Highest Voted Questions - Reverse Engineering Stack Exchange

5

votes

2 answers

Optimization of strcpy at the assembler level

I'm writing small C programs to teach myself how to use GDB to disassemble code. The C in question is: void function( char **pointer ) { *pointer = malloc(100); strcpy(*pointer,"This is text"); } The disassembly is: 0x400620: push …

disassembly

asked Sep 12 '15 at 03:25

David Lee Braun

53
5

5

votes

2 answers

IDA Pro failed to display the program in graph mode

i am a complete beginner with IDA and I have just tried to follow a tutorial on how to unpack UPX. In the tutorial IDA looks like this: When I try to get the graphical view like in the tutorial an error message appears: I cannot find the Names…

asked Sep 04 '15 at 06:41

L. Resnik

51
1
2

5

votes

2 answers

ARM - Is calling function from external static library possible?

Basically i'm debugging a closed source binary on Android and i want to execute some of my code in between which is large enough not to fit in codecave. So is it possible to compile library with my code separately & then calling it from target…

asked Sep 01 '15 at 03:23

user2578525

165
1
1
5

5

votes

1 answer

How to reverse a dll and call its functions?

I have got a custom.dll which is utilized in a larger application. The application executable imports this dll to use its functionality. But this functionality is not used through out the life cycle of the application but only when a specific event…

asked Aug 28 '15 at 20:17

FreeMind

639
3
9
17

5

votes

1 answer

Capturing OS/hardware communication / reverse engineering drivers

My main question is how the open source community reverse engineers windows drivers (for say, video cards) to re-write them under linux. Links to resources are fine, I don't expect a tutorial on driver development in an answer. But at least I need…

linux

asked Aug 15 '15 at 17:00

Fakhri Zulkifli

125
1
2
7

5

votes

3 answers

Any documentation available for r2 other than official book

I am interested in learning and using radare2 as a toolset for reverse engineering. But I want ANY other resource for learning this tools other than radare2 book, preferably a video series. What I am interested in is solving crackmes and executables…

asked Aug 14 '15 at 19:30

u185619

335
2
5
9

5

votes

1 answer

How to run automatically executable from CLI using lldb?

In gdb, I can run automatically the binary as (as per this post): gdb -ex run /bin/true What's the equivalent parameter for lldb? This works: echo run | lldb /bin/true but I'd like to back to debugger console instead.

asked Aug 08 '15 at 17:24

kenorb

485
1
8
23

4

votes

2 answers

How to stop debugger right after the execution?

I'm using /bin/true as my sample binary (without available main method): $ lldb /bin/true (lldb) target create "/bin/true" Current executable set to '/bin/true' (x86_64). (lldb) break main invalid command 'breakpoint main' Is there any universal…

asked Aug 08 '15 at 13:08

kenorb

485
1
8
23

4

votes

2 answers

Difficulty of reverse engineering based on target

I'm not asking about the difficulty of reverse engineering in general, but rather the difficulty of reverse engineering a particular hypothetical target. We'll assume that having the source code requires no reverse engineering and is thus the…

asked Aug 06 '15 at 02:26

E Lee

41
2

4

votes

3 answers

Reimplementing the x86 AESENC instruction in python

I'm having troubles implementing the AESENC x86 instruction in python. I'm reverse engineering the decryption of a indie video game. They use AES but they xor some generated data around and the key expansion is not standard, so I need to use custom…

asked Jul 22 '15 at 06:49

Nodja

43
4

4

votes

1 answer

Illegal Instruction on sample Buffer Overflow exploit

I have followed the example here. Here is my sample program, "oldskool.c": #include void go(char *data) { char name[64]; strcpy(name, data); } int main (int argc, char **argv) { go(argv[1]); } I have compiled this program…

asked Jul 06 '15 at 20:16

Adam Denoon

141
1
3

4

votes

1 answer

Which functions of a dll is called in OllyDBG

I`m beginner in OllyDBG. In the debugging of an exe file, I found which dll is used (kernel32, ntdl, user32, etc). I want to get a list of all functions of each dll that are called. How? Thanks a lot.

asked Jun 28 '15 at 04:50

Mohammad Reza Ramezani

151
1
2

4

votes

2 answers

How to extract the filesystem from a I240w-A firmware

I am trying to extract this ONT I240w-A firmware and binwalk reports some LZMA compressed data (dump below) but the fact the all of them read "uncompressed size: -1 bytes" makes me suspect they are false positives. Is this a correct assumption? …

asked Jun 25 '15 at 23:20

Maurice

143
9

4

votes

1 answer

Output of gdb `info registers`

Upon running info registers in gdb, we get an output similar to the following: rax 0x1c 28 rbx 0x0 0 rcx 0x400a60 4196960 rdx 0x7fffffffde88 140737488346760 rsi 0x1 1 rdi 0x400932…

asked Jun 25 '15 at 06:31

Rakholiya Jenish

143
1
4

4

votes

1 answer

IDA Pro: Platform-independent way to check if an instruction is a jump

I am looking for a way to tell if an instruction is a jump instruction. Of course, I would like to avoid checking all possible jump mnemonics for all possible CPU architectures. I thought one may check the belonging xref type. Yet, there are several…

asked Jun 22 '15 at 09:29

langlauf.io

1,560
1
19
36

Most Popular