Luigi Auriemma

me@aluigi.org [PGP]


News QuickBMS Research MyToolz Advisories Proof-of-concepts Fake players bug Patches Password recovery MyMusic TestingToolz About... RSS feeds
aluigi.org zenhax old forum mirror   twitter linkedin
Old news

all the past news from the creation of this website.




01 Nov 2017 Research: Telltale TTARCH files extractor/rebuilder 0.3.1a

31 Oct 2017 Research: Telltale TTARCH files extractor/rebuilder 0.3.1
added support for the old format plus encryption used in the Bone 2.0 games

13 Oct 2017 Patches: XPDF pdftotext/pdftops/pdfimages allow copying of text (Win32) 0.1.3
added support for xpdf tools 4.00

29 Sep 2017 Research: ZenStudio PXP decompression functions 0.2

25 Sep 2017 Research: Unigine ung files extractor 0.3
added support for the ar04 archives used in Superposition

09 Sep 2017 QuickBMS: QuickBMS generic files extractor and reimporter 0.8.1
better Makefile compatible with MacOSX (thanks Misty De Meo), Endian Set CURRENT_ENDIAN, PutVarChr VAR 0 &VAR Long for storing VAR or MEMORY_FILE address to use with external DLLs, fixed a bug in FindLoc, improved incremental_fread, new compression algorithms and updates, fixed bug with CallDLL and arbitrary offsets, CallDLL imagebase and address features, fixed small bug in RNC compression introduced in 0.8.0, some fixes in ntcompress and lz77wii, now all the lzrw* algorithms don't check the useless 32bit flag field, xmemcompress working on Linux too, -N option for using decimal sequential names like 0.dat instead of 00000000.dat, -e option to ignore compression errors (debug), fixed rare bug with output filenames in append mode, fixed bug with custom lzss_compress EJ parameter, fixed yappy_compress, fixed bug with -9, added tga and uasset in sign_ext.c, improved compatibility with gcc 7, added json formatter in String, fixed an important bug in unicode strings introduced in 0.8.0, fixed NULL pointer in some VAR[i], String X parameter for experimental parsing of XML and JSON strings, OpenSSL 1.1 compatibility

12 Aug 2017 Research: Telltale TTARCH files extractor/rebuilder 0.3
added the keys of 3 games and a small fix for few archives of old games (MI5 for Wii)

13 Jun 2017 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.12
added support for 0.3.7-R2

14 May 2017 Patches: Interstate '76 GE cdfix/nocd, software resolution, memory fix 0.1.1
added the fix for the "Sorry, there is not enough memory to continue" error

07 May 2017 Research: FSB files extractor 0.3.8
zero channels and GET_FSB5_OFFSET fix

29 Apr 2017 Research: FSB files extractor 0.3.7
fix for the handling of offsets in big FSB5 archives

20 Mar 2017 Research: FSB files extractor 0.3.6
added support for type 8 rarely used for nameless files

12 Mar 2017 QuickBMS: QuickBMS generic files extractor and reimporter 0.8.0
Break and Continue instructions fixed and available, experimental Label instruction (use Break/Continue to go to that label), embedded C compiler to be used with CallDLL and the tcc calling convention, C compiler available also with the tcc variable type, updated compression algorithms and added few new ones, fixed a bug with gussed names with -d/D and TEMPORARY_FILE, fix for encryption mode of rotate, better handling of the rnc compression, fixed bug in xchdir, bug in utf8_to_utf16_chr, fixed a problem with if statements having more than 2 conditions, the user will be asked only once to confirm the loading of external dll, -P option to set the default codepage, restored compatibility with Win98, correct filenames output for non-ansi names, -T option for not deleting the TEMPORARY_FILE

12 Mar 2017 MyToolz: Mini Winamp input plugins player/converter 0.1.3
fixed RIFF size in output header and full path of the output file

19 Jan 2017 Research: Race WTCC files encrypter/decrypter 0.3.5
added the key for the PLR files of Raceroom, -k raceroom_plr

21 Dec 2016 Research: Milestone MIX files extractor 0.1.5
better guessing of old mode and -m option to force it

20 Dec 2016 Research: Milestone MIX files extractor 0.1.4
added support for Superbike World Championship 1999

20 Dec 2016 Research: Telltale TTARCH files extractor/rebuilder 0.2.13
added support for The Walking Dead: A New Frontier

04 Dec 2016 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.7
macosx compatibility, fix for reverse FindLoc, fix for Print with -Q, removed tag SCRIPT's MESSAGE when using Print, added _ and . trim operators in String, new and updated compression algorithms, SortArray switched from signed to unsigned (more useful), fix for comtype sixpack, lbalzss and SCUMMVM9, coverage statistics showing also the current offset, better handling of If statements with values coming from arrays, -K option, fix for tea_setup in encrypt mode

23 Nov 2016 MyToolz: myRTP command-line interface 0.1.1a

23 Nov 2016 MyToolz: myRTP command-line interface 0.1.1
added the --force option for skipping the crc check on the files and forcing the patching process (thanks -=CHE@TER=-)

31 Oct 2016 MyToolz: Lanfile 0.1.6
*nix/macos patch to remove dependencies and compilation problems

30 Oct 2016 Research: Telltale TTARCH files extractor/rebuilder 0.2.12
added support for archives larger than 2Gb

11 Oct 2016 Research: Telltale TTARCH files extractor/rebuilder 0.2.11
back to the 32bit compiling and added support for zCTT and other possible new chunk types

22 Aug 2016 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.6a
fixed unicode endianess in internal code

22 Aug 2016 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.6
fixed bug in FindLoc introduced in 0.7.5, compatibility for opening paths and filenames containing non-english characters (like chinese/korean/japanese directories of MMORPG), Oodle 2.3.0 (now fully working), some new compression algorithms, hsel encryption, automatic handling of endianess in EDL1 and EDL2 compression, removed backtrace library used during crashes to decrease the size and granting compatibility with Windows 98, fixed bug in check_wildcard for options -f/-F, fix for recognizing MEMORY_FILE set as key of encryption and other commands

06 Aug 2016 Research: Telltale TTARCH files extractor/rebuilder 0.2.10
added support for Batman

30 Jul 2016 Research: XWB/ZWB files unpacker 0.3.6
fix for recognizing the adpcm codec instead of xma in the old xwb archives till version 3

24 Jul 2016 Research: Race WTCC files encrypter/decrypter 0.3.4
added the current key for Raceroom, you must just continue to use -k raceroom

24 Jul 2016 MyToolz: Mini Winamp input plugins player/converter 0.1.2
two fixes (thanks -=CHE@TER=-)

23 Jul 2016 MyToolz: Signsrch 0.2.4
removed an unused buffer used with PE/ELF parsing, added handling of SHT_NOBITS in ELF parsing, fix for check_wildcard(), a couple of new signatures mainly for LZ4 so basically the database is still the same of 2013

19 Jul 2016 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.5
additional argument for FindLoc to specify the ending search offset, fixed a bug in FileXor/Rot/Crypt introduced in 0.7.4, small fix for the optional arguments of NameCRC, small fix for a rare bug in String, improved printf and sscanf operators of String, new compression algorithms, updated Oodle, isaac encryption, FreeLibrary called in CallDLL at the end of the script, -Z option for replacing all the archived files with zeroes in reimport mode, warning about impossibility to reimport files with wildcards, fix for the XSIZE field in the Log/CLog commands, fix comtype wp16, fix for recursive_dir with invalid sub_folders, improvements for set_utf8_to_unicode and set_unicode_to_utf8, realloc with usage of temporary file in case of failure with big buffers, updated algorithms and libraries, improved guessed extensions for some nameless files

19 Jul 2016 MyToolz: Offbreak 0.3.4
some options, work-in-progress features and small fixes added months ago

21 May 2016 Research: THPS HED/WAD files extractor/builder 0.2.1
some archives use no offset alignment so the tools try to guess them

29 Apr 2016 Forum: the full html backup of the well known old forum aluigi.freeforums.org (forum.aluigi.org) that I maintained till 2011 is online

29 Apr 2016 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.4a
fixed a bug in big endian Get byte/short introduced in 0.7.4

21 Apr 2016 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.4
fix for String 0 operator, Do While working with multiple conditions, Endian works also with variables containing the saved value, CallDLL usercall fix, added various compression algorithms, fix for filexor/filerot with negative offset, fix for overflowing longlong values read/written using quickbms.exe, simple progress visualization for reimporting, fixed reimporting of MEMORY_FILEs

21 Apr 2016 MyToolz: Mydown 0.3.3
new mydownlib

21 Apr 2016 MyToolz: mydownlib 0.3.3
removed port from the Host header, better NULL delimiter for files downloaded in memory

21 Apr 2016 Research: FSB files extractor 0.3.5
solved various extraction bugs (like the -m option), no improvements or fixes for rebuilding

27 Feb 2016 Research: Telltale TTARCH files extractor/rebuilder 0.2.9
fixed reimporting of Lua files, now the reimporting is a bit slower but it's safe for any future change

25 Feb 2016 Research: Telltale TTARCH files extractor/rebuilder 0.2.8b
added key of Walking Dead Michonne

25 Feb 2016 Research: Telltale TTARCH files extractor/rebuilder 0.2.8a
another fix for the encryption of single lua files with -e 0 58

31 Jan 2016 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.3
fixed the recent issues of quickbms 0.7.2* (back to 0.7.1 method), some new compression algorithms, fixed identification of comtype ppmdi_raw, fix and improvements for the parameters of the *tea encryptions, improvement of ZIP_AES, various parts of code set as static, small improvements of rsa_tomcrypt, String t and T operators to make easier the handling of html/xml

30 Jan 2016 Research: Milestone MIX files extractor 0.1.3a
compatible with archives bigger than 2 Gb

12 Dec 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.2a
fixed a bug introduced in 0.7.2 and related to the length of the variables

11 Dec 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.2
now the TEMPORARY_FILE is deleted automatically at the end of the extraction without asking, added the following compression algorithms: PKWARE DCL, IBM TERSE (PACK/SPACK), PKWARE reduce, a configurable LZW engine, ultima6, lz5 and yalz77, 4 additional formats for RSA keys, fix for sortarray with arrays having different elements, SLog supporting offsets till 4Gb - 1, reimport mode for deflatex/zlibx, added ZIP file creation in addition to the ISO one, -Q for really quiet mode, updated some algorithms, increased the number of allowed arguments per line for If and String S, setvbuf to 64Kb (probably useless), fix for Xmemdecompress with lzxnative and lzxtdecode formats, replaced sub_var strdup_replace with manual alloc+memcpy, feature to embed scripts inside quickbms.exe for distribution in modkits

10 Dec 2015 Research: IBM TERSE decompression (PACK/SPACK) 0.1
from the upcoming QuickBMS source code

10 Dec 2015 Research: PKWARE reduce decompression 0.1
from the upcoming QuickBMS source code

10 Dec 2015 Research: unpxp 0.1
from the QuickBMS source code

10 Dec 2015 Research: old Bizarre Creations decompression 0.1
from the QuickBMS source code

10 Dec 2015 Research: Lego Island Xtreme Stunts decompression 0.1
from the QuickBMS source code

10 Dec 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.8
fixed encryption of single lua files with -e 0 58 (thanks quckly)

10 Dec 2015 Research: EA JDLZ decompression 0.1
from the QuickBMS source code

10 Dec 2015 Research: EA COMP decompression 0.1
from the QuickBMS source code

10 Dec 2015 Research: EA HUFF decompression 0.1
from the QuickBMS source code

10 Dec 2015 Research: CPK LAYLA compression 0.1
from the QuickBMS source code

24 Nov 2015 Research: ORK files decrypter and extractor 0.1.3
added the key for the recent Supernova MOBA game (thanks Ekey)

23 Nov 2015 Password_recovery: TrendMicro passwords decrypter 0.1.2
added support for !CRYPTEX! and !CRYPTEX3!

16 Nov 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.1
many fixes: stricmp crash on Linux/WinXP, String =, set basename, putarray, recognizing end of file in fgetxx, coverage statistics of memory files, skip existent files choice/option, double request of files overwrite in some cases, some rare compression algorithms not working correctly, mcrypt comma separator, a couple of magics in sign_ext.c. -i option for creating an ISO image, now some compression algorithms don't give error if the end of output is reached (better for the comtype scanner), undk2 replaced by refpack_decompress_safe, more operators in encryption random and support for bitmasks (like key >> 16), my encryptions like random/math/xmath now support also variables in their configuration, added aes modes ige/bi_ige/heat, less resource used by append log to file, initialization of arrays with multiple input files, 30 new compression algorithms, code improvements and less memory consumed at runtime

31 Oct 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.7.0
support for wildcards in the selection of input files, fixes in check_condition: constant strings, basename, filepath and filename, String reverselong/short/longlong weren't recognized, new 'y' String operator for alignment, Set to_unicode for converting to utf16, new FULLBASENAME type, better Print hexdump, String with constant strings, important fixes for the String operators: shl, mul, equal, split and cstring, some new compression algorithms, TEMPORARY_FILE now doesn't prompt for overwriting, better handling of same input and output file, Encryption Math with #INPUT#, some default values to the few compressions that required a ditionary value, LZ4 supporting dictionary and returning no errors in case of short output, fix for filexor/filerot with negative values, fix for utf16 conversion, information and fixes in the manual, reimplemented lzrw, balz and quad compressions, added mcomp/libmcomp, irolz, uclpack and ace compressions

23 Oct 2015 MyToolz: Offzip 0.4
-r option for reimporting the extracted files like in QuickBMS (it uses the Zopfli library), the previous -r option has been renamed -R, some changes to the runtime help, it's no longer needed to specify the output folder and offset, option to automatically overwrite the output files, -1 now uses the output filename if specified, added a Makefile for Linux, renamed from Offset file unzipper to Offzip

20 Oct 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.7a
fix for encrypting lua files in Minecraft: Story Mode

16 Oct 2015 Research: PunkBuster online GUID checker 0.1.17
added Battlefield Hardline and H-Hour Worlds Elite

15 Oct 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.7
added support for Minecraft: Story Mode

28 Sep 2015 QuickBMS: changed the folder containing all my scripts just to /bms, all the old links to /papers/bms and /papers/bms/others are still valid as redirects

24 Sep 2015 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.8
added support for Red Orchestra 2 and a small fix for write_unrser

18 Sep 2015 QuickBMS: Latest QuickBMS scripts
added an RSS feed containing the latest scripts that have been written and updated

14 Sep 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.7a
full lzham implementation with parameters brute forcing, better support for MEMORY_FILEs in C structs

14 Sep 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.7
variables between quotes are now considered constants, fixed some math/xmath operators, fixed Findloc unicode, some new compression algorithms, experimental Scandir modes for working with processes, quiet option, fix for Open EXISTS in reimport mode, fix for avoiding to create new files with -w using Open, small improvement of comtype lzma_dynamic, fix for some compresison algorithms that take parameters from the dictionary argument on quickbms_4gb_files

14 Sep 2015 MyToolz: Offbreak 0.3.3
-e option for adding environment strings (useful with some Steam games), -T for delayed attachment of the debugger -d, better handling and checking of the filenames that allows to specify just the filename without the whole path or wildcards

14 Sep 2015 MyToolz: Mini Winamp input plugins player/converter 0.1.1a
removed dependencies from the manifest file

04 Aug 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.6a
support for negative numbers in String <<, yay0dec compression, fix for the cpk recompression algorithm, but note that it can't be used in reimport mode because the decompression is size-dependent and that value (FileSize in cpk.bms) is left unchanged in reimport mode

04 Aug 2015 MyToolz: Offbreak 0.3.2a
the -m option will display a MessageBox also when the debugger is attaching to the process

04 Aug 2015 MyToolz: Offbreak 0.3.2
fix for MapViewOfFile with viewsize 0, option for setting the debugger to use, fix for NtQueryObject on 64bit, updated MinHook library

03 Aug 2015 Research: Unigine ung files extractor 0.2
support for the game Cradle

02 Aug 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.6
experimental reimporting of chunked files, fix for Set VAR strlen VAR, NameCRC allowed to use a MEMORY_FILE (useful for compressed embedded list), fix for NameCRC that skipped hex hashes, added Zopfli for better compression of some files, a couple of new compression algorithms, set correct position of memory file in append mode, don't ask to overwrite in append mode if the file has been created by the script, -O - for stdout output (redirect may not work), fix for long directory names

28 Jul 2015 MyToolz: Mini Winamp input plugins player/converter 0.1.1
some fixes

26 Jul 2015 MyToolz: PackZip 0.3.1
support for files bigger than 2Gb, zopfli, lzma with multiple cpu support

08 Jul 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.5
SLog command for exporting/reimporting strings (game localization), a couple of new compression algorithms, fixed various recompression algorithms, improvement of RSA and added similar encryptions, added most of the eCRYPT algorithms, compatibility with Windows 8.1, fixed a very rare bug in putarray, some minor fixes

29 May 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.4
encryption PKCS5_PBKDF2_HMAC, BytesToKey and ZIP_AES (now zip.bms supports AES too), updated many compression algorithms (LZ4 was necessary for Witcher3), small fix for unzip_dynamic/bzip2

06 May 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.3a
fixed a bug in Strlen introduced in the previous version

01 May 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.3
new Codepage command for utf16 to utf8 strings conversion (will be improved/expanded in future), base conversion in Math command (binary/octal), fix for the parameters in the Print command after the pipe, many new compression algorithms including also recompression (cpk, bpe and nrv are the most important), new argument for Strlen to get the full size of the variable, initial implementation of rsa encryption, command Append 1 improved to work with Goto, additional parameter in xor_prev/next to specify the operation on the last byte, fixed a bug in CallDLL introduced in the last version, QuickBMS version and information visible in the properties of the exe, restored compatibility with Windows 98 (_fstat64 caused by iostream)

01 May 2015 MyToolz: HEX2BYTE 0.3.1
better stdin input (binary and size), options for size of the elements, endianess and debugging

17 Apr 2015 Research: XWB/ZWB files unpacker 0.3.5
fix for MS ADPCM (thanks CTPAX-X) and additional choice to overwrite all the files

02 Apr 2015 MyToolz: Offbreak 0.3.1b
fixed the generation of the command-line of the program to execute

01 Apr 2015 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.2
tons of new compression algorithms, new Makefile for Linux, calldll from encryption/comtype with #INPUT_SIZE# and #OUTPUT_SIZE#, String with multiplication and hex2uri/uri2hex operators, a '0' added to the String operator allows to set an empty VAR1 in case of errors, rc6 encryption, xor_prev/xor_prev2/xor_next/xor_next2 encryptions, fix for getarray, added adler32 to the available crc functions, fix for a rare bug in reimporting, append 1 now allows to place the new content at the current position of the output file, source code of QuickBMS in a separate zip archive to avoid space and confusion, fix for using libtomcrypt, activated all the rnc compressions available, fix for xmemdecompress of native files (0xed magic), cleaning of spaces at the end of folder names in extraction, fix for filepath type. updated the compression and crc scanner to match the new amount of algorithms

27 Mar 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.6
automatic version 7 for GoT and TftB useful when encrypting the lua files, the tool no longer terminates if the archived lua files are not encrypted

25 Mar 2015 MyToolz: Offbreak 0.3.1a
added 64bit version and fixed the -t option for the trace file

25 Mar 2015 MyToolz: Offbreak 0.3.1
now by specifying the offset -1 it's possible to monitor the access to the whole file, added -E option to use an exception handler that may be useful in some rare situations

21 Mar 2015 Research: FSB files extractor 0.3.4a
small fix for getting the size of the last file of FSB5 archives, useful only with the -o -1 scanner

18 Mar 2015 Research: ORK files decrypter and extractor 0.1.2
added support for the ORC archives of Might and Magic Heroes VI, they are just encrypted ZIP archives so no list file is needed

18 Mar 2015 Research: orkdec filenames dumper 0.2
partially rewritten to work with more games and versions

18 Mar 2015 TestingToolz: One file only web/ftp server 0.6.2
added only the -b option to get data from the Windows clipboard

18 Mar 2015 TestingToolz: ATInfo 0.1
simple tool for calling all the API provided by the ATI SDK for their graphic cards

15 Mar 2015 MyToolz: Offset file unzipper 0.3.6a
support for files bigger than 2 gigabytes

15 Mar 2015 MyToolz: Offset file unzipper 0.3.6
added the -c option that allows to guess and dump the chunked files, option -D to specify dictionary, -d to visualize the hexdump of the data before and after the compressed streams, statistics information, offset where the compressed streams ends, amount of bytes between the current compressed stream and the previous one, zlib header and crc information, updated extensions guesser (strnicmp fix for Linux)

13 Mar 2015 Research: FSB files extractor 0.3.4
added the -M option that allows to dump the multichannel mp3s in separate files for each series of channels, highly suggested for maximum quality

09 Feb 2015 MyToolz: CmdDiz 0.2
added support for the new flg format, some improvements

01 Feb 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.5a
micro fix for the encryption of non-binary lua files

01 Feb 2015 Research: Telltale TTARCH files extractor/rebuilder 0.2.5
support for the new lua files (\x1bLEn magic) and key of Game of Thrones

28 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1d
support for long filenames (rarely used)

18 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1c
fix for Get basename, fir of the description of String >>, support for String % with a string as second variable (same behaviour of >> but from the beginning instead of the end), removed the double backslashes in some internal full paths, fixed Linux compatibility

18 Dec 2014 TestingToolz: aluigifuzz 0.3.1
many fixes, new features and options provided and suggested by various users, but please note that the tool is not under development (only some small requested fixes and features are supported)

10 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1b
fixes for the puyo compressions, fix for the visualization of the latest line of the script in case of errors

08 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1a
removed the visualization of the latest script line when there are no errors

07 Dec 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6.1
most of the global variables now have a g_ prefix, new NameCRC instruction for working with list of filenames, support for full scripts passed as command-line argument (';' separated), support for C NULL delimited arrays like short var[], many new crc/hash algorithms for the encryption and namecrc commands, added basename/filepath/filename comparisons for conditions, fix for math x with big numbers, added Set filepath, String P mode to use the same syntax of the Print command, enhancement of the Comtype dictionary to allow data containing zeroes, added new compression and recompression algorithms, mpq encryption, fix for the prs compression, more information when a read and compression error occurs, option -M for extracting only the files different than those available in another folder, no folders creation with -0 and -O, QUICKBMS_FILENAME internal variable, updated some libraries, zlib_noerror and deflate_noerror automatically increase the uncompressed size if needed (they use the same code of unzip_dynamic), Xmemdecompress with automatic decompression of Xbox files compressed with xbcompress (lzxdecode and lzxnative), lzma_dynamic with automatic scanning of the flags in case of failure, small fix for some gzip files, other small fixes and improvements, support for C enum, idstring information in -V mode, visualization of the last script line that caused the error, updated some libraries like lzma

26 Nov 2014 Research: Telltale TTARCH files extractor/rebuilder 0.2.4
added key of Tales from the Borderlands

26 Nov 2014 MyToolz: Lanfile 0.1.5a
just a fix for the interactive -i option

21 Oct 2014 MyToolz: Offbreak 0.3
tool that monitors the offsets of specific files read and written by a target program and breaks its execution for debugging it

14 Sep 2014 Research: FSB files extractor 0.3.3
important fix for calculating channels and frequency of the files stored in FSB5 archives

27 Aug 2014 Advisories: Old ZDI/IDefense advisories and PoC of enterprise and SCADA vulnerabilities found in 2010 and 2011
ZDI-12-163/ZDI-11-232, ZDI-12-114, ZDI-12-115, ZDI-12-100, ZDI-12-133, ZDI-12-148, ZDI-12-033, ZDI-11-351, ZDI-11-345, ZDI-11-329, ZDI-11-330, ZDI-11-320, ID954, ID953, ID973, ID974, ID975, ZDI-11-262, ZDI-11-263, ZDI-11-264, ZDI-11-245, ZDI-11-246, ZDI-11-235, ZDI-11-171, ZDI-11-170, ZDI-11-160, ZDI-11-161, ZDI-11-162, ZDI-11-163, ZDI-11-164, ZDI-11-165, ZDI-11-166, ZDI-11-156 (the material has been released as-is)

25 Aug 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.6
review and better writing of quickbms.txt, source code extension H to C, -a can be specified multiple times for new arguments, new argument for the Append command to choose when and how write the new data, added new names for String operators, Endian can save the current endianess in a variable, Get line works even if there is no new line delimiter at end of file, last offset visualized when a compression fails, additional arguments for String printf, fix for base64_compress that wasn't handled, added comtype lz4_compress, new behavior of Debug command, base_offset argument for Padding command, negative index variable for get/putarray for taking and storing elements at the end of array, a positive value in goto SEEK_END is automatically converted in negative to seek correctly, fix for the filenames ending with . or * to guess their extension, better colors for the hexhtml visualization, automatic handling of xcompressed files (\x0F\xF5\x12\xEE) in comtype xmemcompress, some malloc to calloc changes, new icon, changed major version number due to the huge amount of enhancements from 0.5

25 Aug 2014 MyToolz: Signsrch 0.2.3
added the -S option for scanning only some signatures instead of all, -t for choosing the exact number of threads to use, -a for forcing a specific image address, -3 can be used to write the INT3 directly in the process specified by -P

19 Aug 2014 Research: steamuserip 0.1
proof-of-concept that uses the P2P networking API to get the LAN and Internet IP addresses of any user when playing some games on Steam

16 Aug 2014 Research: steamlobbylist 0.1
retrieves all the remote lobbies of a game, or all your installed games or a range of games defined by their appID

16 Aug 2014 Research: steamfilelist 0.1
lists and optionally downloads all the files located on the remoteStorage of a game, or all your installed games or a range of games defined by their appID

15 Aug 2014 Proof-of-concepts: Some games PoC
I have just released the proof-of-concept for the game vulnerabilities disclosed by ReVuln in a paper related to the talk given at NoSuchCon #1 in May 2013 - Breach, Brink, CryEngine3, Nexuiz (not the Classic one), Sanctum, The Haunted, Homefront, Monday Night Combat, Quake 4. The bugs were all 0-days over one year ago and probably they are too.

07 Aug 2014 ZenHAX: Free Game Research and Security Community
a Xentax-like forum for anyone and with additional sections for security and network protocols, feel free to join

01 Aug 2014 MyToolz: Mydown 0.3.2
option for specyfing a specific IP address to which connecting and fix for the -l option

01 Aug 2014 Research: GS peerchat server emulator 0.1.3b
removed the 6 chars limitation of the gamekey (for games like Juiced)

01 Aug 2014 Research: GS peerchat encryption/decryption algorithm 0.2a
removed the 6 chars limitation of the gamekey (for games like Juiced)

19 Jul 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.32
fixed memory consumption with files without names, fixed unicode conversion with no delimiters, added a math/xmath operator for strings, added new comptypes for handling lzma/lzma2 without header/prop (like those used in 7z files, previously known as msf), added hmac hashing using "hmac algorithm", updated various compression algorithms, added variable5 type, added QUICKBMS_HEXHASHL for low case hash, can specify lzma prop using dictionary, fix for multi dimensional arrays, alignment in read/write process memory

10 Jul 2014 Proof-of-concepts: Steam Client Service IPC sender PoC 0.1
proof-of-concept related to the research released by ReVuln

04 Jul 2014 Proof-of-concepts: Steam voip multiple vulnerabilities 0.1 (steamclient.dll 2.25.32.45)
proof-of-concept related to the research released by ReVuln

29 Jun 2014 Patches: XPDF pdftotext/pdftops/pdfimages allow copying of text (Win32) 0.1.2
support for XPDF 3.04

18 Jun 2014 MyToolz: Proxymini 0.2.3
fixed some stability issues, anyway please note that the DNS caching system is not 100% suitable for the multi-thread environment, in the next version I will use c-ares or adns

16 Jun 2014 MyToolz: Proxymini 0.2.2
fixed bug when calling thread on 64bit, now it accepts connections to local addresses (only the proxymini port is filtered), it works also as Windows service

03 May 2014 TestingToolz: aluigifuzz 0.3
this is the dumb file mutation fuzzer I wrote in 2011 for my personal usage and was incredibly useful at that time. I have decided to release it because I no longer use it, read aluigifuzz.txt for additional information and examples

12 Apr 2014 Research: Telltale TTARCH files extractor/rebuilder 0.2.3
added key of Wolf Among Us 3 and fixed a bug when using -m with some files that didn't remove the 5VSM header

06 Apr 2014 Research: GS enctype2 servers list decoder/encoder 0.1.2
added support for re-encryption

06 Apr 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.31a
fix for already aligned size when using *log xsize

05 Apr 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.31
improvements for quickbmsver, *log with the xsize value used for reading aligned data (sometimes useful with block ciphers), fix for the xmath command that now works with unsigned numbers, String 'f' operator to filter non alphanumeric chars, improvements for the scexpand compression, added a new crc algorithm, option to use case sensitive variable names, additional work-arounds for gzip in case of invalid fields, encryption hash that performs hashing on the string specified as key if available (very useful), added tons of hashing algorithms thanks to sphlib

19 Mar 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.30
fixed multiple If, endian guess VAR, handling of some unicode spaces in the scripts, implemented correct disabling of the secure allocation, Math with reverse operations, tons of new decompression algorithms and some new recompressions, hex visualization of the encryption key in verbose mode, some new experimental lzss window initilizations, update of some libraries, more details for the exceptions, more details for the lzma errors

19 Mar 2014 MyToolz: Mydown and mydownlib 0.3.1
added an option similar to tail -f in mydown and improved the code that asks to overwrite the existent file multiple times

19 Mar 2014 MyToolz: DTMF2NUM 0.1.1
added an option to specify the parameters in dsp.c, used double instead of float, fixed the Makefile, no new improvements so the default detection is still the same of the previous versions

09 Mar 2014 MyToolz: Mydown and mydownlib 0.3a
fix for gzip handling

09 Mar 2014 MyToolz: Mydown 0.3
new features and improvements, large files support, the remote file is checked before downloading only if it's necessary, option -d for setting the output folder and -L for downloading a sequence of files (with incremental fields), multiple hosts, automatic concatenation of options that support multiple strings (like -c/s/M), optional milliseconds delay for the -l loop option, all the enhancements added in mydownlib

09 Mar 2014 MyToolz: mydownlib 0.3
bug fixes and improvements

09 Mar 2014 TestingToolz: One file only web/ftp server 0.6.1
fixed the -d/D option to visualize the whole header instead of byte per byte, fix for downloading the file from a requested offset (HTTP Range)

20 Feb 2014 Research: PunkBuster online GUID checker 0.1.16
added new games

14 Feb 2014 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.11a

04 Feb 2014 TestingToolz: One file only web/ftp server 0.6
many new features and bug fixes, note that -X is now -0

29 Jan 2014 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.29
automatic guessed extension for the filenames that have a dot or a * at the end, replaced the Scummvm RNC compression with the old one because it didn't work, fixed lzlib compression, updated various libraries, backtrace after crashes, Windows 8.1 fix, fix for CallDLL with a MEMORY_FILE of same name but different content, set VAR ? ? to allow the user to choose the content of the variable at runtime, If case sensitive if used the 'u' optional parameter, added ZPAQ compression, added more return values in case of lzma errors, usage of variables in encryption random, autostart with -9 if quickbms crashes just when launched, fix for open FDSE in gui mode, reimport.bat

29 Jan 2014 MyToolz: mydown 0.2.11b and mydownlib 0.2.7b
added no-cache (useful?) and removed Accept-Encoding compressions if we use a Range request, in my tests the server returns ever the whole file from the beginning ignoring the range

06 Jan 2014 Research: FSB files extractor 0.3.2a
experimental support for FSB5 rebuilding

04 Jan 2014 Research: Gslist 0.8.11a
added only a new -d query to get the list of players with a Gamespy 3 query and -0 to not wait additional packets in reply to a query

19 Dec 2013 Research: Telltale TTARCH files extractor/rebuilder 0.2.2
support for Walking Dead 2

28 Oct 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.28
added the possibility of specify quoted strings on multiple lines with automatic \r\n added with each line, If statement with strncmp and added additional names for the other checks (like strstr, strcmp and so on), new alternative math/xmath operators, encryption xmath, encryption random (experimental), changed syntax for encryption math, new String operator S for splitting a string in multiple variables, a new compression, updated disasm engine, improved memory read/write function (process.h), fix for debug string visualization, filexor/filerot supporting also textual key, additional choice 0 (zero) for skipping all the existent files at runtime

28 Oct 2013 MyMusic: MP3
I have re-made the mp3s of all my music tracks, 192kbps and all the XM modules have been recorded with Open Modplug without effects for best quality so they will sound slightly different than before

21 Oct 2013 Research: Gslist 0.8.11
fixed a bug in the downloading and updating of GeoIP.dat (remember to delete the old file in %appdata% and ~), added the displaying of any filename passed to gslfopen() on stderr

21 Oct 2013 MyToolz: mydown 0.2.11a and mydownlib 0.2.7a
fix for the onflyunzip option with gzip files sent as binary files

21 Oct 2013 MyToolz: Dumproc 0.2
quick tool for dumping memory from a process or writing data into it

18 Oct 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.27
multiple conditions in the If statements, usercall calling convention, Next allows to specify a math operation, new compression algorithms, int3 option working also with compression and encryption, fix for String printf and int3

14 Oct 2013 Research: Telltale TTARCH files extractor/rebuilder 0.2.1
full support for rebuilding of ttarch2 archives, faster extraction speed, now -m will remove the 5VSM header (note that 5VSM can have more than one content, like some landb files)

12 Oct 2013 Research: Telltale TTARCH files extractor/rebuilder 0.2
support for ttarch2 archives used in The Wolf Among Us and automatic Lenc to Lua decryption/encryption

10 Oct 2013 Research: FSB files extractor 0.3.2
added support for FSB5 version 0

08 Oct 2013 MyMusic: Inspired
very nice dance track at 140 bpm with piano and happy melody

06 Oct 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.26
added some new compression algorithms, -k option to automatically skip existent files, usage of PAGE_GUARD instead of PAGE_NOACCESS to avoid issues with bugged drivers (Xonar and so on), experimental XMath command for multiple simple maths in one line

05 Oct 2013 MyMusic: Droplitz remix
track made using some samples of the game Droplitz

05 Oct 2013 MyMusic: Unfinished tracks 1
this is the place for all the XM tracks I had in an endless work-in-progress state :)

05 Oct 2013 MyToolz: Signsrch 0.2.2
improved the handling of the AND operator and updated functions for parsing executables

04 Oct 2013 MyToolz: mydown 0.2.11 and mydownlib 0.2.7
fixed a bug in the handling of chunked transfers

04 Oct 2013 MyToolz: Simple TCP proxy/datapipe 0.4.8b
mutex/lock on non-Windows platforms

29 Sep 2013 MyToolz: Lanfile 0.1.5
added option -t for sending timestamps, -S for ssl and an experimental UDP mode, both ssl and udp will be improved in future

22 Sep 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.25
added the Prev command to decrease a variable in a For cycle, comtype dictionary as variable if size specified, String C string with x operator, lot of new compression algorithms mainly from Scummvm, verbose -3 option, exception handler with additional info, \u unicode in C strings

21 Sep 2013 Research: FSB files extractor 0.3.1
fix for offsets in FSB5, automatic fixing of mp3 files (removing of non-standard padding) and dumping of the first 1 or 2 channels for multichannel files to make them playable (use -m option to disable this feature). let me know if you have ideas for building files from Ogg Vorbis/CELT frames

19 Sep 2013 MyToolz: BDE64 0.2.3
binary stdin on Windows and better handling of some URL encoded strings

08 Sep 2013 MyToolz: Simple TCP proxy/datapipe 0.4.8a
fixed select() bug

08 Sep 2013 MyToolz: Simple TCP proxy/datapipe 0.4.8
IP and port of the client in the filename dumped with -d (thanx Adam)

08 Sep 2013 MyToolz: Simple TCP proxy/datapipe 0.4.7d
added lock for option -d (thanx Dan), support for other ssl methods

11 Aug 2013 Research: Origin PIDs
list updated

11 Aug 2013 MyToolz: mydownlib 0.2.6b
fixed a small bug while reallocating filedata

11 Aug 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.24b
work-arounds for the variables optimizations introduced in the previous version

04 Aug 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.24a
fix for FDDE/FDSE with ? parameter, usage of static variable name and value buffers for faster performance

22 Jul 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.24
fixed a crash with -9 at the end of the process, CallDll with automatic handling of stdcall functions exported with or without @ name, sega_lzs2 with automatic handling of headers and size, automatic handling of nameless files inside folders (like folder\), -X option that acts as -H for the Windows console (colored fields highlighting with hex viewer), better support for Snappy, another small fix for -d/D, less memory requested for -X/H, additional checks to verify if the reimported file is bigger than the original

29 Jun 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.23a
improvements for the -d/D options

29 Jun 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.23
-O option to redirect any extracted file to the same output file (good to be used with named pipes), exit/error codes, real unicode utf16 support in the bms commands, -Y to answer yes automatically to any request from the tool, full fix for -d/D and support for same input and output folder ("_extract" suffix), fixed getarray with constant variables, fix for -9, -3 option to place INT3 before any CallDll, support for Windows 98, ffce algorithm, exception handler, added changelog.txt

29 Jun 2013 MyToolz: mydownlib 0.2.6a
automatically append 0x00 to filedata, stristr included in the code, malloc replaced with calloc. mydown updated too

29 Jun 2013 MyToolz: MyCRC 0.3a
stdin in binary mode on Windows (thanks Martin)

16 Jun 2013 QuickBMS: rFactor 2
script for extracting the files from the MAS and RFCMP archives of rFactor 2

09 Jun 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.22
speed improvements and some fixes, removed paqv6 and lpaq8

07 Jun 2013 Research: Race WTCC files encrypter/decrypter 0.3.3
added support for the decryption of the JCA archives of RaceRoom using -k raceroom, then use raceroom.bms to extract the archived files

02 Jun 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.21a
fix for lz4 output size, -D option similar to -d but without folder with name of the file, -f/F filter with negation filter like -f "*.mp*;!*.mp3" (which takes all files with mp* extension except mp3)

28 May 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.21
fix for -d option, fix for slz and automatic parsing of SLZ header and output size, option for not terminating in case of file errors

27 May 2013 Research: PunkBuster online GUID checker 0.1.15
other games added to the list

12 May 2013 MyToolz: Mydown 0.2.10
-K for loading options from file (Curl-like or command-line like), option for applying C escapes to any field, -s can be used multiple times, improved stdin input for -C

11 May 2013 MyMusic: Bugsline

11 May 2013 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.7
support for Sanctum and improved -s/S option

08 May 2013 Research: Qtracklist 0.1.1
only an update for the protocol used by this old tool

07 May 2013 QuickBMS: CRC scanner
another reverse engineering script for my collection: compressions scanner, encryptions scanner and now the CRC/checksums one

07 May 2013 MyToolz: Signsrch 0.2.1
fixed CRC engine

07 May 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.20b
fixed reflection in CRC engine

07 May 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.20a
some small fixes and improvements for the CRC engine

05 May 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.20
fix for the selection of multiple files, better crc engine, -f/F with support for stdin, fix for LZMA recompression

05 May 2013 MyToolz: PackZip 0.3
fix for LZMA compression, new options, added uberflate

04 May 2013 QuickBMS: updated script supporting the DLC of Farming Simulator 2013

28 Apr 2013 Patches: Unreal engine (old games) unrfs work-around 0.1

28 Apr 2013 Patches: Unreal engine (old games) unreaload fix 0.1

27 Apr 2013 Research: Telltale TTARCH files extractor/rebuilder 0.1.14
added support for Poker Night 2

27 Apr 2013 Patches: Unreal engine (old games) unreliable fix 0.1

22 Apr 2013 Research: Race WTCC files encrypter/decrypter 0.3.2
added a work-around for some types of files

15 Apr 2013 MyToolz: Signsrch 0.2
many bugfixes, folders scanning with wildcards, improved CRC engine, multithreading

13 Apr 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.19
improved filters options -f/F that now support multiple filters and even a text file as input containing all the desired filters

11 Apr 2013 MyMusic: Maybe 2.0

11 Apr 2013 MyMusic: loop0

11 Apr 2013 MyMusic: video7

09 Apr 2013 Research: uberflate 0.1.1
set UBERFLATE_MAXZIPLEN to a bigger size, if the kzip generated files are too big for the output just skip them (kzip acts like a brute forcer in which only the last generated result is the good one), released the uberflate_test tool

06 Apr 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.18
replaced kzip with uberflate, some bugfixes (comtype dictionary and calldll), lzma recompression now available also on Linux, added the -u option to check updates

06 Apr 2013 Research: uberflate 0.1
library for performing kzip+deflopt+defluff+deflopt without using files and achieving one of the best zlib/deflate compressions available, more info in uberflate.h

22 Mar 2013 MyMusic: Video6

21 Mar 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.17c
fixed a problem in reimport mode and added some new lzma modes

19 Mar 2013 Research: ISI rFactor files decrypter/encrypter 0.2.2
added the signature of Formula Truck and the -y option for forcing the decryption of unlisted signatures

18 Mar 2013 MyMusic: Video5
music of the video ReVuln - EA Origin Insecurity

08 Mar 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.17b
fixed the multidimensional arrays and improved the debugging feature with auto-resume of breakpoints

07 Mar 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.17a
fixed a bug introduced in 0.5.17

07 Mar 2013 TestingToolz: One file only web/ftp server 0.5.2
some bug fixes and support for folders

06 Mar 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.17
endian command with switchable endianess, calldll with RET pointer, fix extraction of files called as memory/temporary files, fixed quickbms.txt, support for floating numbers in String p=, fixed encryption in reimport mode, improved get/putarray, added variable4 used in Battlefield, experimental multidimensional variables VAR[i][j], experimental debugger in the process input (implemented on-the-fly for Simraceway), added the setting of the console title with the most useful information, fixed slash/backslash in the -f/F filters, added {} other than * in the filters, other fixes

26 Feb 2013 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.10a

26 Feb 2013 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.10
support for version 0.3x

29 Jan 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.16c
added support for the DFLT compression used in the ttgames.bms script that now is stable and supports all the LEGO series

28 Jan 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.16b
fixed a bug introduced with the previous update

28 Jan 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.16a
fixed a problem with Open FDSE in scripts used from command-line with a relative filename

27 Jan 2013 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.16
added the cabextract compression algorithms, signed variables useful for Get, info about the amount of file covered by the script, processes and modules, possibility of renaming an invalid output filename just by pressing RETURN, use * to select whole folders and subfolders when using QuickBMS with double-click, better performances during the scanning of folders, -S option for executing a program on each extracted file, checked compatibility with Linux (Debian/Ubuntu)

23 Jan 2013 QuickBMS: 3ds Max mse scripts decrypter

08 Jan 2013 MyToolz: CMDsock 0.1.2b
the tool can be compiled also as a dll for using it with RunDll32, no other fixes or updates

08 Jan 2013 TestingToolz: One file only web/ftp server 0.5.1
some fixes, added experimental support for WebDav, replaced the #NAME keyword for -r with #NAME#

27 Dec 2012 QuickBMS: BMS userDefineLang.xml
BMS syntax highlighting for Notepad++

24 Dec 2012 TestingToolz: One file only web/ftp server 0.5
many bugfixes, options -i and -I, support for the FTP protocol

24 Dec 2012 TestingToolz: mygrep 0.1
useful tool for scanning files and folders searching strings (C syntax supported) as binary patterns, utf16 unicode, base64, hex and other methods

24 Dec 2012 MyToolz: Mydown 0.2.9
option for using a file as Content/Content-Length

24 Dec 2012 MyToolz: Simple TCP proxy/datapipe 0.4.7c
minor fix for option -x

24 Dec 2012 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.6
added support for a couple of games and enhanced the interactive mode

18 Dec 2012 MyMusic: ReVuln music
released the music used in the recent videos of ReVuln

05 Nov 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.15b
minor fixes, --version and a new compression algorithm

05 Nov 2012 MyToolz: Signsrch 0.1.7a
fixed the addresses visible with -P

31 Oct 2012 TestingToolz: Offbreak
useful tool to track the operations performed by a program on a file at a given offset (hosted on ReVuln)

16 Oct 2012 Advisories: Steam Browser Protocol Insecurity (when local bugs go remote)
a paper regarding the usage of the steam:// links for compromising remote systems

03 Oct 2012 Research: ISI rFactor files decrypter/encrypter 0.2.1b
added the signature of Carretera 2012

02 Oct 2012 MyToolz: MORSE2ASCII 0.2
added support for abbreviations, prosigns and qcodes and fixed various bugs

02 Sep 2012 MyToolz: DTMF2NUM 0.1e
removed #include malloc.h and fixed a free() problem in the original resample2.c code

01 Sep 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.15a
added the -s option and fixed the handling of the . output folder

01 Sep 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.15
some small fixes

31 Aug 2012 Research: SD Gundam Capsule Fighter Online ZPK/ZDX/DAT files extractor/rebuilder 0.4.2
compatibility with archives having a size major than 2gb

24 Aug 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.14
FindLoc supporting variables, SortArray command, quickbmsver with possibility of specifying the -9 option, experimental encryption/comtype with embedded calldll, improved putarray/getarray, some minor fixes and enhancements

18 Jul 2012 Research: PunkBuster online GUID checker 0.1.14
added some new games

13 Jul 2012 MyToolz: Proxocket 0.1.8
added a trick for working with lpOverlapped used by some software in WSARecv*/WSASend*. version 0.1.7a remains available

13 Jul 2012 Advisories: Vulnerabilities in HP OpenView Performance Agent coda.exe

29 Jun 2012 Advisories: some bugs in SpecView and PowerNet Twin Client

26 Jun 2012 Advisories: Vulnerabilities in Winlog 2.07.16

21 Jun 2012 MyMusic: Boring

21 Jun 2012 MyMusic: ParaPara

21 Jun 2012 MyMusic: Quick Kickass

19 Jun 2012 MyMusic: Maybe
I wrote the melody over one year ago but I have finished the track just in these days, more music will be released in the next days

18 Jun 2012 Advisories: NULL pointer in Samsung AllShare 2.1.1.0

06 Jun 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.13
added some less known compression algorithms and a little fix to the EXECUTE command

22 May 2012 News: I have a new primary web server aluigi.org (thanx Nick Kusters)

22 May 2012 News: removed the protected folders solution adopted one week ago

22 May 2012 Research: FSB files extractor 0.3
added support for FSB5

15 May 2012 News: to avoid problems with my hosters I have protected the poc, fakep and pwdrec folders with an empty password or a simple sequence of usernames/passwords. for the moment this is an experiment so I will know if it works or not only in the next weeks/months. the alternatives were protecting the single zip files or removing the executables

13 May 2012 Advisories: released full details and PoC of my FlexNet License Server vulnerabilities fnplm_1, fnplm_2 and lmgrd_1

13 May 2012 Advisories: additional details about the SuiteLink bug

13 May 2012 Advisories: Vulnerabilities in Pro-face Pro-Server EX 1.30

13 May 2012 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.9
added compatibility with version 0.3e

11 May 2012 Advisories: Some bugs in QNX phrelay/phindows/phditto and Wonderware SuiteLink

01 May 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.12
added some compression algorithms and fixed get line

30 Apr 2012 MyToolz: myRTP command-line interface 0.1
basic tool that acts as an interface for the RTPatch patchw32.dll allowing to specify all the available options supported by this library

26 Apr 2012 MyToolz: wav4xm 0.1
simple tool I have written to clean my PCM wave instruments used in FastTracker and other music trackers: convert to mono 16bit, normalization and remove initial/final silence

26 Apr 2012 MyToolz: DTMF2NUM 0.1d
fixed a little bug in the normalization function

26 Apr 2012 News: libssp dependency
I have recompiled the following tools to avoid the libssp dll dependency (caused by gcc -fstack-protector-all): ttarchext, dpa_1, irm_1, samsux_1, skulltagfp and zdaemonfp

25 Apr 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.11
fixed -DDISABLE_SSL, added slz_03 and ntcompress30/40, filexor 0x11223344

25 Apr 2012 MyToolz: Proxocket 0.1.7a
added -fno-omit-frame-pointer and disabled the capturing of data in recv with MSG_PEEK flag

25 Apr 2012 Research: Telltale TTARCH files extractor/rebuilder 0.1.13a
added Walking Dead: A New Day

21 Apr 2012 Advisories: Endless loop in Samsung NET-i ware 1.37

19 Apr 2012 Advisories: Vulnerabilities in Samsung TV (remote controller protocol)

10 Apr 2012 Advisories: Denial of Service vulnerabilities in EMC IRM Server

05 Apr 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.10
fixed a bug in the reimporting in case of filenames starting with slash/backslash, added the RCN recompression, allowed the usage of the secure free() with non secure allocated memory (otherwise it's not possible to free memory allocated by external libraries)

29 Mar 2012 Advisories: Denial of Service in EMC Data Protection Advisor 5.8.1

22 Mar 2012 Advisories: Vulnerabilities in RealPlayer and Novell ZENworks

21 Mar 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.9b
fixed a rare bug with the binary type

21 Mar 2012 Research: Gslist 0.8.10d
micro fix in the web interface

20 Mar 2012 Advisories: released advisory and proof-of-concept for ms11-093 (OLE type confusion in XP/2003)

19 Mar 2012 Research: Gslist 0.8.10c
updated some components and added gsnatneg in the hearbeat function (-b), nothing new

19 Mar 2012 Research: GS natneg client 0.2
partially rewritten and added experimental server-side code

19 Mar 2012 Research: Gamespy NAT negotiation plugin for Proxocket 0.1
plugin for Proxocket for automatically applying the Gamespy NAT negotiation to existent tools

19 Mar 2012 Research: GS enctypeX servers list decoder/encoder 0.1.3b
added some checks in enctypex_wrapper

17 Mar 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.9a
fixed lzf recompression

16 Mar 2012 Advisories: Details about the ms12-020 proof-of-concept leak
I'm trying to build a resume of the story about the Microsoft leak and its details, it will be updated everytime I have more details

16 Mar 2012 Advisories: Use-after-free in Microsoft Remote Desktop
now that my proof-of-concept is out (yeah rdpclient.exe is the poc written by Microsoft in November 2011 using the example packet I sent to ZDI) I have decided to release my original advisory and proof-of-concept packet written the 16 May 2011... full-disclosure as usual :)

15 Mar 2012 Advisories: Code execution in Microsoft Remote Desktop (ms12-020) and vulnerabilities in GE iFix Profiy Historian and Portal
only the links to the original advisories released by the vendors the 13th March

14 Mar 2012 Advisories: Directory traversal in Sockso 1.5

14 Mar 2012 Advisories: Vulnerabilities in Presto! PageManager 9.01

14 Mar 2012 Advisories: Denial of Service in EMC NetWorker 7.6 sp3

14 Mar 2012 Advisories: Denial of Service in Epson EventManager 2.50

11 Mar 2012 Research: Telltale TTARCH files extractor/rebuilder 0.1.13
added the keys of Hector 102/103 and Law and Order Legacies

11 Mar 2012 MyToolz: Mydown 0.2.8 and mydownlib 0.2.6
gzip fix, added proxy support and some enhancements

08 Mar 2012 TestingToolz: FindBits 0.2.2a
fixed the -m option and allowed the visualization of the latest bits in the files (for example a file of one byte)

07 Mar 2012 Advisories: Directory traversal in NetDecision 4.6.1

02 Mar 2012 Advisories: Vulnerabilities in xArrow 3.2

02 Mar 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.9
added some new compression algorithms, optimization and customization of the secure allocation functions (they can be disabled using the option -9, needed in some occasions due to some limitations of this feature), fixed a bug that specified an input folder in case of selection of multiple files

24 Feb 2012 Research: Unigine ung files extractor 0.1
files extractor for the ung archives used by the Unigine game engine

21 Feb 2012 Advisories: Heap corruption in Unity 3d Web Player 3.2.0.61061

20 Feb 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.8
added the Include command and some checks

18 Feb 2012 Advisories: Vulnerabilities in Psycle 1.10.0

16 Feb 2012 Advisories: Vulnerabilities in Novell GroupWise Messenger 2.1.0 and some quick bugs in XnView

12 Feb 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.7
speed and resource optimizations for the memory

12 Feb 2012 News: website up & down
my website is and has ever been aluigi.org from the 2006 so check your bookmarks because lately aluigi.altervista.org has continuos problems (temporary up & down from about 2 weeks). note that it's a backup/mirror website that I switch as primary when needed so using aluigi.org you will catch ever the working website or alternatively mirror.aluigi.org if the main one fails

09 Feb 2012 Advisories: Vulnerabilities in R4 1.25

09 Feb 2012 Advisories: Vulnerabilities in R2 1.65

02 Feb 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.6d
customizations of the tea, xtea and xxtea algorithms and some fixes

28 Jan 2012 Research: Online cd-key verifier for games that use the Gamespy cd-key SDK 0.1.2a
modified to meet the *printf %n out-of-standard in use from Windows Vista, it's a shame that I must modify a perfectly working program for this reason moreover because the tool is linked to msvcrt.dll and not 8.0 or 9.0... no comment

27 Jan 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.6c
fixed a compability problem with the gcc optimizations regarding the patch for kzip

27 Jan 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.6b

27 Jan 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.6
added various other compression algorithms and optimized the usage of kzip

23 Jan 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.5
added the EXECUTE method for both Comtype and Encryption, String scanf/strstr/strrstr, various new compression algorithms, usage of kzip.exe in reimport mode if the compressed size is bigger than the original one, fixes and optimizations

17 Jan 2012 Advisories: Two Denials of Service in Rockwell RNADiagReceiver 2.40.0.12 (SCADA)
just an old test I did in the far September 2011 and planned to do better when inspired, I have released it now only to free my bugs queue and return on this product later without rush

15 Jan 2012 Advisories: Directory traversal in NeoAxis Web Player 1.4

15 Jan 2012 MyToolz: Calcc 0.1.5
added support for strings and chars, FILETIME/time64 visualization

11 Jan 2012 Advisories: some bugs in SumatraPDF and ExpressView

09 Jan 2012 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.4a
added a slower but more secure way to manage the allocated memory, it's a crazy experiment I had in mind and may help during the debugging of some scripts

09 Jan 2012 MyToolz: Signsrch 0.1.7
added only the possibility of scanning folders, the rest is unchanged

09 Jan 2012 MyToolz: QuickRVA 0.2.3a
micro fix if e_lfanew is minor than the size of IMAGE_DOS_HEADER and updated distorm library

19 Dec 2011 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.4
solved some bugs but there is still lot to do, created also an encryption_scan.bat+bms solution for scanning the various encryption algorithms with a known key and optional ivec

18 Dec 2011 Research: FSB files extractor 0.2.13a
solved lame bug with duplicated extensions

11 Dec 2011 Password_recovery: Sony Station Launcher profile and packet password decoder 0.2

04 Dec 2011 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.3b
fixed a problem with Open FDDE/FDSE

03 Dec 2011 Advisories: Vulnerabilities in Serv-U 11.1.0.3

03 Dec 2011 Advisories: Endless loop in CyberLink PowerDVD 11.0.0.2114

02 Dec 2011 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.8
compatible with 0.3d

01 Dec 2011 Research: NCF/CCF packet format to tcpdump capture format 0.2
rewritten, now handles the compressed packets and the timestamps

29 Nov 2011 Advisories: Vulnerabilities in 3S CoDeSys 3.4 SP4 Patch 2 (SCADA)

28 Nov 2011 Advisories: Use-after-free in Microsys PROMOTIC 8.1.4 (SCADA)

28 Nov 2011 Password_recovery: PROMOTIC data decrypter 0.1
decrypts the informations (users credentials and Data) available in users.ini and the PRA projects

28 Nov 2011 Advisories: Vulnerabilities in Siemens Automation License Manager (SCADA)

28 Nov 2011 Advisories: Vulnerabilities in Siemens SIMATIC WinCC flexible 2008 SP2 (SCADA)

28 Nov 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.12c
added the key of Jurassik Park

14 Nov 2011 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.3a
added the possibility of automatically setting new filenames for those that already exist (choose 'r' when prompted)

14 Nov 2011 Research: Gslist 0.8.10b
some small fixes

14 Nov 2011 MyToolz: Mydown and mydownlib
a small fix for URLs placed in const buffers

07 Nov 2011 Advisories: GE Proficy iFix HMI/SCADA ihDataArchiver.exe Trusted Header Size Remote Code Execution Vulnerability

03 Nov 2011 Advisories: Vulnerabilities in HP Data Protector Media Operations 6.20

03 Nov 2011 Advisories: Use-after-free in Excel for Office 2003 11.8335.8333 SP3
it was only a quick automated experiment so it's nothing special or interesting at the moment, maybe requires additional research or just to be put in the trash. there are 2 advisories but the bug is probably the same, sorry but I don't care now

30 Oct 2011 MyToolz: Proxocket 0.1.7
better compatibility with Windows Vista/7/2008 (thanx devnull)

30 Oct 2011 MyToolz: Lame Patcher 0.4.4b
avoid admin privileges on Vista/Win7

30 Oct 2011 Research: Live for Speed setups dumper 0.1a
solved the problem with UAC asking for admin privileges on Vista/Win7

30 Oct 2011 Research: GS peerchat server emulator 0.1.3a
added only the check of gslist.cfg when launched and the -v verbose option

30 Oct 2011 TestingToolz: UDPSZ 0.3.3a

30 Oct 2011 Advisories: ActiveX bug in Microsys PROMOTIC 8.1.4

29 Oct 2011 Research: PunkBuster online GUID checker 0.1.13
added Battlefield 3 and Red Orchestra 2

13 Oct 2011 Advisories: Vulnerabilities in PROMOTIC 8.1.3

10 Oct 2011 Advisories: Vulnerabilities in atvise webMI2ADS 1.0

10 Oct 2011 Advisories: Use after free in IRAI AUTOMGEN 8.022

10 Oct 2011 Advisories: Denial of Service in OPC Systems.NET 4.00.0048

02 Oct 2011 Advisories: Vulnerabilities in Cytel Studio 9

01 Oct 2011 Advisories: Vulnerabilities in GenStat 14.1.0.5943

28 Sep 2011 Advisories: Arbitrary memory corruption in NCSS 07.1.21

27 Sep 2011 Advisories: Vulnerabilities in PcVue 10 (SCADA)

25 Sep 2011 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.3
now it's no longer needed to specify the output folder when used from the command-line, added arguments to the CallFunction command, enhanced the unzip_dynamic compression, fixed a bug in the recompression of XMemCompress

25 Sep 2011 Advisories: Integer overflow in Sterling Trader 7.0.2

22 Sep 2011 Advisories: Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA)

19 Sep 2011 Advisories: Vulnerabilities in EViews 7.2

19 Sep 2011 Advisories: Vulnerabilities in MetaServer RT 3.2.1.450

19 Sep 2011 TestingToolz: UDPSZ 0.3.3
fixes and enhancements

16 Sep 2011 Research: Race WTCC files encrypter/decrypter 0.3.1a
solved a problem in the handling of sub folders

16 Sep 2011 Research: ISI rFactor files decrypter/encrypter 0.2.1a
solved a problem in the handling of sub folders

13 Sep 2011 Advisories: released the full detailed advisory of my WINS vulnerability (MS11-035 / ZDI-11-167)

13 Sep 2011 Advisories: Code execution in MetaStock 11

13 Sep 2011 Advisories: Vulnerabilities in eSignal 10.6.2425

13 Sep 2011 Advisories: Multiple vulnerabilities in Cogent DataHub 7.1.1.63 (SCADA)

13 Sep 2011 Advisories: Stack overflow in DAQFactory 5.85 build 1853 (SCADA)

13 Sep 2011 Advisories: Multiple vulnerabilities in Progea Movicon / PowerHMI 11.2.1085 (SCADA)

13 Sep 2011 Advisories: Directory traversal in Carel PlantVisor 2.4.4 (SCADA)

13 Sep 2011 Advisories: Denial of Service in Rockwell RSLogix 19 (SCADA)

13 Sep 2011 Advisories: Multiple vulnerabilities in Measuresoft ScadaPro 4.0.0 (SCADA)

13 Sep 2011 Advisories: Denial of Service in Beckhoff TwinCAT 2.11.0.2004 (SCADA)

12 Sep 2011 News: now you can follow me also on twitter

05 Sep 2011 Patches: XPDF pdftotext/pdftops/pdfimages allow copying of text (Win32) 0.1.1
added support for version 3.03

02 Sep 2011 Advisories: vulnerabilities in MPlayer on Windows and BroadWin WebAccess Client

26 Aug 2011 Advisories: some new advisories

14 Aug 2011 Research: FSB files extractor 0.2.13
some fixes for the generation of the filenames and the reimporting feature

07 Aug 2011 Research: ISI rFactor files decrypter/encrypter 0.2.1
added support for Game Stock Car and other additional future games

06 Jul 2011 News: Summer time... I don't know when I will return, maybe September

04 Jul 2011 Patches: ut3sticlefix.lpatch 0.2
now it works also with HomeFront and hopefully the rest of vulnerable games based on the Unreal engine 3

03 Jul 2011 Advisories: Integer overflow in foobar2000 1.1.7

03 Jul 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.12b
added Puzzle Agent 2

03 Jul 2011 MyToolz: Simple TCP proxy/datapipe 0.4.7b
added support for more ssl certificates and forced usage of listening port

03 Jul 2011 Password_recovery: CuteFTP data retriever and password decoder 0.2
added support for the new algorithm and hex password input

01 Jul 2011 QuickBMS: QuickBMS generic files extractor and reimporter 0.5.2
finally an homepage for this project, many fixes and additions some of which are time, time64, clsid, ipv4, ipv6, assembly types (yes now it can be used as a quick assembler/disassembler), rotate, reverse and pc1 encryption, msf compression, new experimental input and outputs with SSL added to the socket interface, the -H option for a html output of the parsed file format and much more

30 Jun 2011 Advisories: little correction about the latest HP advisory because that one is a component used in various other HP enterprise softwares

27 Jun 2011 Advisories: in_midi multiple vulnerabilities in Winamp 5.61

27 Jun 2011 Advisories: Multiple vulnerabilities in Winamp 5.61

27 Jun 2011 Advisories: Arbitrary files deletion in HP OpenView Performance Agent

27 Jun 2011 Advisories: Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2

27 Jun 2011 Advisories: Arbitrary files deletion in Novell File Reporter 1.0.4.2

27 Jun 2011 Advisories: Off-by-one in Sybase Advantage Server 10.0.0.3

27 Jun 2011 Advisories: bcksrvr format string in Sybase Adaptive Server 15.5

27 Jun 2011 Advisories: added some small old bugs that I reported on my forum affecting:
GS4, ShockVoice, NVIDIA RealityServer, Kart Racing Pro and some servers for Minecraft

26 Jun 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.12a
added the key for the latest episode of bttf

24 Jun 2011 MyToolz: NRG2CUE generator 0.1.1
added the possibility to dump the file as an ISO

24 Jun 2011 MyToolz: Sleepy 0.2.4a
little fix for the l (loop) option in very rare cases

12 Jun 2011 MyToolz: PackZip 0.2.1a
fixed a lame bug introduced in the latest version where the size of the output file was bigger than the original

08 Jun 2011 Research: QuickBMS generic files extractor and reimporter 0.5.1
updated the supported calling conventions, added experimental support for network sockets and processes, various fixes for the write operations, added rotate encryption and a new useless option for the math one

08 Jun 2011 MyToolz: x86 32bit calling conventions 0.2
gcc wrapper for cdecl, stdcall, thiscall, msfastcall, borland, pascal, watcom, safecall, syscall, optlink and clarion

07 Jun 2011 Research: PunkBuster online GUID checker 0.1.12
added Assassin's Creed and Battlefield Play4Free

07 Jun 2011 MyToolz: Lanfile 0.1.4
added the -X option to allow the sending of files although one can't be read/written or has a different md5

04 Jun 2011 Advisories: Some bugs in HP IMC, Sybase OneBridge and a quick NULL pointer in iMatix Xitami

31 May 2011 Research: QuickBMS generic files extractor and reimporter 0.5
updated some libraries, added libkirk and nitrosdk, incremental xor and rot encryptions, aes ctr, added the new types: float, double, variable, variable2 and variant, new cool debug mode, various fixes, allowed the reimporting of nameless files (like 00000000.dat), experimental parsing of C structures, handling of multiline comments, added falcom recompression and dragonballz decompression

10 May 2011 Advisories: Vulnerabilities in Microsoft WINS, HP 3COM/H3C Intelligent Management Center and Sybase M-Business Anywhere

10 May 2011 Advisories: Vulnerabilities in Quest Big Brother 4.40

29 Apr 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.12
added support for Hector and the latest BTTF

27 Apr 2011 MyToolz: Proxocket 0.1.6a
fixed a NULL pointer in some rare conditions

27 Apr 2011 Research: OSRW anticheat logs decrypter 0.1.1
added support for OSRW 1.4

27 Apr 2011 MyToolz: PackZip 0.2.1
solved the problem of needing the gcc-dw2 dll and added support for lzma if wbits is equal to 0

13 Apr 2011 About: added a clarification useful to the companies interested in my research and possible collaborations

12 Apr 2011 Advisories: Stack overflow in Microsoft HTML Help 6.1 (CHM files)

11 Apr 2011 Advisories: Vulnerabilities in Microsoft Reader 2.1.1.3143 / 2.6.1.7169

11 Apr 2011 Advisories: DoS vulnerabilities in Microsoft Host Integration Server 2010 8.5.4224.0

05 Apr 2011 Research: GS peerchat IRC proxy 0.3.3b
filtered the CAP command used by some IRC clients like Mirc

03 Apr 2011 MyToolz: Offset file unzipper 0.3.5
fixed a bug introduced in the previous release that didn't close the dumped files

29 Mar 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.11g
added the key for the new BTTF episode

24 Mar 2011 Research: XWB/ZWB files unpacker 0.3.4
added the GUI and solved a problem with the recognizing of XMA/wma files

24 Mar 2011 Research: GS peerchat IRC proxy 0.3.3a
solved the bug of the missing Xs in the IP (thanx chc)

21 Mar 2011 Advisories: Vulnerabilities in Siemens Tecnomatix FactoryLink 8.0.1.1473 (SCADA)

21 Mar 2011 Advisories: Vulnerabilities in Iconics GENESIS32 9.21 and GENESIS64 10.51 (SCADA)

21 Mar 2011 Advisories: Vulnerabilities in 7-Technologies IGSS 9.00.00.11059 (SCADA)

21 Mar 2011 Advisories: Vulnerabilities in DATAC RealWin 2.1 (Build 6.1.10.10) (SCADA)

21 Mar 2011 Advisories: Heap overflow in RealPlayer 14.0.1.633

11 Mar 2011 Research: QuickBMS generic files extractor 0.4.10b
fixed a bug in quickbms64_test

11 Mar 2011 MyToolz: Mydown 0.2.7a / mydownlib 0.2.5f
fixed a bug that didn't allow HTTP 302 redirections

10 Mar 2011 MyMusic: Ignorantissimo
a nice and very simple track at 170 bpm, long time away from the trackers...

10 Mar 2011 Research: QuickBMS generic files extractor 0.4.10a
fixed a small problem of the reimport mode happening in some rare cases when encryption is used

09 Mar 2011 Research: QuickBMS generic files extractor 0.4.10
fixed a bug in the reimport option and added various recompression algorithms

08 Mar 2011 Research: QuickBMS generic files extractor 0.4.9a
only fixed the xxtea encryption

07 Mar 2011 Research: Gslist 0.8.10a
I have only uncommented an html line needed for the webgui

06 Mar 2011 Research: QuickBMS generic files extractor 0.4.9
added the experimental -r option that allows to reimport the extracted files or some of them without modifying the scripts (yeah finally it's possible), added the lzo1/1x/2a, gzip and lzss recompressions, fixed the behaviour of unzip_dynamic, fixed and enhanced the automatic extensions, FileCrypt command, Math and Swap encryptions

06 Mar 2011 MyToolz: Offset file unzipper 0.3.4a
fixed and enhanced the automatic extensions

26 Feb 2011 Research: QuickBMS generic files extractor 0.4.8c
fixed a bug in the automatic setting of the extension for nameless files and one in unzip_dynamic

26 Feb 2011 MyToolz: Offset file unzipper 0.3.4
added the possibility of viewing the size of the files in hexadecimal, automatic extensions for the files and request of overwriting if exist files with the same name

25 Feb 2011 Research: FSB files extractor 0.2.12
some optimizations like the real-time decryption (no longer uses the temporary file), options for specifying the password, encrypting/decrypting the file, the offset where starts the FSB data and even a minimilistic scanning the file

22 Feb 2011 Research: Gslist 0.8.10
fixes and enhancements of the web interface

21 Feb 2011 Research: Telltale TTARCH files extractor/rebuilder 0.1.11f
added the second episode of bttf

20 Feb 2011 Research: OSRW anticheat logs decrypter 0.1
decrypter for the log files generated by the OSRW anticheat for rFactor (F1 rFactor 2010)

19 Feb 2011 Advisories: Refractor 2 engine NULL pointer
Battlefield 2 1.50 and 2142 1.51 affected

15 Feb 2011 Research: QuickBMS generic files extractor 0.4.8b
fixed a stupid error in the extraction function that allocated one gigabyte instead of one megabyte

21 Jan 2011 Research: QuickBMS generic files extractor 0.4.8a
micro fix to avoid NULL pointers

20 Jan 2011 Research: QuickBMS generic files extractor 0.4.8
added putbits, fixed a possible problem in write mode, added the R string operation, fixed the reading of the filexor/filerot keys, now the extracting of files non compressed and non encrypted should take almost no memory, experimental quickbms64_test version for archives and files bigger than 4 gigabytes, various fixes and enhancements

19 Jan 2011 Advisories: Code execution in Microsoft Fax Cover Page Editor 5.2.3790.3959

13 Jan 2011 Advisories: Stack overflow in Winlog 2.07.00

11 Jan 2011 MyToolz: Rmchar 0.2
just an update for this jurassik tool

05 Jan 2011 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.7a
fixed a bug in the encryption

27 Dec 2010 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.7
added support for 0.3c RC7

27 Dec 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11e
added Back to the future - It's About Time

21 Dec 2010 Advisories: Directory traversal in IntegraXor 3.6.4000.0

18 Dec 2010 Research: PunkBuster online GUID checker 0.1.11
added Medal of Honor

07 Dec 2010 MyToolz: Proxocket 0.1.6
fixed the capturing of the WSA functions if the socket was initialized with -1 for type and protocol, the captured files are saved in the folder of the monitored program with a better filename

07 Dec 2010 MyToolz: BDE64 0.2.2
added only the handling of the url encoded chars

07 Dec 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11d
added the keys of PokerNight and CSI6

07 Dec 2010 TestingToolz: UDPSZ 0.3.2

04 Dec 2010 MyToolz: Mydown 0.2.7 / mydownlib 0.2.5e
two small fixes and a couple of testing options in mydown

04 Dec 2010 Research: FSB files extractor 0.2.11
automatic big to little endian conversion for wave files, fixed the alignment used in FSB4 0x40, fixed drag'n'drop

04 Dec 2010 Research: Race WTCC files encrypter/decrypter 0.3.1
now it will automatically test the -k volvo option if the zlib compression fails, and yes -k volvo works also with RaceRoom

18 Nov 2010 Advisories: Memory leak in Call of Duty Black Ops

18 Nov 2010 TestingToolz: UDPSZ 0.3.1
new features and bugfixes

01 Nov 2010 MyToolz: Lame patcher 0.4.4a
fixed the -y option

21 Oct 2010 TestingToolz: UDPSZ 0.3
new features and many parts rewritten

21 Oct 2010 TestingToolz: TFTP server tester 0.2a
only a typo, blksize instead of blocksize

20 Oct 2010 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.6
support for 0.3b servers

18 Oct 2010 TestingToolz: UDPSZ 0.2.3a

18 Oct 2010 TestingToolz: UDPSZ 0.2.3
bugfixes, enhancements and more chaotic than before

18 Oct 2010 TestingToolz: TFTP server tester 0.2
partially rewritten because the code was too old

15 Oct 2010 Advisories: Two buffer-overflow in DATAC RealWin 2.0 (Build 6.1.8.10)

15 Oct 2010 Advisories: Multiple Denial of Service in UniData unirpcd.exe 7.2.7.3806

15 Oct 2010 Advisories: Denial of Service in solidDB 6.5.0.3

13 Oct 2010 Advisories: Multiple buffer-overflows in Winamp 5.5.8.2985

10 Oct 2010 Research: HLSWlist 0.1.1c
added only 3 new gamenames (but they seem still not used on the master server)

07 Oct 2010 Research: CBF files extractor 0.2.2
added support for a type of archive used in the old Vietcong multiplayer demo

04 Oct 2010 Research: QuickBMS generic files extractor 0.4.7
solved a bad bug in CallFunction, some enhancements

03 Oct 2010 Research: FSB files extractor 0.2.10
added a simple GUI for who doesn't like to use the command-line

01 Oct 2010 Research: Gslist 0.8.9
fixed a bug in the -Q option, added the possibility to build custom packets to use with -d/-Q, fixed the building of gslist.cfg; note that the unavailability of games like CoD4 and Quake3 depends by the master server so nothing to do with gslist but if you need alternatives take a look at hlswlist, qtracklist and getsc

25 Sep 2010 Research: FSB files extractor 0.2.9
optimizations only for the rebuild mode, now it automatically works also with files that include an header so the -R option is NO longer needed, fixed also a rounding math in the recalculation of the lenghtsamples field

25 Sep 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11c
added the key of the last Sam and Max episode

25 Sep 2010 TestingToolz: loDNS 0.1.1
added another proxy-like monitoring method and a better runtime help

13 Sep 2010 Research: Quakelive xmpp.quakelive.com password retriever 0.1.1
updated for supporting the new login mechanism and now works also by double-clicking on the exe

13 Sep 2010 MyToolz: Mydown 0.2.6c / mydownlib 0.2.5d
added experimental (and optional because badly written) support for SSL

12 Sep 2010 Research: orkdec filenames dumper 0.1.1
added support for Battle March and made DEP compatible

02 Aug 2010 News: summer time

01 Aug 2010 Research: QuickBMS generic files extractor 0.4.6a
removed the FindLoc modification I added in the last version, added a verbose message when Idstring doesn't match, added the B/E/C operators in String that work on null delimited strings

30 Jul 2010 Password_recovery: Digsby password decoder 0.2
added support for the recent versions

29 Jul 2010 Research: GS peerchat IRC proxy 0.3.3
some small bugfixes and enhancements

28 Jul 2010 Research: QuickBMS generic files extractor 0.4.6
added the COMPRESSED method used to store big amounts of data in the scripts using less bytes (zlib plus base64), experimental support for libtomcrypt, the -E option that allows to change the endianess of a file on the fly by simply knowing its format and reading it, -d option for creating an output folder with the name of the input file, support for variables in FindLoc, support for SEEK_CUR and SEEK_END in GoTo, rnc and pak_explode compressions, r operator in String for reversing strings and = for converting numbers to strings

28 Jul 2010 MyToolz: Simple TCP proxy/datapipe 0.4.7a
added only the possibility of specifying dtls1 in the -X option

23 Jul 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11b
added support for the latest Sam and Max

22 Jul 2010 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.5
added some additional testing options

22 Jul 2010 MyToolz: Signsrch 0.1.6a
fixed -F when used with multiple files

22 Jul 2010 Research: GS login server emulator 0.2.3b
added a micro enhancement that should do just nothing

20 Jul 2010 Advisories: Lithtech engine memory corruption
mainly focused on F.E.A.R., no technical info about the bug

20 Jul 2010 Fake_players_bug: Lithtech engine Fake Players DoS 0.3
rewritten almost completely for matching better the protocol

19 Jul 2010 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.4
mini enhancements and support for Devastation and Brothers in Arms (useless because any server of the BIA series crashes through unrealfp)

18 Jul 2010 Fake_players_bug: DirectPlay 8 Fake Players DoS 0.1.3
only some enahncements and support for the bugs reported in the previous advisory

18 Jul 2010 Advisories: Vulnerabilities in DirectPlay8
updated the previous advisory due to a new vulnerability affecting any game based on DP8

18 Jul 2010 Advisories: NULL pointer in some games that use DirectPlay8

17 Jul 2010 Advisories: Invalid memory access in Unreal Tournament 3 2.1

15 Jul 2010 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.3
some small updates and fixes, added support for Vegas 2 (DemonWare AGORA) and the -B option containing a quick list of bugs to test

15 Jul 2010 Advisories: Failed assertion in old games based on Unreal engine
maybe interesting but only for old games

07 Jul 2010 Advisories: Two vulnerabilities in Ghost Recon Advanced Warfighter 1 and 2

06 Jul 2010 Advisories: Clients unicode buffer-overflow in Unreal engine 2.5
for the less recent games and versions of the engine

05 Jul 2010 Advisories: Negative memcpy in id Tech 4 engine

05 Jul 2010 Advisories: NULL pointer in Tripwire Interactive games
Red Orchestra Ostfront 41 45, Killing Floor, Darkest Hour and Mare Nostrum

03 Jul 2010 Advisories: Denials of Service in Freeciv 2.2.1

02 Jul 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11a
added the key of Puzzle Agent and the latest Sam and Max

02 Jul 2010 Research: EAlist 0.1.4
added the -S option that allows to run a fake fesl server that accepts one client at time, I have added it for testing purposes

01 Jul 2010 Advisories: Buffer-overflow in the Electronic Arts games that use Gamespy

01 Jul 2010 Research: GS login server emulator 0.2.3a
added a compatibility feature found just today in Red Alert 3 (authtoken used instead of the username)

30 Jun 2010 Research: GS login server emulator 0.2.3
added a bit of more compatibility with some games (like Area51)

30 Jun 2010 Advisories: Buffer-overflow in Area 51 1.1
old game but this bug is so absurd that deserved to be indexed :)

29 Jun 2010 TestingToolz One file only web server 0.3
added some crazy options

29 Jun 2010 Advisories: Refractor 2 engine clients URL directory traversal

29 Jun 2010 Advisories: Battlefield 2 1.50 voip failed assertion
almost impossible conditions, reported only for thoroughness

29 Jun 2010 Advisories: Endless loop in Qt QSSLsocket 4.6.3

29 Jun 2010 Advisories: Database error in Mumble server 1.2.2
a little error, indeed it was part of the next advisory

27 Jun 2010 Research: XWB/ZWB files unpacker 0.3.3a
added only the -D option for using decimal output filenames

20 Jun 2010 Advisories: Vulnerabilities in America's Army 3 3.0.7
again some boring bugs in the same super bugged acpu_decompile function

19 Jun 2010 Advisories: Client array overflow in id Tech 4 engine
this is a correction to the advisory released yesterday and the adding of Wolfenstein to the list of vulnerable games

18 Jun 2010 Advisories: Clients vulnerabilities in Enemy Territory Quake Wars 1.5

17 Jun 2010 Advisories: Exception in Chrome Engine 4

16 Jun 2010 Advisories: Multiple vulnerabilities in TeamSpeak 3.0.0-beta23

15 Jun 2010 Research: ISI rFactor files decrypter/encrypter 0.2
added a minimalistic GUI and the possibility of handling whole folders (so find is no longer needed)

15 Jun 2010 Research: Race WTCC files encrypter/decrypter 0.3
added a minimalistic GUI and the possibility of handling whole folders (so find is no longer needed)

15 Jun 2010 TestingToolz: Webservers char tester 0.1.1
fixed the testing of NULL bytes

06 Jun 2010 Password_recovery: Pegasus Mail password decrypter 0.1

06 Jun 2010 Password_recovery: TheBat! password decoder 0.1

06 Jun 2010 Password_recovery: Phoenix mail password decoder 0.1

06 Jun 2010 Advisories: Refractor 2 engine endless loop
released a reference advisory for tracking the Battlefield 2/2142 vulnerability

03 Jun 2010 Proof-of-concepts: Battlefield 2 (1.41 - 1.1.2965-797) / 2142 (1.50 - 1.10.48.0) endless loop 0.1
proof-of-concept I wrote (and fixed) one year ago based on the vulnerability found by Francis Lavoie-Renaud

01 Jun 2010 Research: QuickBMS generic files extractor 0.4.5
added some enhancements to the Print command, encryption mode for rot, an experimental printf-like operator for the String command, variable used for the Padding command, small fix in the Open command

30 May 2010 MyToolz: Morse generator 0.2.1
substituited the underscore with -, some enhancements included support for any possible char

29 May 2010 Research: PunkBuster online GUID checker 0.1.10
added Battlefield Bad Company 2 and APB, added the possibility of specifying custom gamenames and gameids

28 May 2010 Research: QuickBMS generic files extractor 0.4.4a
fixed two bugs started a couple of versions ago in FindLoc and Get/PutArray

26 May 2010 Research: Milestone MIX files extractor 0.1.3
added support for SBK X

25 May 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.11
added the key of the latest Sam and Max episode and the -D/E options for decrypting/encrypting only a portion of the input file

13 May 2010 MyToolz: Signsrch 0.1.6
added the -F option that returns the addresses of the executable's instructions which refer to the found signatures (only the first one in case of multiple references), added the -3 option that executes a program placing an INT3 (maybe one of those obtained with -F) in the desired address of the process, added support for big endian ELF executables, fixed the parsing of Windows PE files on Linux big endian, fix in the calculation of the 64bit CRCs

12 May 2010 Advisories: Multiple vulnerabilities in the GEM 3 engine
Majesty 2 is affected by the same bugs of the GEM 2 engine

11 May 2010 Research: QuickBMS generic files extractor 0.4.4
some micro enhancements, added the possibility of recompressing data with the zlib, deflate, lzo1, bzip2 and XMem algorithms (note that QuickBMS is and will remain an extraction/unpacking tool so this is only a just-for-fun feature)

09 May 2010 Advisories: Invalid memory access in Torque game engine

07 May 2010 Advisories: Multiple vulnerabilities in Alien vs Predator 2.22
two invalid memory accesses, an exception and two NULL pointers

05 May 2010 MyToolz: dump2func ripped functions skeleton generator 0.1.1
small enhancement of the output and fixed a bug

05 May 2010 MyToolz: dump2func ripped functions skeleton generator 0.1a

05 May 2010 MyToolz: dump2func ripped functions skeleton generator 0.1
simple tool that creates a C source code for using one or a set of dumped/ripped functions with the automatic handling of the static/fixed buffers and the compatibility with DEP

05 May 2010 Research: HLSWlist 0.1.1b
added only Urban Terror and Left 4 Dead 2 to the list

01 May 2010 Research: FSB files extractor 0.2.8a
nothing new, I have only made the -a option (add header) as default and it's automatically disabled when is used the -s option

30 Apr 2010 Research: QuickBMS generic files extractor 0.4.3
solved the big usage of memory caused by the quad/balz compressions, reduced the amount of used memory in some occasions, bugfix and enhancement for zipcrypto

27 Apr 2010 Research: QuickBMS generic files extractor 0.4.2b
bugfix for unzip_dynamic and bzip2_file

26 Apr 2010 Research: QuickBMS generic files extractor 0.4.2a
only a little customization of the Open command so that the creator of the script can decide to terminate or not if the file doesn't exist

25 Apr 2010 Research: QuickBMS generic files extractor 0.4.2
now the user that use the tool through its gui (double click on quickbms.exe) can select multiple archives to handle, added additional compatibility with the WCX plugins

24 Apr 2010 MyToolzSimple TCP proxy/datapipe 0.4.7
added the -Y option for allowing the tool to act as a SSL tunnel, compatibility with OpenSSL 1.0.0

24 Apr 2010 Research: EAlist 0.1.3
added the -F option to send custom data for testing other commands (there are a couple of examples at runtime), compatibility with OpenSSL 1.0.0

23 Apr 2010 Research: QuickBMS generic files extractor 0.4.1
added support for the WCX plugins used in Total Commander, added tons of new encryptions, support for CRCs of any type, updating of some external libraries (like zlib, lzma and ppmd), some small enhancements and bugfixes

16 Apr 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.10
added support for The Penal Zone

15 Apr 2010 Research: Molebox2 files extractor 0.1
this is exactly the tool previously called kepmboxext that now needs a custom key as argument to support other games like Aquaria

15 Apr 2010 Password_recovery: CamFrog passwords decrypter 0.3.2
added support for the alternative PhDeviceCLSID method where this value is got from mdlg.dll (Internal Value)

15 Apr 2010 Password_recovery: Ubisoft Game Launcher password decrypter 0.1
decodes the password inside the settings.ini file

13 Apr 2010 Advisories: Some bugs
recently I released some quick advisories (I'm no longer interested in security): netKar, Unity3D, Raknet, Cafu and MX Simulator

12 Apr 2010 Research: QuickBMS generic files extractor 0.4
automatic folder and extensions when it's used no filename in the *log commands, reintroduced all the openssl algorithms manually, fixed and enhanced some features of CallDll, changed the behaviour of lzhuf (it took the decompressed size from the data), improved handling of less known gz/z files, added the pack compression, note: remember to check ever the list of available scripts because I update and write new ones often, for example majesty2.bms is now complete and compatible with any version

10 Apr 2010 Research: QuickBMS generic files extractor 0.3.15a
only an useless bugfix to make "" a constant and added another math operator

09 Apr 2010 Research: QuickBMS generic files extractor 0.3.15
added unsigned If/Elif/Else, some new compressions or enhancements, radix and power math operations, some new and useless Set types, byte2hex/hex2byte/compressions/encryptions/toupper/tolower in the String command, support for any encryption and even any hashing algorithm supported by OpenSSL, usage of dlls as MEMORY_FILE in CallDLL, support for any calling convention: msfastcall/borland/watcom/pascal/safecall/syscall/optlink/clarion, reset of memory file positions in case of multiple input files, fixed a micro bug when using comtype2_scan, exe compiled with the latest OpenSSL (that's why its bigger)

06 Apr 2010 Password_recovery: CamFrog passwords decrypter 0.3.1a
allowed the usage of the phclsid command-line parameter for decrypting the camfrog bot strings

04 Apr 2010 Password_recovery: CamFrog passwords decrypter 0.3.1
fixed the problem with the key of Camfrog Bot

02 Apr 2010 Password_recovery: CamFrog passwords decrypter 0.3
added support for files like cf_server.conf, cf_room.conf and settings.xml and for the different encryption used in Camfrog Bot

22 Mar 2010 Research: EAlist 0.1.2
added the handling of multiple lobbies which means that now are taken really all the servers of each game (so over 8000 for bfbc2-pc), thanx a lot Steven Hartland

17 Mar 2010 Research: EAlist 0.1.1
added only the -A option for creating new EA accounts, this is useful only in case of problems logging with an existent one

16 Mar 2010 Research: EAlist 0.1
command-line servers browser based on the list of game servers provided by the Electronic Arts master servers commonly called fesl or theater and supporting various games for PC, Xbox 360 and PS3 like Battlefield Bad Company 2, Battlefield Heroes, the Need for Speed series, Skate and others for which don't exist alternative listers

08 Mar 2010 Research: Milestone MIX files extractor 0.1.2
used a better way to guess if the file uses the old method (like in SBK2000/2001) or not

12 Feb 2010 Patches: EA games fesl.ea.com certificate verification remover 0.2
now it should support any game

11 Feb 2010 Research: Gslist 0.8.8b
only an enhancement in the rebuilding of gslist.cfg done with the -m/-M options used by me (users should use -u for the updates)

11 Feb 2010 MyToolz: Mydown 0.2.6b / mydownlib 0.2.5c
another bugfix release, enough useful in some conditions

10 Feb 2010 Research: QuickBMS generic files extractor 0.3.14c
added only 2 compression algorithms used in Pacific Assault and a work-around for some rare gzip files

10 Feb 2010 MyToolz: Lame patcher 0.4.4
added the possibility of patching a running process and launching+patching it

10 Feb 2010 MyToolz: Mydown 0.2.6a / mydownlib 0.2.5b
removed only the percentage from the list of chars to hex-encode and filtered the chars that can't be used on the file systems for saving the files

10 Feb 2010 Research: Telltale TTARCH files extractor/rebuilder 0.1.9d
added only the key for the recent CSI 5 demo

08 Feb 2010 Patches: EA games fesl.ea.com certificate verification remover 0.1
this modification removes the verification of the SSL certificate sent by the *.fesl.ea.com server (port 18240 and possibly others) when an EA game logins on it

04 Feb 2010 Research: QuickBMS generic files extractor 0.3.14b
added the copy compression that could be useful in rare cases when handling data encrypted with block ciphers like AES and blowfish

04 Feb 2010 Research: QuickBMS generic files extractor 0.3.14a
now the ivec in Encryption can be also a variable (useful for decrypting the xbo files of VBS2)

01 Feb 2010 Research: QuickBMS generic files extractor 0.3.14
added tons of new compression algorithms and the 'u' option in the Math command for forcing the unsigned operations

25 Jan 2010 Research: QuickBMS generic files extractor 0.3.13
added only an additional work-around useful with some XMemDecompress streams, the possibility of specifying a wildcard for ScanDir not only through -F but also in the same script, bzip2_file for decompressing bzip files without knowing their output size, -a option for specifying variables visible inside the bms scripts, this allowed to use a new comtype_scan2.bms script for testing all the supported compressions without editing it

16 Jan 2010 Research: FSB files extractor 0.2.8
fixed only the right creation of the header for the XMA and Gamecube/Wii files (-a option)

16 Jan 2010 Research: XWB/ZWB files unpacker 0.3.3
fixed only the right creation of the header for the XMA files

15 Jan 2010 MyToolz: PackZip 0.2
finally I have replaced the old zlib library with the better algorithm used in 7zip which allows more compression

05 Jan 2010 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.5
added compatibility for the protocol of SA:MP 0.3a

05 Jan 2010 Research: Fast Optimized MD5 for short strings 0.1
optimized MD5 algorithm for input data of max 15 bytes that I reversed from alglib0.dll of the RainbowCrack Project

01 Jan 2010 Research: QuickBMS generic files extractor 0.3.12b
added only the CRI CPK compression

30 Dec 2009 Research: QuickBMS generic files extractor 0.3.12a
some enhancements for the rebuild mode (-w option), the rest is untouched

23 Dec 2009 Password_recovery: CuteFTP data retriever and password decoder 0.1.2
fixed some bugs in the parsing of sm.dat

21 Dec 2009 Research: QuickBMS generic files extractor 0.3.12
added the GetBits command, the possibility of calling functions without restoring the variables at the moment of the call, removed the problem of using the Log commands with filenames that have a number as first char

18 Dec 2009 Research: QuickBMS generic files extractor 0.3.11
added the CryptDecrypt and CryptUnprotect encryptions, some new compression algorithms (prs, puyo and falcom) and some enhancements

09 Dec 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.9c
added the key of Rise of the Pirate God

07 Dec 2009 Research: Gslist 0.8.8a
updated some components like the download library and the drive scanner for gslistweb and a couple of compatibility changes (for example the not much supported %hhu printf type substituited with %u)

07 Dec 2009 Research: SD Gundam Capsule Fighter Online ZPK/ZDX/DAT files extractor/rebuilder 0.4.1a
I have ONLY changed Z_DEFAULT_COMPRESSION to Z_BEST_SPEED in rebuild mode, this is done to prevent a bug of the game (NOT of my tool) that crashes on slow computers even with the original packages (thx JH Im)

02 Dec 2009 Research: QuickBMS generic files extractor 0.3.10
added the xxtea encryption, calldll with memory_file, asking of deleting the TEMPORARY_FILE if used, possibility to use stdin as input file (use -), the For instruction now can be initialized with any math operation (example: For i -= 10 To FILES), Put/PutDString/PutCT commands which allow to write inside a file/memory_file, compression algorithm used in STALKER and some minimal things (for example: Set VAR1 = VAR2)

27 Nov 2009 Research: QuickBMS generic files extractor 0.3.9a
added only the yuke_bpe compression algorithm

22 Nov 2009 Research: QuickBMS generic files extractor 0.3.9
added two new compressions, fixed a DEP compatibility in the CallDll command and added another path for searching the dll to import, added the possibility of using a variable or memory file in the Encryption command, the SCRIPT MESSAGE alert showed by the Print command is now placed on stderr

12 Nov 2009 Research: QuickBMS generic files extractor 0.3.8a
fixed a bug in the algorithms used in OpenSSL where the non-padded data was wrongly decrypted at the end, major DEP compatibility with the imported dumped functions (like tzar_lzss, unlz2k and so on), a possible minimal speed/memory improvement and added the compression used in Dungeon Keeper 2

10 Nov 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.9b
added support for CSI4 retail (gamenum 30)

10 Nov 2009 MyToolz: BDE64 0.2.1a
added only the decoding of the two different chars (-_ instead of +/) used in the base64 of the HTTP URLs

10 Nov 2009 Password_recovery: PartyGaming password decrypter 0.1.1
added the scanning of the PartyGamingNet registry key used in PartyPoker.net

09 Nov 2009 Research: QuickBMS generic files extractor 0.3.8
added tons of new compression algorithms included the conversion of any base (like base2/binary, base8, base32 and so on), better disposition of the source code, implemented the scanning feature for all the compression algorithms

07 Nov 2009 Research: Cauldron FS files extractor 0.2a
micro fix for recognizing some rare and unofficial files

04 Nov 2009 Research: QuickBMS generic files extractor 0.3.7
added various compression algorithms (like deflate64 and ppmd) and some usual small enhancements/fixes

01 Nov 2009 Password_recovery: NewsLeecher files decrypter 0.1.1
small compatibility fix for the recent 4.x beta

01 Nov 2009 Research: ISI rFactor files decrypter/encrypter 0.1.6
added support for Superleague Formula

01 Nov 2009 Research: ISI rFactor //[[gM files decrypter/encrypter 0.2b
added the key number of Superleague Formula in the list at runtime

31 Oct 2009 Research: QuickBMS generic files extractor 0.3.6
fixed and optimized the scanning of the input folder, added the manual choice of an alternative filename if the one got from the archives can't be saved and added a couple of non-important compressions and encryptions

30 Oct 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.9a
added the key of The Trial and Execution of Guybrush Threepwood

29 Oct 2009 Research: QuickBMS generic files extractor 0.3.5a
better support of files bigger than 2 gigabytes

28 Oct 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.9
added CSI 5 Deadly Intent and solved a bug in the modified blowfish algorithm (don't worry I have already personally verified each file extracted from the recent games for excluding any problem/corruption)

27 Oct 2009 Research: QuickBMS generic files extractor 0.3.5
added the ICE encryption, uuencode, ascii86, yenc, compression used in the games of 49Games, mszh, the fullname data type, changed the behaviour of the not and negation operators in Math since now it's taken var2 as input (so now are used both the variables) and added the N (negative) and A (absolute) operators

20 Oct 2009 Research: QuickBMS generic files extractor 0.3.4b
added only the simple compression algorithm used in Dark Sector (use zip.bms to extract its files)

20 Oct 2009 Research: Traveller's Tales games DAT files extractor
QuickBMS script for extracting the files from the DAT archives of games like LEGO Batman/StarWars/Indiana Jones and Transformers

18 Oct 2009 Research: QuickBMS generic files extractor 0.3.4a
substituited the strdup function due to its different behaviour on *nix and enabled the usage of lz2k also on *nix

17 Oct 2009 Research: QuickBMS generic files extractor 0.3.4
added support for plugins and/or custom functions through the CallDLL command, added the unmeng and unlz2k compressions, added a fake 64bit type of variable (fake because QuickBMS works only with 32bit numbers)

12 Oct 2009 Research: QuickBMS generic files extractor 0.3.3
implemented all the encryption functions of OpenSSL through its great EVP interface, added some new compression algorithms, added some enhancements like the configuration of the lzss parameters and PutVarChr which auto-reallocate the variables

07 Oct 2009 Research: QuickBMS generic files extractor 0.3.2
added the compressions huffboh, ucl/nrv, dmc, uncompress/lzw, lzhuf, lzari, rle7, rle0, rle, added the encryptions twofish, cast5, seed, serpent, aes-cfb128, fixed lzssboh and idea, added a new switch in Encryption for selecting the encryption mode (default is decryption), added the possibility of specifying a dictionary for the lzo and zlib/inflate compressions, added the visualization of the elapsed seconds for the extraction

07 Oct 2009 MyToolz: Lame Patcher 0.4.3a
only added the possibility of specifying also the name of the file to patch at command-line

02 Oct 2009 Research: Race WTCC files encrypter/decrypter 0.2.5
added support for Race On

30 Sep 2009 Patches: q3rcon patch 0.1.2a
added support for CoD4 1.7 for linux

29 Sep 2009 Research: QuickBMS generic files extractor 0.3.1
added a check to avoid to use file numbers not opened and added support for other compressions: rlew, lzjb, sfl (block/rle/nulls/bits) and lzma2

29 Sep 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.8
added support for Lair of the Leviathan

29 Sep 2009 Research: HLSWlist 0.1.1a
added only Wolfenstein to the list, remember that it's not necessary that the game is in the list because it's enough only to know its gamename (Wolf09 in this case)

28 Sep 2009 Research: QuickBMS generic files extractor 0.3
added documentation, added xor, rot and charset as parts of the Encryption command, now the input can be both an archive and a folder containing more archives

26 Sep 2009 Research: Ventrilo RCon tool 0.2.9a
only a microfix in the -R option and the usage of "proto >= 3" in the code

26 Sep 2009 MyToolz: webimgms 0.1.2b
Vista compatibility for the scanning of the folder

26 Sep 2009 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.3b
Vista compatibility for the scanning of the folder

26 Sep 2009 Research: Falcom YS games XSO files extractor and rebuilder 0.1.1b
Vista compatibility for the scanning of the folder

26 Sep 2009 Research: THPS HED/WAD files extractor/builder 0.2a
Vista compatibility for the scanning of the folder

26 Sep 2009 Research: WorldShift XE files rebuilder 0.1b
Vista compatibility for the scanning of the folder

26 Sep 2009 Research: BOR PAK extractor/builder 0.1a
Vista compatibility for the scanning of the folder

26 Sep 2009 MyToolz: CmdDiz 0.1.2b
Vista compatibility for the scanning of the folder

23 Sep 2009 Password_recovery: Steam password decoder 0.2.4
added the decryption of the ConnectCache cookies used by Steam beta (totally useless) and added some command-line options for the decryption of custom fields like Key and AccountRecordData and their dumping in a file because these fields contain raw data

20 Sep 2009 Research: QuickBMS generic files extractor 0.2.4a
nothing changed, has been only removed xcompress.h

19 Sep 2009 Research: QuickBMS generic files extractor 0.2.4
solved a small bug when a compressed file has a size equal to zero, added support for XMemDecompress and some lzw variants, added the idea encryption. released also the script for extracting the files of Need for Speed: Shift

18 Sep 2009 MyToolz: DAA2ISO / GBI2ISO 0.1.7e
again nothing new, added automatic support to a strange signature so that it's not needed to press Y when requested to continue with the extraction (thx Josh Freeman)

17 Sep 2009 Advisories: Files uploading vulnerabilities in the Source engine
the file deletion bug has been NOT fixed by Valve, they simply filtered the filenames with a slash/backslash at the end so it's still possible to delete the files in the game's main folder

16 Sep 2009 MyToolz: DAA2ISO / GBI2ISO 0.1.7d
nothing new, if the input file has an invalid signature the tool asks if you want to continue its handling which "could" be useful in some very very rare cases where the signature is damaged and even the original programs can't read them

14 Sep 2009 Research: Peerchat IP decoder/encoder 0.3
added support for the encoding/decoding of the users channels/room on Peerchat

14 Sep 2009 Research: Peerchat IP encoding/decoding algorithm 0.2
added support for the encoding/decoding of the users channels/room on Peerchat

12 Sep 2009 MyToolz: DirComp 0.2.1
added compatibility with Vista

12 Sep 2009 Research: SD Gundam Capsule Fighter Online ZPK/ZDX/DAT files extractor/rebuilder 0.4.1
solved a bug in the rebuilding function

12 Sep 2009 Research: ISI rFactor files decrypter/encrypter 0.1.5
added support for those GMT files used in TopRace 2009 with the CHTN1R1 signature

11 Sep 2009 Research: ISI rFactor //[[gM files decrypter/encrypter 0.2a
nothing new, I have only added the key number of Top Race Simulador 2009 (0x000dfc2a) in the list of -k option

10 Sep 2009 Research: AWCamREC 0.2.1d
updated the address of the new host to which connect

10 Sep 2009 Advisories: Access violation in Ventrilo client 3.0.5 with Speex codec

08 Sep 2009 Advisories: Voice memset overflow in Ventrilo client 3.0.5

05 Sep 2009 Research: ISI rFactor files decrypter/encrypter 0.1.4
added the signature of Top Race Simulador 2009

05 Sep 2009 Fake_players_bug: Live for Speed Fake Players DoS 0.2.3
added support for the internet authentication

03 Sep 2009 Research: SD Gundam Capsule Fighter Online ZPK/ZDX/DAT files extractor/rebuilder 0.4
solved a big error in the extracting of the files, now both extraction and rebuilding are perfects

02 Sep 2009 Research: SD Gundam Capsule Fighter Online ZPK/ZDX/DAT files extractor 0.3
better documentation of the format and added options for listing and filtering the files and an experimental one for rebuilding the archive if the version of the game no longer allows the loading of the files from its folder

01 Sep 2009 Research: Live for Speed setups dumper 0.1
decrypter of the setups received from the server which allows to save the setups of the other players

29 Aug 2009 Research: EA Games CRC and packets encryption 0.1
the simple encryption and CRC algorithm used in the packets of games like Middle-Earth II, Command & Conquer 3 and Red Alert 3

25 Aug 2009 MyToolz: Lanfile 0.1.3
added the -f option which must be manually enabled on both the endpoints and activates a particular mode where multiple files are sent faster (because there is no need to send the confirmation byte for each file) and added the rc4 encryption with -c

25 Aug 2009 Research: PunkBuster online GUID checker 0.1.9
added Wolfenstein (wolf) and removed the old games which no longer use or have never used PB

25 Aug 2009 Research: Call of Duty series mpdata decrypter/encrypter 0.1.1a
nothing new, I have simple substituited the alert showed when the hash doesn't match with an error and an invite to verify the correct length of the cdkey (16 chars for cod4 and 20 for codwaw)

23 Aug 2009 Advisories: Server restart in Live for Speed S2 Z13
not a real vulnerability, reported for thoroughness

23 Aug 2009 Fake_players_bug: Live for Speed Fake Players DoS 0.2.2
updated the protocol for supporting version Z

21 Aug 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.7a
corrected the key of Strong Bad episode 1

21 Aug 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.7
solved the wrong chunk size implemented from the archives of version 7, anyway only the texture archive (*_tx.ttarch) of the last 2 games of TellTale had this problem so all the other files weren't affected

21 Aug 2009 Advisories: Source engine build 3933
updated almost all the advisories and proof-of-concepts to match the build version 3933 which is the latest known release of the Source engine and which is used in games like Orangebox and Team Fortress 2. Only the sourcenotvnull vulnerability doesn't affect this build

20 Aug 2009 MyToolz: Lanfile 0.1.2a
added compatibility with Vista

20 Aug 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.6
added support for the new TellTales game, added the -x option which avoids to manually editing the bytes at offset 0x20 and 0x24, now the rebuilding works also on Vista

20 Aug 2009 Password_recovery: Trillian Astra password decoder 0.2
added support for Astra

20 Aug 2009 Advisories: Fragments memory corruption in the Source engine (build 3698)

19 Aug 2009 Advisories: Files uploading vulnerabilities in the Source engine (build 3698)

18 Aug 2009 Advisories: NULL pointer in the Source engine (build 3698) with SourceTV disabled
another vulnerability affecting Counter-Strike Source, Half-Life 2 and other games

17 Aug 2009 Advisories: Format string in the Source engine (build 3698)

16 Aug 2009 Password_recovery: Gizmo password decrypter 0.1
decrypter for the Gizmo5 password located in AppSettings.xml

14 Aug 2009 Advisories: Multiple NULL pointers in Sniper Elite 1.0

13 Aug 2009 MyToolz: Simple UDP proxy/pipe 0.4.1
now it can use the plugins written for Proxocket (mysendto and myrecvfrom)

13 Aug 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.5a
substituited the key of the game Fright of the Bumblebees with the correct one (previously was used the one of the demo)

12 Aug 2009 Advisories: Format string in Vietcong 2 1.10

12 Aug 2009 TestingToolz: FindBits 0.2.2
better visualization of the values with option -s where have been added also the string and binary output and some enhancements and one small fix

11 Aug 2009 Advisories: Multiple vulnerabilities in the GEM 2 engine

09 Aug 2009 Password_recovery: Orbit Downloader password decrypter 0.1
decrypts the passwords stored in sitelogin.dat

09 Aug 2009 Advisories: Denial of Service in PunkBuster
an update for the old advisory released many months ago since I have found another way to have a similar effect

09 Aug 2009 Advisories: Buffer-overflow in PunkBuster 1.728 for Soldier of Fortune II

07 Aug 2009 Advisories: Clients NULL pointer in TrackMania 2.11.19

07 Aug 2009 Advisories: Unbannable clients and bell bug in TrackMania Forever v2009-08-01 / 2.11.19

07 Aug 2009 Fake_players_bug: TrackMania Forever Fake Players DoS 0.1
only a basic reference code for the protocol

04 Aug 2009 Password_recovery: Total Commander password decrypter 0.1
decrypter for the password stored in wcx_ftp.ini and possibly others

04 Aug 2009 Advisories: Clients termination in TrackMania Forever 2.11.19

04 Aug 2009 TestingToolz: One file only web server 0.2
a small update for this basic tool for being able to test the new bug in TrackMania

30 Jul 2009 Research: FSB files extractor 0.2.7a
only two micro fixes about the recognizing of the FSB sign and the filling of 32 bytes in case of no coefficient in genh_header

30 Jul 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.5
added support for The Bogey Man

27 Jul 2009 Research: GS enctypeX servers list decoder/encoder 0.1.3
added the encryption function

27 Jul 2009 Advisories: Multiple vulnerabilities in TrackMania Forever v2009-05-25

24 Jul 2009 Advisories: Access violation in Star Wars Battlefront II 1.1

24 Jul 2009 Patches: Star Wars Battlefront II 1.1 seven guests fix 0.1

24 Jul 2009 Fake_players_bug: Star Wars Battlefront 1 and 2 Fake Players DoS 0.4
updated for fully supporting SWBF2

24 Jul 2009 Research: America's Army 3 auth packets ssc_decrypt 0.2.1
added the handling of the tcpdump files (the sniffed sessions generated by wireshark), added the authomatic decompression of the zipped authentication data when is not used the -f option (so in visualization mode only) and allowed the visualization of the data which is not-encrypted

22 Jul 2009 Advisories: Buffer-overflow in S.T.A.L.K.E.R. Clear Sky 1.5.10

22 Jul 2009 Advisories: Unhandled malloc exception in S.T.A.L.K.E.R. Clear Sky 1.5.10

22 Jul 2009 Advisories: Unhandled exception in S.T.A.L.K.E.R. Clear Sky 1.5.10

21 Jul 2009 Advisories: Temporary freezing in Crysis 1.21 and Crysis Wars/Warhead 1.5
B-series vulnerability (imho) reported only for thoroughness with the research of these days

21 Jul 2009 Advisories: Format string in Crysis 1.21 and Crysis Wars/Warhead 1.5

20 Jul 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.4
solved a bug in ttarch_meta_crypt where in some rare cases was decrypted an additional block of the file corrupting it, added some additional fields in the rebuilding of files of version 2, added the usage of ttarch_meta_crypt also in rebuild mode otherwise some files looked corrupted, in extraction now the offsets of the non-compressed archives are showed as absolute (so 00112233 instead of 0 for the first file)

20 Jul 2009 Advisories: Access violation in the HTTP/XML-RPC service of Crysis 1.21 and Crysis Wars/Warhead 1.5

19 Jul 2009 Research: TNTFOLDER files decrypter/encrypter 0.3
rewritten in most parts because the previous (jurassik) version was so bugged that it didn't work too, sorry for the inconvenience

18 Jul 2009 Research: Telltale TTARCH files extractor/rebuilder 0.1.3
added the -b option for rebuilding the ttarch archives

18 Jul 2009 Advisories: Negative memcpy in Armed Assault 1.14 and ArmA 2 1.02

18 Jul 2009 Advisories: Format string in Armed Assault 1.14 and ArmA 2 1.02

18 Jul 2009 Advisories: Memory bug in Armed Assault 1.14 and ArmA 2 1.02

16 Jul 2009 Advisories: Wrong type assert in World in Conflict 1.0.1.1

16 Jul 2009 MyToolz: Mydown 0.2.6
added the -M option which allows to download the same file from multiple mirrors and separated the mydown package from the mydownlib one

16 Jul 2009 TestingToolz: UDPSZ 0.2.2e
the -p option allows to send packets from an UDP port already in listening mode

15 Jul 2009 Advisories: Negative memset overflow in America's Army 3 3.0.5

15 Jul 2009 Research: Leverage ssc functions 0.1a
nothing new, I have only added the ascii_calculate_hash and ascii_calculate_key_hash for thoroughness

15 Jul 2009 Advisories: NULL pointer and access violation in America's Army 3 3.0.5

14 Jul 2009 TestingToolz: Generic custom HTTP file uploader 0.2
added form-name and button-name as required arguments, added the possibility of adding custom forms and values (thx katz) and fixed a bug

14 Jul 2009 Advisories: Packets loop in America's Army 3.0.5

14 Jul 2009 TestingToolz: UDPSZ 0.2.2d
solved a bug in the usage of a big file (-f) specifing a small packet size

14 Jul 2009 Research: Leverage ssc functions 0.1
the ssc_decrypt and ssc_encrypt functions used in the Leverage library adopted in games like America's Army 3 and ARCA Sim Racing

14 Jul 2009 Research: America's Army 3 auth packets ssc_decrypt 0.2
added options for dumping the decrypted data in a file and for encrypting the input file and fixed a bug in the handling of the offset values

14 Jul 2009 Research: America's Army 3 auth packets ssc_decrypt 0.1.1
added the ability of chooing a custom key useful for the encrypted information replies implemented from AA3 3.0.5

13 Jul 2009 Research: America's Army 3 auth packets ssc_decrypt 0.1
simple tool for decrypting any encrypted communication (saved as a file) with the authentication server of America's Army 3 auth.aa3.americasarmy.com

13 Jul 2009 Advisories: Resource consumption and crash in America's Army 3 3.0.5

13 Jul 2009 Patches: America's Army 3 3.0.4 ut3sticle fix 0.1

13 Jul 2009 Proof-of-concepts: Server termination in Unreal engine 3 0.1.1
added support for America's Army 3 which is vulnerable too

13 Jul 2009 Proof-of-concepts: ut3mendo 0.1.1
added support for America's Army 3 (test attack 3) which is vulnerable too

12 Jul 2009 Research: Test Drive Unlimited savegames/files decrypter/encrypter 0.1
quick tool for decrypting and re-encrypting the files in the playersave folder of the user and the btrq, db and any other encrypted file of this game

11 Jul 2009 Research: QuickBMS generic files extractor 0.2.3a
fixed only an error in the rarely used Padding command

09 Jul 2009 Research: WorldShift XE/XP files extractor 0.1.2d
substituited the memmove function with a manual one to avoid the possible senseless memmove bug (the job of memmove is just copying the data byte per byte but for some unknown reasons in rare occasions it could corrupt part of the data)

09 Jul 2009 Research: Ventrilo RCon tool 0.2.9
ventrilo3_handshake fix

09 Jul 2009 Research: Ventrilo proxy data decrypter 0.3.3
ventrilo3_handshake fix

09 Jul 2009 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.10
ventrilo3_handshake fix, used the code of ventrcon and added the handling of the -W option which was missing

09 Jul 2009 Research: ventrilo3_handshake 0.3
solved a bug in ventrilo3_algo_scramble (thx John Smith) which in some occasions wrongly encrypted/decrypted the in-game data and adjusted some other things

08 Jul 2009 Research: Telltale TTARCH files extractor 0.1.2
added support for the first chapter of Tales of Monkey Island and Muzzled, now the .lenc files are decrypted only when the -m option is enabled for logical reasons, added an option for forcing only the decryption and the encryption of the input file (debug)

07 Jul 2009 Research: How to get the list of game servers from getgsc.com 0.1.1
added more informations about the gamenames and more games like America's Army 3

06 Jul 2009 Research: QuickBMS generic files extractor 0.2.3
added support for the bzip2 compression, the line data type and various big speed improvements moreover in the byte-per-byte operations (like getvarchr and putvarchr)

06 Jul 2009 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.2
added initial experimental support for America's Army 3

06 Jul 2009 Patches: America's Army 3 3.0.4 NULL pointer fix 0.1

06 Jul 2009 Advisories: NULL pointer in America's Army 3 3.0.4
how is possible that I continue to find vulnerabilities even if I no longer search them? mah

04 Jul 2009 Research: HLSWlist 0.1.1
added the -f filter option

04 Jul 2009 Research: ISI rFactor files decrypter/encrypter 0.1.3a
a micro fix when using a full path in the output file (like c:\file.dat) which instead was created in the current folder (thx JusTiCe8)

04 Jul 2009 MyMusic: Tape Revenge (ver2)
removed only an annoying instrument

03 Jul 2009 Password_recovery: Xfire password decrypter 0.1
decrypter for the EncryptedUser and EPW fields in XfireUser.ini

02 Jul 2009 Research: Race Driver series ZIG to BIG decrypter 0.1
a decrypter for the ZIG files used in the Race Driver games implemented as plugin for QuickBMS

01 Jul 2009 Research: HLSWlist 0.1a
added a couple of other games in the list (although, like in gslist, the list is not needed for retrieving the servers) and adjusted the building of the query packet for possible future enhancements

01 Jul 2009 Research: Ventrilo RCon tool 0.2.8
added option -F which creates the pipe file \\.\pipe\ventrcon (/tmp/ventrcon_pipe on linux) so that any program on the same machine can send commands to ventrcon simply writing them in that file, added the -C option for caching the ventrilo 3.x keys (mainly useful for debugging)

01 Jul 2009 Patches: Universal game players limiter 0.1.1
an experimental and very basic project I created as a test various months ago and which uses a simple way to recognize and limit the players from the same IP address, released also a modified version which allows to choose the maximum number of players (3 by default)

30 Jun 2009 Research: How to get the list of game servers from getgsc.com 0.1

30 Jun 2009 MyToolz: Simple TCP proxy/datapipe 0.4.6a
solved a lame bug in the -S (ssl mitm) option

30 Jun 2009 Patches: Call of Duty 4 and 5 stats DoS fix 0.1
quick and easy work-around to avoid this annoyance which could became a problem

30 Jun 2009 Patches: Battlefield 2/2142 1.4*/1.5* bfloop fix 0.2 (Windows)
work-around for an undisclosed vulnerability

28 Jun 2009 MyToolz: Hex2byte 0.3b
another micro fix for the -x option

27 Jun 2009 Patches: SWAT 4 1.1 NULL pointers and Runtime Error fixes 0.1

24 Jun 2009 Research: PunkBuster online GUID checker 0.1.8
added support for America's Army 3 and Battlefield Heroes

23 Jun 2009 Password_recovery: Cake Poker / Lock Poker password decoder 0.1
decrypts the LastPassword string in the registry

23 Jun 2009 Password_recovery: Full Tilt Poker password decrypter 0.1
decrypts the Username and Password strings in the registry

23 Jun 2009 Research: HLSWlist 0.1
command-line servers browser based on the list of game servers provided by HLSW and with an usage similar to gslist

21 Jun 2009 Password_recovery: PartyGaming password decrypter 0.1
decrypts any encrypted string in the PartyGaming fields of the registry which includes PartyPoker, PartyGammon, PartyCasino and so on

21 Jun 2009 Research: PartyGaming files decrypter 0.1
decrypter for the encrypted files used in PartyPoker, PartyGammon, PartyCasino and so on like the various INI and BIN files (ARA.ini, GRA.ini, Sys.ini, NewTable.bin, poker.bin, Table.bin and so on)

21 Jun 2009 Password_recovery: PokerStars password decrypter 0.1
decrypts the PWD field in the user.ini file or any string passed as argument

21 Jun 2009 Research: PokerStars INI decoder and decompressor 0.1
a decoder for the INI files implemented as BMS script for my QuickBMS tool

21 Jun 2009 MyToolz: Hex2byte 0.3a
added a work-around for the -x option which allows it to work also with the hex dumps of wireshark

17 Jun 2009 Research: Ventrilo port 5000 packet decoder 0.1
decoder for the packets sent to/from port 5000, a typical example are those for update.ventrilo.com and proinfo.ventrilo.com

17 Jun 2009 Password_recovery: Ventrilo regkey decoder 0.1
simple decoder of the registration key of Ventrilo client which is stored in the regkey registry key

14 Jun 2009 MyToolz: DAA2ISO / GBI2ISO 0.1.7c
added support for the GBI files used in gBurner which are identical to DAA except for some microscopical lame changes, anyway the 99% of the GBI files online are just renamed DAA files so the previous version of daa2iso already worked with them perfectly

12 Jun 2009 Research: ISI rFactor //[[gM files decrypter/encrypter 0.2
the only change in this release is the possibility to re-encrypt the file because ARCA Sim Racing seems to need it, for the rest the new major version has been used because now the usage/syntax of the tool is like the one of rfactordec and wtcced

08 Jun 2009 Research: QuickBMS generic files extractor 0.2.2a
adapted the code for accepting the options when launched in GUI mode

07 Jun 2009 Research: QuickBMS generic files extractor 0.2.2
added the -L option for placing the list of files in a file, added the -D option for using decimal notation internally, optimized the For command, gained some milliseconds from myitoa, added the experimental commands for implementing recursive functions (Start, Call and EndFunction)

03 Jun 2009 Research: Milestone MIX files extractor 0.1.1
added support for MIX files of SBK 09

27 May 2009 Research: QuickBMS generic files extractor 0.2.1
fixed the handling of some numbers (signed integers and shifting are not friends), the letters between ' are now considered numbers (so 'a' is 0x61), now in Get/PutVarChr is possible to specify also the size of the number through an optional parameter and added: LZX, Binary and BaseName types, BytesRead and NotEOF internal variables (they are used in MultiEx), handling of elif and else (very useful), a new optional parameter in FindLoc to avoid to terminate the script if the string is not found, various new String operators, GetArray and PutArray functions which can be used to work on some temporary dynamic arrays (useful in some occasions), QuickBMSver command which allows to specify the minimum version of QuickBMS supported by that script

26 May 2009 Research: Race WTCC files encrypter/decrypter 0.2.4
added the -k option which allows to specify a custom key or the name of a game which uses a custom key and is supported by wtcced, this is needed to decrypt/encrypt the files of "Volvo The Game" (example: wtcced -k volvo original.gmt new.gmt)

24 May 2009 Research: Telltale TTARCH files extractor 0.1.1
added the -m option which automatically dumps the FONT and D3DTX files as DDS and the AUD as OGG, very useful

16 May 2009 Research: Telltale TTARCH files extractor 0.1
quick tool for extracting the files located in the ttarch archives used in the games developed by Telltale

16 May 2009 MyToolz: Rot13 0.2
this tool was so old and basic that it didn't had even a version, so I have simply reused the source code of Xor with the needed modifications

14 May 2009 MyToolz: Simple TCP proxy/datapipe 0.4.6
added only the -c option for deciding the maximum number of incoming connections

13 May 2009 Research: GS passenc/passwordenc decrypter/encrypter 0.1
quick tool for decrypting and encrypting the passenc and passwordenc fields used for creating new users on Gamespy (gpcm.gamespy.com:29900) with the \newuser\ command

12 May 2009 MyToolz: BDE64 0.2.1
added support for the "_[]" escape chars used on gamespy and optimized the code

11 May 2009 MyToolz: Proxocket 0.1.5
added the handling of the return values of the myproxocket plugins for the functions myconnect, mybind, mysend and mysendto for allowing the user to skip the calling of the original functions (for example don't sending a packet if its content doesn't match our criteria) and added the function mysocket for hooking the socket function

11 May 2009 Fake_players_bug: DirectPlay 8 Fake Players DoS 0.1.2
a small update for this jurassik (the last version was dated 2005) and interesting proof-of-concept

11 May 2009 MyToolz: UIF2ISO 0.1.7c
fixed a bug in the handling of the old non-lzma UIF files introduced in version 0.1.7b

09 May 2009 Research: QuickBMS generic files extractor 0.2
tons of speed improvements and memory and code optimizations, added the double console+gui mode (works from command-line if started from the console or with a minimal gui if double-clicked), when the tool asks to overwrite an existent file now is possible to use "a" or "all" for overwriting them automatically, added multiple memory files (MEMORY_FILE, MEMORY_FILE2, MEMORY_FILE3 and so on), added a TEMPORARY_FILE which is nothing else than a file with this name which is saved also in list mode, all numeric variables are saved in hexadecimal, FileXOR and FileROT13 now accepts also a variable as argument, added support for various encryption algorithms (aes, blowfish, des, 3des, rc4 and xtea), added the Print command which allows to show a message at runtime and various other enhancements and fixes other than new BMS examples like the one which acts as base for the games which use the TTARCH format (remember that each game has its own key which must be specified in the script)

03 May 2009 Research: QuickBMS generic files extractor 0.1.6
added the Append command, some small optimizations in the usage of realloc with the variables and the memory_file, corrected the position offset used in filexor/filerot13 if set to zero

03 May 2009 MyToolz: Offset file unzipper 0.3.3
corrected a visualization problem where the found offsets were not fully visible and forced the tool to search (-S) also incomplete deflate blocks (uhmm I don't know if this is really good or not)

30 Apr 2009 MyMusic: new modules
well, not really new since they have at least one year and some rust on them

29 Apr 2009 MyToolz: UIF2ISO 0.1.7b
added the handling of the x86 filter in the LZMA decompression, this is absolutely useless in this case because the LZMA chunks in the UIF images don't use such filter but it's good for being 100% compatible with the format

29 Apr 2009 Research: QuickBMS generic files extractor 0.1.5
added the explode (pkware data compression library), gzip and lzma (included handling of the x86 header and decoder) compressions, the filename of any opened file is saved and can be read from inside the scripts (example: get NAME filename 1), added the Padding command, some small enhancements and bugfixes of the code

27 Apr 2009 Research: QuickBMS generic files extractor 0.1.4a
solved a bug in the handling of LZO compression, the break command, added the cleaning of the filename to save and the visualization of the source code's line in case of errors

25 Apr 2009 Research: QuickBMS generic files extractor 0.1.4
this tool is a scripts based files extractor compatible with the BMS language. the idea was born from the need of a simple and fast solution for handling the simple types of archives used by the majority of games without losing time writing a stand-alone tool with tons of C code just for a basic file format

20 Apr 2009 Research: ISI rFactor files decrypter/encrypter 0.1.3
added an option for overwriting the output files without prompting and two options for re-encrypting the files (needed only with ARCA Sim Racing)

18 Apr 2009 MyToolz: Offset file unzipper 0.3.2
solved a bug in the usage of inflateReset which avoided to find two consecutive compressed blocks and solved the visualization bug in the displaying of the offsets

18 Apr 2009 MyToolz: Simple UDP proxy/pipe 0.4a
added the -t option for choosing the desired amount of seconds after which closing the client socket

15 Apr 2009 MyToolz: Mydown and mydownlib 0.2.5a
removed the backslash from the list of chars to use in hex format and avoid to redirect if the Location field is wrong or incomplete (for example Location: /)

14 Apr 2009 Research: GS login server emulator 0.2.2
added the -f option for selecting a file with fixed pids for each username

13 Apr 2009 MyToolz: Simple UDP proxy/pipe 0.4
various bug fixes (like using __cdecl for the plugins functions and closing the outgoing socket), some parts have been rewritten, added the -B option for selecting the outgoing interface, a double binding mode (like in stcppipe), added support for multiple targets:ports with two additional options for using a different outgoing socket for each target (the result is very interesting, with challenge-response-free games like Unreal1 the result is like a playable fake players) or using only one outgoing socket and more

13 Apr 2009 MyToolz: Simple TCP proxy/datapipe 0.4.5
fixed a small bug in the usage of select(), added the -B option for selecting the outgoing interface, added the possibility to specify different ports in the comma-separated list of destinations, added the -M option for connecting to all the target destinations at the same time, option -p for increasing the priority of the process

13 Apr 2009 MyToolz: Proxocket 0.1.4
fixed the creation of a corrupted CAP file when are used both ws2_32.dll and wsock32.dll, used a better solution for the writing of the CAP file in multi-thread programs and avoided the creation of the 3way handshake for non-TCP sockets if their programs use them with connect()

13 Apr 2009 TestingToolz: FindBits 0.2.1
fixed a bug in the parsing of the hex values in the option -s and fixed the output of -b

13 Apr 2009 Fake_players_bug: Quake 3 engine fake players DoS 0.4.4d
solved a sscanf bug in the parsing of the -d option

10 Apr 2009 Research: Race WTCC files encrypter/decrypter 0.2.3
corrected a field in the encryption of the files using versions 0, 2 and 4 (a missing "zlen = 0;") where the compressed size wasn't set to zero. anyway this field didn't give problems to the games which read the encrypted files because they just skip it in versions 0, 2 and 4 so it wasn't a problem

08 Apr 2009 Research: Call of Duty series mpdata decrypter/encrypter 0.1.1
removed the dumping of the first 16 bytes of the file because it's only a hash and added the automatic encryption of the input file if it's not mpdata

07 Apr 2009 Research: Call of Duty series mpdata decrypter 0.1
decrypter for the Profiles mpdata file used in Call of Duty 4 and Call of Duty 5 / World at War

03 Apr 2009 Research: Ventrilo RCon tool 0.2.7a
microfix in the creation of passworded channels in Ventrilo 3.x

01 Apr 2009 Research: GSPlayers 0.1.1a
only some micro modifications because it no longer worked

27 Mar 2009 Research: GS login server emulator 0.2.1
adjusted the encoding on port 29920 and some micro enhancements

19 Mar 2009 Research: FSB files extractor 0.2.7
corrected a small bug in rebuild mode where the "guessed" number of samples of the added file was not updated and added full support to the rebuilding of the FSB archives which use small headers

19 Mar 2009 Research: GS login server emulator 0.2a
now the profileid, sessionid, sesskey and mod are a number referred to the name of the user and no longer random as before

18 Mar 2009 Research: Racer AR files extractor 0.1
extractor for the AR files built with the buildar.exe tool used in the game Racer

18 Mar 2009 Research: unlzboh 0.1
another simple LZ algorithm, this one is used in the game Racer

18 Mar 2009 TestingToolz: UDD files quick informations 0.1
quick and basic tool which show some informations contained in the UDD files used in Ollydbg like the various breakpoints and the comments

16 Mar 2009 Research: MotorM4x files decoder 0.1.1
added an option for re-encoding the files

16 Mar 2009 Patches: Quake 3 engine RCON half-second limit disabler (Windows and Linux) 0.1.2
added support for cod4, cod5 and cod2 (this one has not been tested)

15 Mar 2009 MyToolz: Signsrch 0.1.5a
made a small change which avoids to show the address 0xffffffff in some rare occasions when is used the -e/-P option and added an option for disabling the automatic executable parsing when is used -P

15 Mar 2009 MyToolz: Proxocket 0.1.3a
modified acpdump.h for dividing the captured data (so the creation of the CAP file) in packets of max 65535 bytes

14 Mar 2009 Password_recovery: ISPQ sha1 password decrypter 0.1
decrypts the string in the registry (RecentLogin) containing the sha1 hash of the password

14 Mar 2009 MyToolz: DLL proxy skeleton generator 0.1.1b
only an aesthetic enhancement in which I have removed the useless WINDLLSHIT code, adjusted some comments and #define's names and added two default ways for hooking the proxified functions (CALL_FUNCTION and CALL_FUNCTION2) so the user can choose the most confortable

14 Mar 2009 MyToolz: Proxocket
I have updated ONLY the sample myproxocket.c file because I missed the WINAPI prefix for the real_* functions, so the program and the version (0.1.3) have NOT been touched

12 Mar 2009 Research: Quakelive xmpp.quakelive.com password retriever 0.1
a basic tool and a text file which describe how to get the session password needed to use the own Quake Live account on the jabber/xmpp service of xmpp.quakelive.com from outside the game, so using any normal client supporting this open protocol

11 Mar 2009 TestingToolz: Webservers char tester 0.1
a simple tool which has been very useful in all this time for the blind and quick testing of some vulnerabilities in software that uses the HTTP protocol and it's totally useless to myself now that I'm no longer interested in security

11 Mar 2009 Research: Battlefield 2 and 2142 bitstream sniffer 0.1.1
I have partially rewritten some parts of the code to make it more readable and easy to understand

11 Mar 2009 TestingToolz: FindBits 0.2
optimized and added some new options for reading and visualizing a custom amount of bits and deciding the start offset in bytes or bits

09 Mar 2009 Research: FSB files extractor 0.2.6
added checks on the correctness of read and write operations (useful only with corrupted FSB files or no disk space), hex dump of the additional headers (moresize) when is used the verbose option, handling of the small headers in FSB4, fixed a bug in the generation of the binary file (-s) with the FSB files that have additional headers (moresize) and the following improvements of the -a option: added the recognizing of the XMA files, usage of the correct extension based on the type of codec of the file (like .mp3 for the delta/mp3 files), correct generation of the output files for VAG (used the SS2 file format), GCADPCM (used GENH) and XMA (this last one not tested due to the lack of decoders) so now all the formats are covered

08 Mar 2009 Research: Asura engine "AsuraCmp" files decompressor 0.1
decompressor for the compressed data files used in the games based on the Asura engine like Sniper Elite, Rogue Trooper, Guard Shield and so on

08 Mar 2009 Research: Asura huffboh 0.1
compression algorithm (huffman?) used in the Asura engine

08 Mar 2009 Research: unthandor 0.1
decompression algorithm reversed from the game Thandor

08 Mar 2009 Research: decompression functions
moved the unlzss, unlzw and unlzwx functions from Mytoolz to a new sub-section specific for compression functions

08 Mar 2009 Research: PS2 VAG interleave value guesser and files extractor 0.1.1
added some new options and the usage of a different pattern to search, works enough well when configured correctly but it's definitely not user-friendly (after all I created it only for The Warriors)

05 Mar 2009 MyToolz: Mydown and mydownlib 0.2.5
encoding of special http chars, handling of the "Connection" server's parameter, better handling of the gzip streams, -z option in mydown for forcing the on-fly decompression of the downloads and better handling of the onflyunzip option

05 Mar 2009 Research: CameraWaREC 0.1
another tool with the same usage and options of jmeetrec and awcamrec but for the webcams on CameraWare

05 Mar 2009 Research: JMeetREC 0.2d
nothing new, I have only updated mydonwlib and sha1.c and added a note in the runtime help about checking the system clock if there are many 403 errors

04 Mar 2009 Research: Xbox ADPCM plugin 0.1.3
solved a bug with Winamp which requires a sample buffer of at least 0x200*4 bytes, removed the support for the ZWB and DAT files (since totally useless) and corrected the return values of the functions in stdio2win.h

04 Mar 2009 Password_recovery: Digsby password decoder 0.1
decodes the encrypted password string provided through the command-line

02 Mar 2009 Research: Stainless Steel Studios SSA files extractor 0.1
an extractor which works with all the games developed by Stainless Steel Studios like Empire Earth, Empires: Dawn of the Modern World and Rise and Fall: Civilizations at War

02 Mar 2009 Research: Canhel PAC->ZIP and ZIP->PAC converter 0.1
converts the PAC files of this (beta) mmorpg in ZIP and viceversa

02 Mar 2009 Research: Spike Girls SGP* files decoder 0.1a
simple decoder for the SGP* files of this game

25 Feb 2009 Research: NecroVisioN files extractor 0.1.1
I forgot to handle the first byte used for specifying if the files are compressed or not (thanx to asmxtx)

22 Feb 2009 Research: Ventrilo RCon tool 0.2.7
added the /user custom command for creating new users, on Ventrilo 3.x the new users will have all their rights disabled (all the fields set to zero)

22 Feb 2009 Research: NecroVisioN files extractor 0.1
simple files extractor for this game

20 Feb 2009 Research: Multi engine RCON tool and password guesser 0.2.3d
redirected the non useful program's messages to stderr and added the -P option for loading the password from a file (possibly useful in multi user environments for security reasons)

18 Feb 2009 MyToolz: Signsrch 0.1.5
corrected the reading of some rarely used signatures from signsrch.sig (for example UUEncodeTable), added an option to avoid to build the big endian versions of the signatures, the -e option is now used to handle the input file as an executable (PE/ELF32) for visualizing directly the rva memory addresses instead of the not so useful file offsets (works also on non-Windows systems), updated the signsrch.sig database

18 Feb 2009 Fake_players_bug: Quake 3 engine fake players DoS 0.4.4c
implemented the previously mentioned part of the DemonWare bdcrypto research as experimental option (-d)

18 Feb 2009 Research: DemonWare bdcrypto bdTicket decryption 0.1a
some info and a practical demonstration of the bdCrypto mechanism used in Call of Duty World at War and possibly other games based on the DemonWare sdk

16 Feb 2009 Research: Gamespy mails of shame
I have collected all the mails exchanged between me and those idiots of Gamespy before the case and desist letter they sent me in the far November 2003, yeah these are the "famous" mails

16 Feb 2009 Research: PS2 VAG interleave value guesser and files extractor 0.1
a simple tool I have written mainly to extract the musics contained in the file music.snd of the game The Warriors for PlayStation 2

14 Feb 2009 Research: ISI rFactor //[[gM files decrypter 0.1
decrypter for the encrypted //[[gM files used in rFactor (like Toban Long.svm), in Arca Sim Racing (any ini, hdv, tbc and other files in GameData) and optionally other games

13 Feb 2009 Research: Ventrilo RCon tool 0.2.6
fixed the option for reconnecting to the server, added the -l option to log the input/output data to file and better handling of the errors

13 Feb 2009 Research: XWB/ZWB files unpacker 0.3.2
updated some fields from the latest xact3wb.h and added full support to the header of the adpcm files

13 Feb 2009 Research: FSB files extractor 0.2.5c
no longer creates the wav header for the files classified as delta because they are mp3 (so headerless) and added the useless -A option which forces the usage of the ima tag (0x0011) instead of the xbox one (0x0069) for the files which uses the adpcm format

13 Feb 2009 Patches: Quake 3 engine Cbuf_Execute commands execution universal fix 0.1 (Windows)

08 Feb 2009 Research: Ultima Online uodemo.dat extractor 0.1b
automatically filtered the useless .q extesion of the extracted files

08 Feb 2009 Patches: Ebenezer kocrash overflow fix 0.1

08 Feb 2009 MyToolz: Lame Patcher 0.4.3
mapping of the files smaller than 32 mb in memory for better performances with some .lpatch files, parsing of the executables, real rva calculation, a new set of experimental instructions, fixed the visualization of the original offsets in the report in some rare cases and some additional checks

08 Feb 2009 Password_recovery: Bullet Proof FTP bpftp.dat file decoder 0.1a
micro fix for compatibility with the compilers

06 Feb 2009 Research: Ultima Online uodemo.dat extractor 0.1a
files extractor for the uodemo.dat file of Ultima Online, the tool could work with other encrypted files too

05 Feb 2009 MyToolz: Proxocket 0.1.3
adjusted the last argument (namelen) of the prototype of accept() and myaccpet() and adjusted the handling of myrecv and myrecvfrom when applied to WSARecv/WSARecvFrom

04 Feb 2009 Research: FSB files extractor 0.2.5b
solved a bug in the function for rebuilding the FSB archives caused by the calculation of the padding

02 Feb 2009 Research: Ventrilo RCon tool 0.2.5
better compatibility of the /subchan commands with ventrilo 3.x and filtered the visualization of empty lines

02 Feb 2009 Research: FSB files extractor 0.2.5a
corrected the handling of the null files (virtual files, loops markers) in the rebuilding process

02 Feb 2009 Research: FSB files extractor 0.2.5
added the -v option for additional/useless informations, rebuilding function: added support for FSB4 and corrected a (rare?) bug in the guessing of the offset where placing the files

02 Feb 2009 Proof-of-concepts: TeamViewer host <= 4.0.5543 resources consumption 0.1
very basic but interesting bug

31 Jan 2009 Patches: Enemy Territory 2.55/2.60b and ET Pro 3.1.0/3.2.6 Cmd_WeaponStat_f fix 0.1
fix for the malformed ws command, in my opinion it's useless because the ET Pro mod already fixes this and other bugs through combinedfixes.lua so my fix has a reason to exist only on mod-less servers or with versions of ET Pro where there is no lua support

29 Jan 2009 Research: Gslist 0.8.8
updated enctypeX, assigned a type to the various function pointers in multi_query.h, faster colors filtering, cleaning of the code, webgui: although it's no longer supported I have added support for enctypeX (server's informations are showed immediately without pinging them), optimized sorting function, default port from 80 to 28903, avoid multiple instances on the same port, gslistweb.exe now parses the options passed at command-line (useful for custom port, enctype, enctypeX_query and so on), the filter now is no longer saved for error because it's a temporary string used only for being assigned to the games in Config

29 Jan 2009 Research: GS enctypeX servers list decoder 0.1.2
added the handling and filtering of the colors, the chars major than 0x7f and the html/SQL escape chars (optional), fixed the wrong handling of negative numbers when infobuff is used in enctypex_decoder_convert_to_ipport and added the argument infobuff_size in enctypex_decoder_convert_to_ipport

29 Jan 2009 MyToolz: DAA2ISO 0.1.7b
nothing new, I have only added some additional checks in tinflate.c

27 Jan 2009 Password_recovery: CuteFTP data retriever and password decoder 0.1.1
adjusted the parsing of the sm.dat file

27 Jan 2009 MyToolz: Simple TCP proxy/pipe 0.4.4a
fixed a bug with the closing of a file when -d and -S are used and added the option -X for choosing a custom SSL method and certificate

21 Jan 2009 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.4a
removed the termination of the tool if an unknown packet is received

19 Jan 2009 Password_recovery: FlashFXP passwords decoder 0.2
added support for the passwords which don't use the default key

17 Jan 2009 Research: ISI rFactor files decrypter 0.1.2c
added the automatic creation of output folders for using the tool in scripts like wtcced

17 Jan 2009 Research: ISI rFactor files decrypter 0.1.2b
added the signature of Simulador Turismo Carretera for identifying the encrypted files of this game

17 Jan 2009 Research: ISI rFactor files decrypter 0.1.2a
solved a bug which corrupted the first 4 bytes of the GMT files introduced in the last version (thanx to JBob)

15 Jan 2009 Research: PunkBuster online GUID checker 0.1.7a
added Need for Speed: Undercover

14 Jan 2009 Password_recovery: Steam password decoder 0.2.3c
added the embedded UAC manifest useful to make it fully compatible with Vista (thanx to Henderson), the rest has not been touched

13 Jan 2009 Patches: Call of Duty 4 1.7 fix for the callvote buffer-overflow 0.1 (Windows)

13 Jan 2009 Research: ISI rFactor files decrypter 0.1.2
forget the previous change, each game has its own signature so for the moment the tool checks that one of rFactor and ARCA (so it can be used in batch with multiple files decrypting automatically only those which are really encrypted), added also some more informations displayed and support for encrypted files which are not only GMT (thanx to mario)

13 Jan 2009 Proof-of-concepts: Quake 3 engine Cbuf_Execute commands execution universal proof-of-concept 0.1
universal patcher which gets the original client executable of a game based on the Quake 3 engine and generates a new modified one which converts the ';' chars in the commands sent by the client to carriage-returns for testing a vulnerability found by leo of http://www.nixcoders.org which allows to execute server's game commands through a malformed callvote

12 Jan 2009 Research: ISI rFactor files decrypter 0.1.1a
I have only removed the check of the signature in the encrypted files because some games based on the rFactor engine use random values, this means that now the tool can decrypt the encrypted files of ARCA Sim Racing, attention only to verify that the input files are really encrypted because the tool can't know or guess it

10 Jan 2009 Proof-of-concepts: q3unban plugin for proxocket 0.1
the q3unban plugin converted to proxocket for testing this bug automatically without proxies or additional operations

08 Jan 2009 Research: FSB files extractor 0.2.4a
added support for the new type of encryption of the FSB files which still allows to see the original password, the rest of the tool has not been touched

08 Jan 2009 Research: Ventrilo RCon tool 0.2.4a
nothing new, I have simply added the #include <pthread.h> needed to compile the tool on linux

07 Jan 2009 Fake_players_bug: Skulltag Fake Players DoS 0.1.2a
added the hash of a new and old version and automatically tests the default password "password" if the server is protected

06 Jan 2009 MyToolz: UIF2ISO 0.1.7a
now the magiciso_is_shit function works also on big endian CPUs like PowerPC and I have made some usual micro cleanups of some instructions (like using signed char instead of char, removing an useless kboxinit and using the latest lzmadec files)

04 Jan 2009 MyToolz: Simple TCP proxy/pipe 0.4.4
added the -S option for handling SSL connections (MITM for dumping the data exchanged between a SSL client and server), the -D option for dumping the data directly to stdout for fast debugging and updated acpdump.h

31 Dec 2008 MyMusic: summer@home
the melody was ready from long time and finally I have found an enough good base for it

31 Dec 2008 Patches: AXS v3.00 enhancements 0.1a
I have simply commented and explained the modifications of the patch, there are NO changes to the patch which is still the same of 0.1

31 Dec 2008 TestingToolz: loDNS 0.1
simple tool I wrote some months ago for my tests which emulates a basic DNS server and logs all the hostnames in the received requests and replies with a fixed IP address

29 Dec 2008 Research: GS login server emulator 0.2
updated, optimized and added support for more parameters to make it compatible with other games like Battlefield 2

23 Dec 2008 Password_recovery: Steam password decoder 0.2.3b
solved a problem in the automatic testing of NoMachineSpecificPassphraseAvailable if the first key fails

21 Dec 2008 Password_recovery: Steam password decoder 0.2.3a
modified the function which gets the values from the registry for making it more Steam-like and now the tool automatically tries to use the key NoMachineSpecificPassphraseAvailable if the retrieved one is wrong, this should solve problems retrieving the correct decryption key on Vista

21 Dec 2008 Research: Multi engine RCON tool and password guesser 0.2.3c
removed the flushing of the keyboard input, I noticed a micro problem probably caused by that setbuf(stdin, NULL) and fflush(stdin)

10 Dec 2008 Fake_players_bug: SA:MP invisible Fake Players DoS 0.1.4
added support for version 0.2X

10 Dec 2008 MyToolz: Executable's strings lister and replacer 0.2.3
added the -e option which forces the tool to start the disassembly scan from the entry point of the input executable and removed the check which controlled if the pointed string/array is outside the executable section

09 Dec 2008 MyToolz: Executable's strings lister and replacer 0.2.2
solved a problem where the strings imported with -b were not NULL delimited (thanx to doppiapunta), solved (definitely?) the problems with the handling of the line feeds in the re-imported strings, added the -A option for collecting/importing only the aligned data

08 Dec 2008 Password_recovery: Desktop Fay passwords decoder 0.1
decodes the smtp and pop password in the registy

08 Dec 2008 Password_recovery: DarkSpace passwords decrypter 0.1
decrypts the previousPW password in config.ini

06 Dec 2008 Research: Egosoft X series CAT/DAT files extractor 0.1
extractor for the CAT/DAT archives used in any of the X games developed by Egosoft: X, X2 and X3

06 Dec 2008 Research: QuakeLive beta files decoder 0.1
simple decoder for the PK3 files of QuakeLive beta

05 Dec 2008 Research: Cauldron FS files extractor 0.2
the old extractor for Chaser rewritten from scratch with support to any game and demo developed by Cauldron

05 Dec 2008 Patches: Call of Duty 4 (1.7) work-around for the va() bug 0.1a (Windows)
nothing new, I have only made one of the searched pattern bytes dynamic to allow to work on older or newer game versions and also on Call of Duty World at War (yes, seems vulnerable too)

04 Dec 2008 Research: Ventrilo RCon tool 0.2.4
other than the updated ventrilo_algo and ventrilo3_handshake I have made various other changes like the thread now used for the keyboard commands (so the rest is threadless), the automatic enabling of the "Show login name in remote status requests" option and two new options for reconnecting when disconnected (useless) and for waiting a certain amount of seconds between each command sent from the batch file (-f)

04 Dec 2008 Research: Ventrilo proxy data decrypter 0.3.2
updated ventrilo_algo, ventrilo3_handshake, the functions for dumping the tcpdump file and solved some bugs which corrupted the captured data

04 Dec 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.9
updated only ventrilo_algo and ventrilo3_handshake

04 Dec 2008 Research: ventrilo3_handshake 0.2
this is the updated set of functions for joining the Ventrilo 3.x servers that I have now decided to release as a stand-alone project (previously it was only available in the ventrilofp/ventrilo_proxy/ventrcon packages). in the previous versions there was a small bug in the scrambling of the keys which corrupted a bit the in-game packets

04 Dec 2008 Research: Ventrilo encryption/decryption algorithm 0.2a
nothing new, I have simply prepared the functions for supporting possible updates in the future and added a commented obfuscated code which comes from Ventrilo 3.x (obfuscated because this code seems to do exactly the same stuff of the old version but looks more chaotic, mah)

03 Dec 2008 Password_recovery: TrendMicro passwords decrypter 0.1.1
added support for the !CRYPT! strings composed by multiple blocks (because each block has a max size of 64 bytes), added a message which tells when has been used the PWDDecrypt method instead of the !CRYPT! one (all the times the input string doesn't start with the "!CRYPT!" text) and now the decrypted string is visualized without the previous DECRYPT: prefix

03 Dec 2008 Patches: Quake 3 engine universal directory traversal fix (Windows) 0.1.1
fixed a read exception when using /download without arguments (thanx to rampage)

03 Dec 2008 MyToolz: Executable's strings lister and replacer 0.2.1a
added a micro check on the three parameters needed to use the tool to be alerted of missed or wrong parameters

02 Dec 2008 MyToolz: Executable's strings lister and replacer 0.2.1
solved a bug which added a carriage return (0x0d) at the imported strings and added the -b option which allows to read the input file without disassembling it (like the "strings" unix program) and so to re-import the strings directly in the file without the additional modifications done by default for the executables (repointing of the offsets and new sections)

01 Dec 2008 Research: Kingdom Elemental files extractor 0.1
extractor for the archives of the game Kingdom Elemental and not only, in fact this game uses the Molebox packer for encrypting/compressing/archiving its files so my tool could be "reused" also with other programs after having made the needed modifications (first of all the the encryption key)

30 Nov 2008 Password_recovery: Steam password decoder 0.2.3
now all the code is OpenSSL dependent so steampwd.c is all the source code, I have also made some micro optimizations here and there but nothing important

30 Nov 2008 Research: Big Scale Racing files decoder 0.1
quick decoder for all the FSW, FS3, FSP and the other encoded files of this game

30 Nov 2008 Research: Virtools files unpacker 0.1.3
added support to the VBF archives (VXBG signature) and made some generic optimizations

30 Nov 2008 Research: MotorM4x files decoder 0.1
decodes the files extracted from the ZIP archives with the MDL/DTF extensions

29 Nov 2008 Research: EipiX Pyroblazer packages/files extractor 0.1
extractor for the Packages.dat archive of the game Pyroblazer

29 Nov 2008 Research: WorldShift XE/XP files extractor 0.1.2c
used a "static" buffer to avoid a bug which consumed lot of memory

28 Nov 2008 Research: Gslist 0.8.7a
updated enctypex

28 Nov 2008 Research: GS enctypeX servers list decoder 0.1.1a
solved an error in the new changes (thanx to Yoma)

28 Nov 2008 Research: Gslist 0.8.7
updated enctypex

28 Nov 2008 Research: GS enctypeX servers list decoder 0.1.1
full handling of the extra informations received from the master server, so now instead of having \mapname\1 is returned \mapname\name_of_the_map

28 Nov 2008 Research: Ventrilo RCon tool 0.2.3
imported the changes made recently to ventrilofp which add better compatibility to version Ventrilo 3.x and solved some bugs and errors

28 Nov 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8i
a couple of micro fixes, nothing important

27 Nov 2008 Password_recovery: TrendMicro passwords decrypter 0.1
automatically decrypt any password in the input file or the encrypted string passed as first parameter. supports both !CRYPT! strings and those decriptable through the PWDDecrypt function of PWD.DLL.

24 Nov 2008 MyToolz: QuickRVA 0.2.3
added initial support to DOS, LE, PE64, OS2, VXD, ROM, ELF64 and XBE executables and replaced the previous disassembler library with diStorm64 because allows to disassemble 16, 32 and 64 bit executables

18 Nov 2008 Research: Falcom YS games XSO files extractor and rebuilder 0.1.1a
removed the space from the sscanf in num2xso used for the "header" and "data" lines

18 Nov 2008 MyToolz: Executable's strings lister and replacer 0.2
various updates: now the tool gets more strings (but it's a bit slower), there are no longer limits in the length of the strings, all the buffers are dynamically allocated, now I use a structure containing all the strings, full handling of the original line-feeds of the collected strings, better output, elimination of duplicated strings (which is probably the most important update) and more. note that this version is NO longer compatible with the previous one!

15 Nov 2008 MyToolz: DAA2ISO 0.1.7a
full support of two other shameful ways used by PowerISO for obfuscating the data: the swapping of the 3 decompression functions in the inflate algorithm and another senseless encoding of the index table

15 Nov 2008 Research: Gslist 0.8.6d
added handling of master server messages in enctypeX (useful in case you use a wrong -f filter), now everything is displayed on stderr except the servers and games list and their informations, the classical list of the IP:port of the servers will bet no longer displayed when -X is in use to avoid duplicates with the "IP:port \parameter\value" output, finally the system tray icon of gslistweb.exe works completely and gslist can be launched or terminated from there too

14 Nov 2008 MyToolz: DAA2ISO 0.1.7
substituited the decompression library from zlib to the more simple and tiny tinf library which has allowed me to add support to a small and unusual difference in the inflate algorithm used in PowerISO which caused the failure of daa2iso with some DAA files, continued the research on some unused or rarely used fields of the DAA file format

14 Nov 2008 MyToolz: Hex2byte 0.3
the default hexadecimal format is now immediate because no longer uses the slow sscanf() which instead remain active for the other alternative formats chosed by the user, added also a very useful option which allows to handle the hexdumps

13 Nov 2008 MyToolz: QuickRVA 0.2.2a
some enhancements and fixes of the interface

13 Nov 2008 Research: Half-life DLL decrypter and rebuilder 0.2
rewritten, now the decrypted dll is correct

11 Nov 2008 Research: PunkBuster online GUID checker 0.1.7
added support to all the latest games like Call of Duty 5, Crysis Wars and WarHammer Online and a new feature which allows to verify a list of GUIDs of various formats included the pbbans one available on PunkBusted

11 Nov 2008 Password_recovery: NewsLeecher files decrypter 0.1
decodes and decompress any DAT and BAK file located in %appdata%\NewsLeecher

10 Nov 2008 MyToolz: Executable's strings lister and replacer 0.1
this tool has the main purpose of finding any ASCII and unicode string inside PE and ELF executables with the possibility of modifying these strings with an external text editor and re-injecting them in the original executable

10 Nov 2008 MyToolz: QuickRVA 0.2.2
added a real-time disassembler with parsing of ASCII and unicode strings, usage of sh_flags instead of sh_type for the visualization of the characteristics of the ELF sections, fixed a problem with virtual offsets set to zero (ELF)

10 Nov 2008 MyToolz: Proxocket 0.1.2
solved a mistake in the calling of mysendto and myrecvfrom, removed the usage of secure_in_use in acpdump.h which caused an endless loop, modified the prototype of mysend/mysendto so now is possible to create a new buffer during their hooking which will be automatically freed by proxocket after its usage with the real functions, better handling of mysend/mysendto with the WSASend/WSASendTo functions, improved the examples available in myproxocket.c

07 Nov 2008 MyToolz: Proxocket 0.1.1
added some examples and more informations in myproxocket.c, now myconnect and mybind are called before the original functions, if the return value of myconnect/mybind/mysend/mysendto is negative will be not called the relative original functions

07 Nov 2008 MyToolz: PackZip 0.1.1
I have almost rewritten this small tool, now the compressed data generated by it is complete and not partial or corrupted as before. removed the -l/-s options and renamed -x to -o (offset). still no news about the optimization of the compression, this is a limit of zlib

06 Nov 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8h
another fix for rndxx, fixed the autoguessing of the server's version and reduced the time needed for receiving a reply from the centralized Flagship servers from 5 to 2 seconds

05 Nov 2008 MyToolz: UIF2ISO 0.1.7
added support to all the available output formats: ISO, BIN/CUE, MDS/MDF, CCD/IMG/SUB, NRG

05 Nov 2008 MyToolz: DLL proxy skeleton generator 0.1.1a
adjusted the declared types when WINDLLSHIT is enabled, needed or useful with some dlls like user32.dll

03 Nov 2008 MyToolz: Proxocket 0.1
Proxocket is a dll proxy project for the main Winsock functions which allows to capture any type of packet and data sent/received by a specific software of your choice and optionally modifying its content through a custom dll easy to develop

03 Nov 2008 MyToolz: DLL proxy skeleton generator 0.1.1
now the resulted code is much smaller and I have added an useless check in InitInstance if the original dll has been already loaded

03 Nov 2008 MyToolz: Fcomp 0.3.1
added two new options for specifying a starting offset and adding the ASCII visualization of the differences

03 Nov 2008 News: restyling
I have started to restyle a bit the whole website with better descriptions (many of them are incredibly old or short) of each stuff here making everything less confusing to navigate and understand... I'm still at the beginning

30 Oct 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8g
fix of the rndxx function

30 Oct 2008 MyToolz: Proxymini 0.2.1
code cleanup

29 Oct 2008 MyToolz: Calcc 0.1.4
solved a bug with ~ and ! when used without parenthesis, added base32 output, added makefile for Unix, the base64 output now uses the RFC4648 alphabet, portability optimizations

29 Oct 2008 MyToolz: Bynaryo 0.1
tool for converting binary strings to ASCII or to 8, 16, 32 and 64 bit numbers and vice versa

28 Oct 2008 Research: UBI.COM gschat IRC proxy 0.2.2

28 Oct 2008 Research: Ubi.com gschat encoding/decoding algorithm 0.2

28 Oct 2008 Research: Ubi.com gschat proxy real-time decoder 0.1.1

28 Oct 2008 Research: Ubi.com decoding algorithm 0.2

28 Oct 2008 Research: Ubi.com real-time packets decoder 0.2
all the tools in the Ubi.com section have been rewritten and updated

28 Oct 2008 Research: GS peerchat server emulator 0.1.3
removed the shutdown() function, optimized the memory used by the threads on Linux and other optimizations for making the server more stable

25 Oct 2008 Research: CamFrog login tester example 0.1
practical example of the implemenation of my camfrogcrypt functions and basic tool for testing the login mechanism on the CamFrog servers

25 Oct 2008 Research: CamFrog encryption/decryption algorithm 0.2
the needed functions and algorithm for getting and generating the keys for encrypting and decrypting the data exchanged with the login and main CamFrog servers

25 Oct 2008 MyToolz: THEGUI 0.3.1
restored the old font, added drag'n'drop (doesn't seem to work on Windows) and better initialization of the variables

25 Oct 2008 MyMusic: added more mp3 versions of my XM modules

21 Oct 2008 Patches: Soldier of Fortune II test-demo definitive infostring crash fix 0.1

12 Oct 2008 TestingToolz: Quake 3 engine "connect" modifier 0.2
added support for multiple parameters and values

12 Oct 2008 MyToolz: DLL proxy skeleton generator 0.1
first release of this simple tool which generates a base C code for proxifyng the functions of any DLL

07 Oct 2008 Research: WorldShift XE files rebuilder 0.1a
better flushing of the temporary file

07 Oct 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8f
added support to "Show login name in remote status requests"

07 Oct 2008 Research: WorldShift XE files rebuilder 0.1
tool for building the XE archives of this game

07 Oct 2008 Research: WorldShift XE/XP files extractor 0.1.2b
small fix of the new modifications

06 Oct 2008 Research: WorldShift XE/XP files extractor 0.1.2a
better handling and recognition of the XP archives

06 Oct 2008 Research: WorldShift XE/XP files extractor 0.1.2
added support to XP archives too

05 Oct 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8e
used version 3.0.0 as default one instead of the old 2.3.0

05 Oct 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8d
filtered a couple of bad chars from the rndxx function

05 Oct 2008 Password_recovery: Steam password decoder 0.2.2
full support for Vista (thanx to Roddly)

05 Oct 2008 Research: AWCamREC 0.2.1c
updated mydownlib

05 Oct 2008 Research: JMeetREC 0.2c
updated mydownlib

05 Oct 2008 MyToolz: webimgms 0.1.2a
updated mydownlib

05 Oct 2008 TestingToolz: Generic custom HTTP file uploader 0.1a
updated mydownlib

03 Oct 2008 Research: Falcom Ys NACCI savegame files decrypter/encrypter 0.1
tool for decrypting and re-encrypting the savegames of Ys6, Ys Felghana/Ys3 and Ys Origin

02 Oct 2008 Research: Gslist 0.8.6c
now enctypeX is default (so there are no longer problems with big endian processors) and has been added the -R option which shows all the rooms of a game available on the Gamespy Peerchat server (thanx to CHC)

02 Oct 2008 MyToolz: UIF2ISO 0.1.6a
substituited OpenSSL with another DES function which makes the executable a lot smaller and modified the headers of some source files (so NO changes to the core) with the suggestions of Jari Aalto of Debian

02 Oct 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2.1
added support for Unreal 1 and the -X option

30 Sep 2008 Research: Gslist 0.8.6b
new gsmsalg and mydownlib

30 Sep 2008 Research: GSMSALG 0.3.3
the src parameter is no longer writable, if dst is NULL a new one will be allocated/returned and fixed a rare problem with the pseudo-base64 of the data

30 Sep 2008 MyToolz: Mydown and mydownlib 0.2.4
added the closing of the file after its downloading to avoid possible data lost

24 Sep 2008 Research: Gslist 0.8.6a
updated the enctypeX and gsnatneg components, micro fix in -m/M and now is possible to query also a single server (-i/I/d) using gsnatneg (-G)

24 Sep 2008 Research: GS enctypeX servers list decoder 0.1a
a micro fix in the port displayed in enctypex_decoder_convert_to_ipport

21 Sep 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.4b
now the -n option gets the q3fill.ini file in the same folder of the executable

21 Sep 2008 Research: GS natneg client 0.1.2
: solved a couple of errors

21 Sep 2008 Advisories: Directory traversal in the webadmin of Unreal Tournament 3 1.3

19 Sep 2008 Research: NCF/CCF packet format to tcpdump capture format 0.1.2
better support of the NCF format

19 Sep 2008 Research: Gslist 0.8.6
added full support to the protocol and algorithm used by ANY game to query the GS master server (use -t -1 to enable it), an option to receive the informations of each server directly from the master server (-X) and now the query of the servers through GS natneg must be enabled with the -G option

19 Sep 2008 Research: GS enctypeX servers list decoder 0.1
the algorightm used by ANY game for decrypting the data from the GS master server

16 Sep 2008 Research: GS peerchat server emulator 0.1.2
removed the need of receiving NOTICE from the server

16 Sep 2008 Research: Ventrilo RCon tool 0.2.2a

16 Sep 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8c

16 Sep 2008 Patches: Failed assertion in the Unreal engine work-arounds 0.1

16 Sep 2008 Advisories: Failed assertion in the Unreal engine

16 Sep 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.2
various enchancements and fixes

15 Sep 2008 Research: Unreal engine packets plugin for sudppipe 0.2.2
verbose option and other optimizations

14 Sep 2008 Patches: "VoiceIndex<VOICE_MAX_CHATTERS" / NULL pointer fix for UT2004 and America's Army 0.1a
marked as experimental and removed the Linux work-around

14 Sep 2008 Patches: Server termination (out of memory) in Unreal engine 3 fix 0.1a

14 Sep 2008 Patches: Server termination (out of memory) in Unreal engine 3 fix 0.1

14 Sep 2008 Patches: "VoiceIndex<VOICE_MAX_CHATTERS" / NULL pointer fix for UT2004 and America's Army 0.1

11 Sep 2008 Advisories: Server termination in the Unreal engine 3

11 Sep 2008 Advisories: Clients format strings in the Unreal engine

11 Sep 2008 TestingToolz: Unreal engine test server 0.1
basic way for emulating an Unreal server and testing the sending of commands to a connected client

11 Sep 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.3b
micro optimization of unreal_build_pck

11 Sep 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.4a
solved a bug introduced in the new release

10 Sep 2008 MyToolz: DAA2ISO 0.1.6
better support for the new 110 file format (thanx to Izack Varsanno)

09 Sep 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.4
solved a stupid bug in -g

09 Sep 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.3a

08 Sep 2008 Research: Unreal engine packets plugin for sudppipe 0.2.1
added the -f option for parsing a packet saved in a file

07 Sep 2008 Research: Unreal engine packets plugin for sudppipe 0.2
same fix of unrealfp plus an option for substituiting strings in the type 1 packets

07 Sep 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.3
corrected the parsing and building of the packets (amount of bits and last byte)

07 Sep 2008 MyToolz: Read/Write bits to buffer 0.1.2
micro fix for the zeroing of the bits which will be written

06 Sep 2008 MyToolz: QuickRVA 0.2.1
compatibility for executables with invalid sections

05 Sep 2008 Research: Unreal engine packets plugin for sudppipe 0.1a

05 Sep 2008 Research: Unreal engine packets plugin for sudppipe 0.1
plugin for sudppipe which displays all the content of the type 1 packets of the games based on the Unreal engine

03 Sep 2008 Patches: Need for Speed 4: High Stakes 4.50 No-CD and Windows XP fix 0.2

03 Sep 2008 Research: Ventrilo proxy data decrypter 0.3.1
added the -a option for dumping any decrypted UDP and TCP data in tcpdump/pcap format

01 Sep 2008 Research: GS peerchat IRC proxy 0.3.2b
added the fflushing of the log file

01 Sep 2008 MyToolz: QuickRVA 0.2
added support for ELF files and some bug fixes

01 Sep 2008 MyToolz: webimgms 0.1.2
some bug fixes and small optimizations

01 Sep 2008 MyToolz: ZipComp 0.4.1a
decimal visualization of the filesize

29 Aug 2008 Patches: Need for Speed 3: Hot pursuit No-CD and Windows XP fix 0.2
solves also the "Your hard drive has less than 1MB free space" bug and the lost config.dat after the modifying of the executable

22 Aug 2008 Research: Race WTCC files encrypter/decrypter 0.2.2
added support to version 5 used in GTR Evolution

21 Aug 2008 MyToolz: UIF2ISO 0.1.6
added support for the useless UIF versions 3 and 4

13 Aug 2008 Patches: Ventrilo <= 3.0.2 NULL pointer fix 0.1 (any version and platform)

13 Aug 2008 Advisories: NULL pointer in Ventrilo 3.0.2

11 Aug 2008 Advisories: NULL pointer in Skulltag 0.97d2-RC3

11 Aug 2008 Fake_players_bug: Skulltag Fake Players DoS 0.1.2

10 Aug 2008 Research: WorldShift XE files extractor 0.1.1

09 Aug 2008 Research: Ventrilo proxy data decrypter 0.3
optimizations and full support to the 3.x protocol

06 Aug 2008 Advisories: Endless loop and resources consumption in Halo 1.07.615

06 Aug 2008 Fake_players_bug: Halo Fake Players DoS 0.2.1b
handling of timeout

06 Aug 2008 Research: Battlefield 2/2142 cdkey to PunkBuster GUID 0.1.1
added the handling of input MD5 hashes too

06 Aug 2008 Password_recovery: Generic CryptUnprotectData and RDP passwords decrypter 0.1.1
a mini bugfix and automatic support for Battlefield 2/2142 encrypted cdkeys (ergc x9392)

05 Aug 2008 Research: Battlefield 2/2142 cdkey to PunkBuster GUID 0.1
quick tool for calculating the PB GUID from any cdkey of these two games

04 Aug 2008 MyToolz: Lanfile 0.1.2
memory optimizations

04 Aug 2008 MyToolz: DAA2ISO 0.1.5a
some mini fixes (thanx to Josh Freeman)

03 Aug 2008 TestingToolz: Quake 3 engine "connect" modifier 0.1
plugin for sudppipe which allows a simple customization of the "connect" packet for the games which use the Quake 3 engine

03 Aug 2008 Proof-of-concepts: q3unban plugin for sudppipe 0.1.2
rewritten

02 Aug 2008 Advisories: Server termination in America's Army 2.8.3.1

02 Aug 2008 Proof-of-concepts: Unreal Tournament 2004 <= v3369 NULL pointer 0.1.1
now requires only one packet instead of two, I have updated also the relative advisory since other games are affected like Red Orchestra and Shadow Ops

30 Jul 2008 Advisories: Memory corruption and NULL pointer in Unreal Tournament III 1.2

30 Jul 2008 Advisories: NULL pointer in Unreal Tournament 2004 v3369

29 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.2a
fixed the function which queries the server

28 Jul 2008 Proof-of-concepts: q3unban plugin for sudppipe 0.1.1
added support for old games

28 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.2

28 Jul 2008 Proof-of-concepts: Denial of Service in Warpath and Pariah through DISABLESPLIT

26 Jul 2008 TestingToolz: UDPSZ 0.2.2c
fixed -P 0

26 Jul 2008 MyToolz: Proxymini 0.2c
added the -L option for choosing the outgoing interface

26 Jul 2008 MyToolz: DAA2ISO 0.1.5
added initial support for the DAA file version 110

26 Jul 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8b
added an option for a delay between each connection

22 Jul 2008 MyToolz: UIF2ISO 0.1.5a
added support for another rare type of image with uncompressed headers

21 Jul 2008 TestingToolz: UDPSZ 0.2.2b
micro fix when pck_size is negative but has been selected custom content (-f/-c/-C)

21 Jul 2008 Advisories: NULL pointer in ZDaemon 1.08.07

21 Jul 2008 MyToolz: UIF2ISO 0.1.5
added support for the fixed keys encryption found in some new UIF files

20 Jul 2008 Advisories: Vulnerabilities in SWAT 4 1.1

20 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1.1
added compatibility for more games

20 Jul 2008 TestingToolz: UDPSZ 0.2.2a
fixed and optimized the udpspoof function (thanx to SomaFM)

18 Jul 2008 TestingToolz: UDPSZ 0.2.2
added an option for spoofing the source address of the packets

17 Jul 2008 Fake_players_bug: Unreal engine basic client and Fake Players DoS 0.1
a basic client for sending custom commands to any server of almost any game based on the Unreal engine

17 Jul 2008 Proof-of-concepts: Format string bug in the old versions of the Unreal engine

17 Jul 2008 Proof-of-concepts: Hell bell bug in the Unreal engine through the BADBOY command

17 Jul 2008 Proof-of-concepts: Two server bugs in old versions of the Unreal engine

17 Jul 2008 TestingToolz: UDPSZ 0.2.1
small fixes

13 Jul 2008 Research: ShellShock Nam67 files extractor 0.1
extractor for the assets files of this game

11 Jul 2008 Research: Gslist 0.8.5
now the webgui and -Q scanning is slower since I have implemented the reping of the servers and the usage of the Gamespy NAT negotiation for the queries 0, 8 and 11. removed some filtered chars in the -Q scanning

10 Jul 2008 Fake_players_bug: Half-Life fake players bug (no auth) 0.3.2
added the -x option which allows the automatic testing of all the bugs

09 Jul 2008 MyToolz: Lame Patcher 0.4.2
some small enhancements

07 Jul 2008 Research: Milestone MIX files extractor 0.1
extractor for the MIX archives used in the Milestone games like S.C.A.R., Superbike 2000 and 2001, Evolution GT and more

07 Jul 2008 Research: CBF files extractor 0.2.1
important bug fix below and full wildcards in -p

07 Jul 2008 MyToolz: unlzw 0.1.2
important bugfix in the part of the code which copies the dictionary data in the output (using memcpy was a bad idea)

07 Jul 2008 MyToolz: unlzwx 0.1
another implementation of LZW memory decompressor

06 Jul 2008 News: it's summer and it's time to update your bookmarks! new website and mirrors available:
aluigi.org, backup.aluigi.org and mirror.aluigi.org

01 Jul 2008 Advisories: Endless loop in Soldner 33724

30 Jun 2008 Proof-of-concepts: haloloop and haloloop2 0.1.1a
added support to Halo demo

30 Jun 2008 Fake_players_bug: Halo Fake Players DoS 0.2.1a
added support to Halo demo

29 Jun 2008 Proof-of-concepts: Halo <= 1.07 endless loop 0.1.1
added support for Halo CE

29 Jun 2008 Fake_players_bug: Halo Fake Players DoS 0.2.1
added support for Halo CE

29 Jun 2008 Proof-of-concepts: Halo <= 1.06 endless loop 0.1.1
rewritten with support for Halo CE (this is the old haloloop)

29 Jun 2008 Advisories: Endless loop in Halo 1.07

28 Jun 2008 Advisories: Double Denial of Service in Call of Duty 4 1.7
updated the cod4vamap advisory, version 1.7 is vulnerable too

28 Jun 2008 Advisories: Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006
updated the names of the vulnerable functions in both the advisory and the PoC

28 Jun 2008 Advisories: Multiple vulnerabilities in S.T.A.L.K.E.R. 1.0006

28 Jun 2008 Fake_players_bug: S.T.A.L.K.E.R. Fake Players DoS 0.1a
added the querying of the server for informations (totally useless)

27 Jun 2008 TestingToolz: UDPSZ 0.2
added tons of new options and features

27 Jun 2008 Fake_players_bug: Quake 3 engine fake players DoS 0.4.3a
fixed a bug with -g and more compatibility

27 Jun 2008 Patches: Call of Duty 4 (1.6) work-around for the va() bug 0.1 (Windows)

23 Jun 2008 Advisories: Some bugs in SunAge 1.08.1

22 Jun 2008 Advisories: Double Denial of Service in Call of Duty 4 1.6

22 Jun 2008 Advisories: NULL pointer in World in Conflict 1.008

21 Jun 2008 Research: GS natneg client 0.1.1
now it's faster and more compatible, in all my tests worked perfectly without timeouts or other errors

20 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.3a
solved a small bug with the handling of wildcards

20 Jun 2008 Research: WorldShift XE files extractor 0.1a
solved a small bug with the handling of wildcards

20 Jun 2008 MyToolz: CmdDiz 0.1.2a
solved a small bug with the handling of wildcards

19 Jun 2008 Research: GS natneg client 0.1
function for the initial implementation of the client-side Gamespy natneg protocol for joining servers behind router/NAT

18 Jun 2008 Fake_players_bug: Halo Fake Players DoS 0.2
totally rewritten, now works also versus internet servers

18 Jun 2008 Fake_players_bug: Sniper Elite Fake Players DoS 0.1

18 Jun 2008 Fake_players_bug: Sword of the Stars Fake Players DoS 0.1

18 Jun 2008 Research: Gslist 0.8.4e
fixed a bug in the usage of -Q

17 Jun 2008 Research: Gslist 0.8.4d
applied the colors filters also to the SQL function and added the -C option which allows to enable or disable this filter

16 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8a
now retries the connection for 3 times if this times out

16 Jun 2008 Advisories: Server freezed in Skulltag 0.97d2-RC2

16 Jun 2008 Advisories: NULL pointer in the HTTP rcon server in Crysis 1.21

15 Jun 2008 Advisories: Denial of Service in S.T.A.L.K.E.R. 1.0006

15 Jun 2008 Advisories: Informations disclosure in Crysis 1.21

15 Jun 2008 Fake_players_bug: S.T.A.L.K.E.R. Fake Players DoS 0.1

15 Jun 2008 Fake_players_bug: Crysis invisible Fake Players DoS 0.1

13 Jun 2008 Fake_players_bug: Zdaemon Fake Players DoS 0.1.3
nothing new, I have only limited the fake players to 2 in 26 seconds to avoid the banning

13 Jun 2008 Fake_players_bug: Skulltag Fake Players DoS 0.1.1
added support to the latest 0.97d/d2 versions

12 Jun 2008 Fake_players_bug: Battlefield 1942 invisible Fake Players DoS 0.1.3
added support for demos

09 Jun 2008 Research: WorldShift XE files extractor 0.1
interesting extractor for the compressed XE archives used in the WorldShift game

08 Jun 2008 Research: Ventrilo RCon tool 0.2.2
added full support to 3.x servers

08 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.8
many compatibility fixes and improvements for both the new 3.x and the older servers

07 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.7a
some important fixes in the handling of the in-game packets and restored the admin brute forcing on 3.x but with a warning

07 Jun 2008 Password_recovery: Steam password decoder 0.2.1
added support for Vista, thanx again to the same anonymous who contribuited to version 0.2!

06 Jun 2008 Research: Gslist 0.8.4c
solved a bug in the backup SQL query and removed the underscore filtering (thanx to ouioui), added the -E option for ignoring some SQL errors and -D for choicing a custom amount of milliseconds between each query (-Q/webgui)

06 Jun 2008 Fake_players_bug: Ventrilo Fake Players DoS and brute forcer 0.2.7
added the support to in-game packets and so to all the derived options for 3.x servers and added also the -j option for testing the brute forcing of the join/server password

05 Jun 2008 MyToolz: MORSE2ASCII 0.1a
microfix for wrong samples number and better handling of spaces in text visualization

05 Jun 2008 MyToolz: DTMF2NUM 0.1c
microfix for wrong samples number and better handling of spaces in text visualization

05 Jun 2008 MyToolz: CmdDiz 0.1.2
now each dictionary is loaded in memory when the program uses it, added complete wildcard support and the word is search on both the keywords list

05 Jun 2008 MyToolz: hosts file/list DNS checker 0.1
tool which checks if the hostnames listed in a file or contained in a hosts file can be resolved or not

04 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.3

04 Jun 2008 Research: Falcom YS games XSO files extractor and rebuilder 0.1.1

04 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.2
fixed a bug with the upper case chars of japanese filenames and added a debug option for encrypting the decrypted NI files

03 Jun 2008 Research: Falcom YS games XSO files extractor and rebuilder 0.1
tool for extracting and rebuilding the XSO files used in the YS game series of Falcom, these are the files which contain all the dialogs and the texts of the games

03 Jun 2008 Patches: XPDF pdftotext/pdftops/pdfimages allow copying of text (Win32) 0.1
this patch allows to use the Windows version of XPDF's pdftotext, pdftops and pdfimages on DRM protected PDF files without modifying and recompiling the program

03 Jun 2008 Research: Falcom YS games NA/NI/Z files extractor and rebuilder 0.1.1
added support to the zeroed compressed files like S_9021__W.YCO.Z of YS6, added an option for extracting/listing only the files with a specific extension and moved a size check to the correct location

02 Jun 2008 MyToolz: webimgms 0.1.1
some bug fixes, the disable resize option is now default and the mouse visualization is disabled in fullscreen mode

01 Jun 2008 MyMusic: Idea


NOTE: I update VERY frequently all the material you find here for example adding more info, changing the style of the documents, rewriting and adding code and more other things. So stay tuned if you are interested in my works and my research!
Contact me if you have any idea, question, comment, exception, project or any other thing.