Highest Voted Questions - Reverse Engineering Stack Exchange

32

votes

1 answer

How to reattach tabs in IDA?

I feel dumb for needing to ask, but I've been annoyed by this several times in the past and have yet to come across the answer. Sometimes, when rearranging tabs in IDA Pro, I accidentally detach the tab from the main window, leaving it floating in…

ida

asked Dec 18 '16 at 21:53

Kevin

881
7
8

32

votes

1 answer

What kinds of steps can I take to make my C++ application harder to reverse engineer?

If I am building a C++ application and I want to make it more difficult to reverse engineer, what steps can I take to do this? Does the choice of compiler affect this? What about compiler flags, presumably a high optimization level would help, what…

asked Mar 21 '13 at 11:05

WilliamKF

927
2
11
12

32

votes

2 answers

What is the current state of the art for platform modeling?

When we're doing reverse engineering, we have a few levels of models. One of them is the instruction semantics model, which tells us what every native instruction does to modify instruction state. We're making progress there. However, another…

code-modeling

asked Mar 19 '13 at 19:05

Andrew

1,522
12
15

31

votes

4 answers

Cross debugging for ARM / MIPS ELF with QEMU/toolchain

as i'm new about cross-debugging and cross-compilation i need some help because i feel so confused. I have a MIPS elf file, [myelf][1] .You can see bellow the output of file myelf: myelf: ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV),…

asked May 06 '15 at 17:31

creuchmeuch

485
1
5
9

30

votes

5 answers

What is the linux equivalent to OllyDbg and Ida Pro?

What is the Linux equivalent to OllyDbg and IDA Pro ? Or if there are multiple tools that do the various functions that OllyDbg and IDA Pro do, where can I find these tools? I'd like to start reversing some elf files on Linux and I'm just looking…

asked Dec 30 '14 at 05:11

k170

443
1
5
11

30

votes

6 answers

Decompiling Android application

The Android java code is compiled into Dalvik byte code, which is quite readable. I wonder, is it possible in theory and in practice to write a decompilation software for Dalvik byte code?

asked Mar 20 '13 at 09:02

Mellowcandle

4,795
6
34
47

30

votes

4 answers

Can I statically link (not import) the Windows system DLLs?

I have compiled following C source code in VS2010 console project. #include int main(int argc, char* argv[]){ printf("hello world\n"); return 0; } then I used /MT option for release mode to statically link the C-runtime…

asked May 22 '13 at 08:29

daehee

603
1
6
7

30

votes

1 answer

What does mov qword ptr ds:[rax+18], r8 mean?

mov qword ptr ds:[rax+18], r8 In the above code, where are we copying the value of r8 register into? I know that ds means data segment which is a segment in memory, but what does exactly [rax+18] mean? More specifically, these are the parts I'm…

asked Aug 29 '15 at 18:14

FreeMind

639
3
9
17

29

votes

1 answer

What symbol tables stay after a strip In ELF format?

I am currently looking at the ELF format, and especially at stripped ELF executable program files. I know that, when stripped, the symbol table is removed, but some information are always needed to link against dynamic libraries. So, I guess that…

asked Jul 26 '13 at 17:24

perror

19,083
29
87
150

29

votes

3 answers

What is a "control-flow flattening" obfuscation technique?

I recently heard about the "control-flow flattening" obfuscation which seems to be is used to break the structure of the CFG of the binary program (see Symbolic Execution and CFG Flattening). Can somebody make an explanation of what is its basic…

obfuscation

asked Jun 10 '13 at 13:46

perror

19,083
29
87
150

28

votes

4 answers

Can I create an object file using gcc that cannot be reverse engineered?

Is it possible to create an object file using gcc that cannot be reverse engineered to its source code ?

asked Mar 20 '13 at 09:43

asheeshr

2,465
8
28
41

28

votes

1 answer

Reversing ELF 64-bit LSB executable, x86-64 ,gdb

I'm a newbie and just got into RE. I got a ELF 64-bit LSB executable, x86-64. I'm trying to reverse it. First I tried to set a break point on line 1 using gdb ./filename break 1 The gdb says No symbol table is loaded. Use the "file" command. OKie…

asked Mar 07 '14 at 06:55

nkg

433
1
6
7

27

votes

3 answers

Reversing an FPGA circuit

Let's assume I have a device with an FPGA on it, and I managed to extract the bitstream from its flash. How would I go about recovering its behavior? One simple case is if it implements a soft processor - in that case there should be firmware for…

asked Mar 20 '13 at 17:27

Igor Skochinsky

36,553
7
65
115

27

votes

8 answers

How are x86 CPU instructions encoded?

I'm writing a small utility library for hooking functions at run time. I need to find out the length of the first few instructions because I don't want to assume anything or require the developer to manually input the amount of bytes to relocate and…

asked Mar 19 '13 at 19:30

Henry Heikkinen

461
5
10

27

votes

2 answers

How to reverse engineer a proprietary data file format (e.g. Smartboard Notebook)?

How should I begin trying to reverse engineer this file format? The only thing I can think of is saving a simple file, and then dig in with a hex editor. But since the file format may be some kind of archive, that seems like the wrong approach. I've…

file-format

asked Mar 25 '13 at 21:45

Thorn

373
1
4
8

Most Popular