now allows to place the new content at the current position of the output file, source code of QuickBMS in a separate zip archive to avoid space and confusion, fix for using libtomcrypt, activated all the rnc compressions available, fix for xmemdecompress of native files (0xed magic), cleaning of spaces at the end of folder names in extraction, fix for filepath type. updated the compression and crc scanner to match the new amount of algorithms

27 Mar 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.6
automatic version 7 for GoT and TftB useful when encrypting the lua files, the tool no longer terminates if the archived lua files are not encrypted

25 Mar 2015 MyToolz: Offbreak 0.3.1a
added 64bit version and fixed the -t option for the trace file

25 Mar 2015 MyToolz: Offbreak 0.3.1
now by specifying the offset -1 it's possible to monitor the access to the whole file, added -E option to use an exception handler that may be useful in some rare situations

21 Mar 2015 Research: FSB files extractor 0.3.4a
small fix for getting the size of the last file of FSB5 archives, useful only with the -o -1 scanner

18 Mar 2015 Research: ORK files decrypter and extractor 0.1.2
added support for the ORC archives of Might and Magic Heroes VI, they are just encrypted ZIP archives so no list file is needed

18 Mar 2015 Research: orkdec filenames dumper 0.2
partially rewritten to work with more games and versions

18 Mar 2015 TestingToolz: One file only web/ftp server 0.6.2
added only the -b option to get data from the Windows clipboard

18 Mar 2015 TestingToolz: ATInfo 0.1
simple tool for calling all the API provided by the ATI SDK for their graphic cards

15 Mar 2015 MyToolz: Offset file unzipper 0.3.6a
support for files bigger than 2 gigabytes

15 Mar 2015 MyToolz: Offset file unzipper 0.3.6
added the -c option that allows to guess and dump the chunked files, option -D to specify dictionary, -d to visualize the hexdump of the data before and after the compressed streams, statistics information, offset where the compressed streams ends, amount of bytes between the current compressed stream and the previous one, zlib header and crc information, updated extensions guesser (strnicmp fix for Linux)

13 Mar 2015 Research: FSB files extractor 0.3.4
added the -M option that allows to dump the multichannel mp3s in separate files for each series of channels, highly suggested for maximum quality

09 Feb 2015 MyToolz: CmdDiz 0.2
added support for the new flg format, some improvements

01 Feb 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.5a
micro fix for the encryption of non-binary lua files

01 Feb 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.5
support for the new lua files (\x1bLEn magic) and key of Game of Thrones

28 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1d
support for long filenames (rarely used)

18 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1c
fix for Get basename, fir of the description of String >>, support for String % with a string as second variable (same behaviour of >> but from the beginning instead of the end), removed the double backslashes in some internal full paths, fixed Linux compatibility

18 Dec 2014 TestingToolz: aluigifuzz 0.3.1
many fixes, new features and options provided and suggested by various users, but please note that the tool is not under development (only some small requested fixes and features are supported)

10 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1b
fixes for the puyo compressions, fix for the visualization of the latest line of the script in case of errors

08 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1a
removed the visualization of the latest script line when there are no errors

07 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1
most of the global variables now have a g_ prefix, new NameCRC instruction for working with list of filenames, support for full scripts passed as command-line argument (';' separated), support for C NULL delimited arrays like short var[], many new crc/hash algorithms for the encryption and namecrc commands, added basename/filepath/filename comparisons for conditions, fix for math x with big numbers, added Set filepath, String P mode to use the same syntax of the Print command, enhancement of the Comtype dictionary to allow data containing zeroes, added new compression and recompression algorithms, mpq encryption, fix for the prs compression, more information when a read and compression error occurs, option -M for extracting only the files different than those available in another folder, no folders creation with -0 and -O, QUICKBMS_FILENAME internal variable, updated some libraries, zlib_noerror and deflate_noerror automatically increase the uncompressed size if needed (they use the same code of unzip_dynamic), Xmemdecompress with automatic decompression of Xbox files compressed with xbcompress (lzxdecode and lzxnative), lzma_dynamic with automatic scanning of the flags in case of failure, small fix for some gzip files, other small fixes and improvements, support for C enum, idstring information in -V mode, visualization of the last script line that caused the error, updated some libraries like lzma

26 Nov 2014 Research: Telltale TTARCH files extractor/rebuilder 0.2.4
added key of Tales from the Borderlands

26 Nov 2014 MyToolz: Lanfile 0.1.5a
just a fix for the interactive -i option

21 Oct 2014 MyToolz: Offbreak 0.3
tool that monitors the offsets of specific files read and written by a target program and breaks its execution for debugging it

14 Sep 2014 Research: FSB files extractor 0.3.3
important fix for calculating channels and frequency of the files stored in FSB5 archives

27 Aug 2014 Advisories: Old ZDI/IDefense advisories and PoC of enterprise and SCADA vulnerabilities found in 2010 and 2011
ZDI-12-163/ZDI-11-232, ZDI-12-114, ZDI-12-115, ZDI-12-100, ZDI-12-133, ZDI-12-148, ZDI-12-033, ZDI-11-351, ZDI-11-345, ZDI-11-329, ZDI-11-330, ZDI-11-320, ID954, ID953, ID973, ID974, ID975, ZDI-11-262, ZDI-11-263, ZDI-11-264, ZDI-11-245, ZDI-11-246, ZDI-11-235, ZDI-11-171, ZDI-11-170, ZDI-11-160, ZDI-11-161, ZDI-11-162, ZDI-11-163, ZDI-11-164, ZDI-11-165, ZDI-11-166, ZDI-11-156 (the material has been released as-is)

25 Aug 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6
review and better writing of quickbms.txt, source code extension H to C, -a can be specified multiple times for new arguments, new argument for the Append command to choose when and how write the new data, added new names for String operators, Endian can save the current endianess in a variable, Get line works even if there is no new line delimiter at end of file, last offset visualized when a compression fails, additional arguments for String printf, fix for base64_compress that wasn't handled, added comtype lz4_compress, new behavior of Debug command, base_offset argument for Padding command, negative index variable for get/putarray for taking and storing elements at the end of array, a positive value in goto SEEK_END is automatically converted in negative to seek correctly, fix for the filenames ending with . or * to guess their extension, better colors for the hexhtml visualization, automatic handling of xcompressed files (\x0F\xF5\x12\xEE) in comtype xmemcompress, some malloc to calloc changes, new icon, changed major version number due to the huge amount of enhancements from 0.5

25 Aug 2014 MyToolz: Signsrch 0.2.3
added the -S option for scanning only some signatures instead of all, -t for choosing the exact number of threads to use, -a for forcing a specific image address, -3 can be used to write the INT3 directly in the process specified by -P

19 Aug 2014 Research: steamuserip 0.1
proof-of-concept that uses the P2P networking API to get the LAN and Internet IP addresses of any user when playing some games on Steam

16 Aug 2014 Research: steamlobbylist 0.1
retrieves all the remote lobbies of a game, or all your installed games or a range of games defined by their appID

16 Aug 2014 Research: steamfilelist 0.1
lists and optionally downloads all the files located on the remoteStorage of a game, or all your installed games or a range of games defined by their appID

15 Aug 2014 Proof-of-concepts: Some games PoC
I have just released the proof-of-concept for the game vulnerabilities disclosed by ReVuln in a paper related to the talk given at NoSuchCon #1 in May 2013 - Breach, Brink, CryEngine3, Nexuiz (not the Classic one), Sanctum, The Haunted, Homefront, Monday Night Combat, Quake 4. The bugs were all 0-days over one year ago and probably they are too.

07 Aug 2014 ZenHAX: Free Game Research and Security Community
a Xentax-like forum for anyone and with additional sections for security and network protocols, feel free to join

01 Aug 2014 MyToolz: Mydown 0.3.2
option for specyfing a specific IP address to which connecting and fix for the -l option

01 Aug 2014 Research: GS peerchat server emulator 0.1.3b
removed the 6 chars limitation of the gamekey (for games like Juiced)

01 Aug 2014 Research: GS peerchat encryption/decryption algorithm 0.2a
removed the 6 chars limitation of the gamekey (for games like Juiced)

19 Jul 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.32
fixed memory consumption with files without names, fixed unicode conversion with no delimiters, added a math/xmath operator for strings, added new comptypes for handling lzma/lzma2 without header/prop (like those used in 7z files, previously known as msf), added hmac hashing using "hmac algorithm", updated various compression algorithms, added variable5 type, added QUICKBMS_HEXHASHL for low case hash, can specify lzma prop using dictionary, fix for multi dimensional arrays, alignment in read/write process memory

10 Jul 2014 Proof-of-concepts: Steam Client Service IPC sender PoC 0.1
proof-of-concept related to the research released by ReVuln

04 Jul 2014 Proof-of-concepts: Steam voip multiple vulnerabilities 0.1 (steamclient.dll
proof-of-concept related to the research released by ReVuln

29 Jun 2014 Patches: XPDF pdftotext/pdftops/pdfimages allow copying of text (Win32) 0.1.2
support for XPDF 3.04

18 Jun 2014 MyToolz: Proxymini 0.2.3
fixed some stability issues, anyway please note that the DNS caching system is not 100% suitable for the multi-thread environment, in the next version I will use c-ares or adns

16 Jun 2014 MyToolz: Proxymini 0.2.2
fixed bug when calling thread on 64bit, now it accepts connections to local addresses (only the proxymini port is filtered), it works also as Windows service

03 May 2014 TestingToolz: aluigifuzz 0.3
this is the dumb file mutation fuzzer I wrote in 2011 for my personal usage and was incredibly useful at that time. I have decided to release it because I no longer use it, read aluigifuzz.txt for additional information and examples

12 Apr 2014 Research: Telltale TTARCH files extractor/rebuilder 0.2.3
added key of Wolf Among Us 3 and fixed a bug when using -m with some files that didn't remove the 5VSM header

06 Apr 2014 Research: GS enctype2 servers list decoder/encoder 0.1.2
added support for re-encryption

06 Apr 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.31a
fix for already aligned size when using *log xsize

05 Apr 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.31
improvements for quickbmsver, *log with the xsize value used for reading aligned data (sometimes useful with block ciphers), fix for the xmath command that now works with unsigned numbers, String 'f' operator to filter non alphanumeric chars, improvements for the scexpand compression, added a new crc algorithm, option to use case sensitive variable names, additional work-arounds for gzip in case of invalid fields, encryption hash that performs hashing on the string specified as key if available (very useful), added tons of hashing algorithms thanks to sphlib

19 Mar 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.30
fixed multiple If, endian guess VAR, handling of some unicode spaces in the scripts, implemented correct disabling of the secure allocation, Math with reverse operations, tons of new decompression algorithms and some new recompressions, hex visualization of the encryption key in verbose mode, some new experimental lzss window initilizations, update of some libraries, more details for the exceptions, more details for the lzma errors

19 Mar 2014 MyToolz: Mydown and mydownlib 0.3.1
added an option similar to tail -f in mydown and improved the code that asks to overwrite the existent file multiple times

19 Mar 2014 MyToolz: DTMF2NUM 0.1.1
added an option to specify the parameters in dsp.c, used double instead of float, fixed the Makefile, no new improvements so the default detection is still the same of the previous versions

09 Mar 2014 MyToolz: Mydown and mydownlib 0.3a
fix for gzip handling

09 Mar 2014 MyToolz: Mydown 0.3
new features and improvements, large files support, the remote file is checked before downloading only if it's necessary, option -d for setting the output folder and -L for downloading a sequence of files (with incremental fields), multiple hosts, automatic concatenation of options that support multiple strings (like -c/s/M), optional milliseconds delay for the -l loop option, all the enhancements added in mydownlib

09 Mar 2014 MyToolz: mydownlib 0.3
bug fixes and improvements

09 Mar 2014 TestingToolz: One file only web/ftp server 0.6.1
fixed the -d/D option to visualize the whole header instead of byte per byte, fix for downloading the file from a requested offset (HTTP Range)

20 Feb 2014 Research: PunkBuster online GUID checker 0.1.16
added new games

14 Feb 2014 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.11a

04 Feb 2014 TestingToolz: One file only web/ftp server 0.6
many new features and bug fixes, note that -X is now -0

29 Jan 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.29
automatic guessed extension for the filenames that have a dot or a * at the end, replaced the Scummvm RNC compression with the old one because it didn't work, fixed lzlib compression, updated various libraries, backtrace after crashes, Windows 8.1 fix, fix for CallDLL with a MEMORY_FILE of same name but different content, set VAR ? ? to allow the user to choose the content of the variable at runtime, If case sensitive if used the 'u' optional parameter, added ZPAQ compression, added more return values in case of lzma errors, usage of variables in encryption random, autostart with -9 if quickbms crashes just when launched, fix for open FDSE in gui mode, reimport.bat

29 Jan 2014 MyToolz: mydown 0.2.11b and mydownlib 0.2.7b
added no-cache (useful?) and removed Accept-Encoding compressions if we use a Range request, in my tests the server returns ever the whole file from the beginning ignoring the range

06 Jan 2014 Research: FSB files extractor 0.3.2a
experimental support for FSB5 rebuilding

04 Jan 2014 Research: Gslist 0.8.11a
added only a new -d query to get the list of players with a Gamespy 3 query and -0 to not wait additional packets in reply to a query

... old news