Highest Voted Questions - Reverse Engineering Stack Exchange

62

votes

8 answers

how can I diff two x86 binaries at assembly code level?

I'm looking for a tool like Beyond Compare, meld, kdiff, etc. which can be used to compare two disassembled binaries. I know that there's binary (hex) comparison, which shows difference by hex values, but I'm looking for something that shows…

asked Apr 21 '13 at 13:57

Mellowcandle

4,795
6
34
47

56

votes

7 answers

How to know in which language/technology program (.exe) is written?

How to understand if exe/dll is written in C++/.Net/Java or in any other language. I tried to use Dependency walker but not able to get required information.

asked Jan 05 '14 at 07:02

Pranit Kothari

927
1
10
13

52

votes

5 answers

Bypassing copy protection in microcontrollers using glitching

The ATmega microcontrollers generally have two lock bits, LB1 and LB2. One prevents further programming, and the other prevents the flash being read back. If both are set, the chip needs to be erased before it can be programmed again. This prevents…

asked Apr 10 '13 at 10:04

Cybergibbons

1,762
2
17
26

50

votes

12 answers

Where to find information about a file format?

Let's say I found 'some' file (might be an executable, might be data, or something else) and want to run or read it. I open this file in a text editor, but the format isn't readable. Examples include: Java class, Windows executable, SQLite database,…

file-format

asked Apr 04 '13 at 07:49

user187

48

votes

4 answers

Is reverse engineering and using parts of a closed source application legal?

Is it legal to reverse engineer certain features of a closed source application and then integrate those features into a closed or open source application that may be either a commercial or non-commercial application ? Brownie points for an answer…

law

asked Mar 20 '13 at 13:14

asheeshr

2,465
8
28
41

48

votes

8 answers

How do I add functionality to an existing binary executable?

I want to add some functionality to an existing binary file. The binary file was created using gcc. Do I need to decompile the binary first, even though I sufficiently understand the functioning of the program ? How should I go about adding the…

asked Mar 23 '13 at 13:55

asheeshr

2,465
8
28
41

45

votes

4 answers

convert this x86 ASM to C?

How could this 32-bit x86 assembly be written in C? loc_536FB0: mov cl, [eax] cmp cl, ' ' jb short loc_536FBC cmp cl, ',' jnz short loc_536FBF loc_536FBC: mov byte ptr [eax], ' ' loc_536FBF mov cl, [eax+1] inc eax test cl, cl jnz short…

asked May 25 '13 at 19:15

user1365830

563
1
5
7

43

votes

3 answers

Unpacking binaries in a generic way

I find that more and more often binaries are being packed with exe protectors such as upx, aspack etc. I tried to follow a few tutorials on how to unpack them but the examples are often quite easy while my targets are not. I am looking for good…

asked Mar 20 '13 at 15:25

Remko

3,228
3
22
30

42

votes

8 answers

Is there any way to decompile a .NET assembly or program?

Are there any tools available to take an already compiled .dll or .exe file that you know was compiled from C# or Visual Basic and obtain the original source code from it?

asked Mar 20 '13 at 16:18

APerson

917
2
9
25

42

votes

1 answer

Decompiling iPhone App

I've been searching this site and more, but I haven't had much luck. I want to decompile an app to see how part of it works, and I've tried multiple programs. I've tried Hopper, IDA, and some other program that ended up not doing anything at all.…

asked Apr 18 '14 at 10:11

user94584392

429
1
5
4

40

votes

5 answers

How do you reverse engineer an EXE "compiled" with PyInstaller

Having recently watched/read a presentation given by Dave Kennedy at DEF CON 20 [PDF], I'd like to know how to decompile a Python script compiled with PyInstaller. In his presentation, he is creating a basic reverse shell script in Python, and…

asked Mar 22 '13 at 14:01

Mick

7,562
3
26
40

39

votes

8 answers

What are the targets of professional reverse software engineering?

At the professional level, for what purpose is reverse software engineering used? What software is targeted and why? For reasonably complex compiled code that's doing something novel, making meaningful insights into how that code operates via…

disassembly

asked Oct 15 '14 at 04:47

Praxeolitic

535
5
9

38

votes

9 answers

How does one reverse engineer a SWF file?

What tools and techniques exist to either decompile or analyze the bytecode in a SWF file? What resources are available to the reverse engineer to learn more about SWF internals?

asked Mar 21 '13 at 22:09

user1354557

1,234
1
13
22

37

votes

5 answers

How can I analyse an executable with no read permission?

I have a binary on a Linux (Kernel 2.6) which I can execute, but can't read (chmod 0711). Therefore no static analysis is possible. user1: $ ls -l bin -r-s--x--- user2 user1 bin user1: $ file bin setuid executable, regular file, no read…

asked Mar 20 '13 at 21:22

samuirai

3,079
4
23
37

37

votes

3 answers

What is a FLIRT signature?

I've seen this referenced in a couple of other questions on this site. But what's a FLIRT signature in IDA Pro? And when would I create my own for use?

asked Mar 23 '13 at 08:48

mrduclaw

4,066
8
27
40

Most Popular