Tag Archives: CFF Explorer

Preparing a bugfix version of CFF Explorer

Posted on October 25, 2012 by Daniel Pistelli

It has been many years since the last update of what had started as a hobby side-project when I was 19. I’m sorry that I haven’t updated the CFF for such a long time, given that thousands of people use … Continue reading

Posted in News, Update | Tagged | 28 Comments

CFF Explorer 7.9 & Secunia

Posted on August 13, 2010 by Daniel Pistelli

Today I’ve received a Secunia report email about a buffer overflow vulnerability in the CFF Explorer. I was quite amused =). I mean, I usually get emails sent me by users about bugs in the CFF, never got an email … Continue reading

Posted in Update | Tagged | 6 Comments

CFF & Rebel.NET Update

Posted on April 1, 2010 by Daniel Pistelli

Fixed some bugs in both applications. In particular, made some part of the CFF Explorer more robust. The current CFF Explorer still contains the core I wrote when I was 19yo. The newer kernel, which I don’t know if I’ll … Continue reading

Posted in Update | Tagged , | Leave a comment

CFF Explorer update: scripting arguments

Posted on November 1, 2009 by Daniel Pistelli

Arguments can now be passed through command line just by making them follow the name of the script. E.g.: “CFF Explorer.exe” “C:\mydir\script.cff” arg1 arg2 “arg 3″ To access the arguments from the scripting part you can use the global variables … Continue reading

Posted in Update | Tagged | Leave a comment

Explorer Suite update

Posted on October 21, 2009 by Daniel Pistelli

CFF Explorer: Improved support for tiny PEs. Fixed a bug in the Exception Directory which was due to the grid set up. Task Explorer: Fixed a minor bug on x64. Added the Driver List tool.

Posted in Update | Tagged , | 7 Comments

CFF Explorer bug-fix

Posted on September 30, 2009 by Daniel Pistelli

Fixed a bug reported by icy. It was causing crashes in executables without sections when calculating their PE size.

Posted in Update | Tagged | 6 Comments

.NET MetaData Tables Reports

Posted on May 30, 2009 by Daniel Pistelli

I updated the scripting language of the old CFF Explorer which now provides a function to automatically create reports of .NET metadata tables. The function is called LogPrintStruct and is to be used along with the logging functions the scripting … Continue reading

Posted in News, Programming, Update | Tagged , , | Leave a comment

Data Execution Prevention (NX) flag

Posted on April 10, 2009 by Daniel Pistelli

As you probably know the DEP (Data Execution Prevention) was introduced in XPSP2 and it prevents code to be executed from data sections. Let’s consider this code snippet: unsigned char b = 0xC3; // ret int _tmain(int argc, _TCHAR* argv[]) … Continue reading

Posted in Update | Tagged , | Leave a comment

Kernel: 3rd edition

Posted on April 2, 2009 by Daniel Pistelli

I don’t want to show too much, this is just a small preview. Yes, it’s running on Ubuntu and it runs on OSX just as well. I don’t know if I’m going to ship a Linux and an OSX version … Continue reading

Posted in News | Tagged | 10 Comments

Multiple Updates

Posted on February 19, 2009 by Daniel Pistelli

A serious bug in the CFF Explorer, Rebel.NET and Phoenix Protector has been fixed. The bug affected the ExportedType .NET metadata table where the member TypeDefID was declared as a TypeDef index, while it’s a dword. The table is declared … Continue reading

Posted in Update | Tagged , , | 11 Comments