Part 2 - [Correction] - Reverse Engineering & Binary Augmentation / Modification - Snipping Tool

Описание

This is an important correction to the video of my part 2, of reverse engineering the Microsoft Snipping Tool:
https://youtu.be/F1Sjo6UTwzo

Time Codes:
-----------------------------------
0:44 Explanation how I found a bug in my patch from part 2 using Windows Error Reporting with my WERSetup tool.
2:54 Analyzing crash dump with WinDbg
3:19 Found FAST_FAIL_GUARD_ICALL_CHECK_FAILURE exception
3:42 Quick info about the Control Flow Guard (CFG) on Windows
6:09 Reverting the binary patch (that I made in part 2)
8:15 Investigation what causes the crash in my patch
14:35 Correcting the bad patch
21:00 Coming up with the correct binary patch instructions
24:50 Applying corrected binary patch (with some initial struggles)
28:31 Checking resulting patch/fix with IDA's disassembler.
31:46 Final testing of the patched Snipping Tool for crashes. It passes!

References:
-----------------------------------
Control Flow Guard info:
https://learn.microsoft.com/en-us/windows/win32/secbp/control-flow-guard

"How to set up a virtual machine for your reverse engineering work on Windows."
https://dennisbabkin.com/blog/?i=AAA11A00

"What do you need to become a software reverse engineer?"
https://dennisbabkin.com/blog/?i=AAA11B00

You can download the binary files (patched and the original Snipping Tool) that were used in this video at:
https://mega.nz/file/6Xx3lQJY#ayH0AW11rh7ekclSDVcRzIE0nWZGEb0J-VllChFleBw

#reverseengineering #x64 #windows #lowlevel