What is more interesting is that the same user has even more controversial content on his YouTube page (ranging all the way from 2011). The most interesting one being this:
This video linked to above is dated Feb 3, 2012 and the same person that we see on the GitHub page photo (Gregory Morse) is also seen speaking in this video! See the date in the screenshot below.
Other videos on Gregory’s Home page:
You can view the full playlist here:
Details about this terrorist were posted on tuts4you today by a journalist, but not surprisingly, Teddy Rogers, the admin of the tuts4you site, hurriedly got it deleted.
It is well known that Teddy Rogers receives funds from terrorists like Abdul Muid aka Gregory Morse for the upkeep of the tuts4you site. So it is not a huge wonder that he gets the posts detrimental to terrorism removed in a hurry from his website!
Yay, they wrote about myself too! Let me re-post here… 😀
Meanwhile, as covered already, TonyWeb, previously a well respected
reverser, continues to sell child porn on various online sites:
You have executable-can-move checked in DllCharacteristic and relocations are present, thus windows7+ loads the executable at a random address, imagebase is just the preferred address. But as you can see in the opcodes you are hardcoding your VA, which will then be invalid.
Better to choose a relative jump directly, which doesnt encode an absolute VA but rather the location relative to the current address. Use the following and avoid all issues with location of the executable:
000000013F44D000 E9 FB3FFEFF jmp 13F431000
If you are wondering how to get “FB3FFEFF”:
(0x000000013F44D000 – 114693) + 5 –> FB3FFEFF
where 0x000000013F44D000 is the current address, 114693 is the difference to the new location and 5 the size of the jump instruction itself.