Highest Voted Questions - Reverse Engineering Stack Exchange

10

votes

2 answers

PE .rdata section contents

According to MSDN, the .rdata section of a PE should contain the debug directory and the description string. I've read elsewhere that it contains read-only program data. Dumping several files, I found that .rdata contains the IAT, load configuration…

asked Jan 02 '15 at 03:18

asdf

103
1
1
5

10

votes

4 answers

AirPlay Mirroring decryption (FairPlay)

I've been spending a good chunk of time looking at some 3rd party applications that were successful in "reproducing" (although I believe not necessarily by understanding the algorithm completely but simply extracting the core of the logic from the…

asked Nov 21 '14 at 18:40

Roberto Andrade

346
3
4
13

10

votes

2 answers

How to do static analysis to identify pointer from concrete value in assembly?

So basically I am writing some code to do analysis work on disassembled assembly code. I am trapped in this issue for a while, here is an simple example of a disassembled asm code by objdump, basically all the address symbols have been translated…

asked Jul 31 '14 at 01:28

lllllllllllll

2,485
2
32
50

10

votes

1 answer

Finding the actual Thumb code in firmware

I'm planning to buy my first mechanical keyboard, a KBT Poker II, and apart from the physical characteristics of it, another thing that caught my attention is that it sports reflashable firmware! Reversing and hacking on the firmware would be a fun…

asked Jul 27 '14 at 19:00

FireFly

203
1
5

10

votes

5 answers

Reverse engineering modern Intel CPUs

Are there open source projects that completely restore the inner circuitry of modern Intel CPUs? Is it simply possible, or are circuits closed and/or protected by proprietary technology?

asked Jul 16 '14 at 20:23

closedcircuit

111
1
1
3

10

votes

1 answer

Reverse Engineering program written in Python, compiled with "freeze"

I am attempting to reverse engineer an EXE compiled using the utility "Freeze" or "pfreeze" that ships with Python (not to get confused with "cx_freeze"). Inside the EXE there is an array of memory called PyImport_FrozenModules. When the program…

python

asked Jul 15 '14 at 05:22

ThatOneGuy

111
2
6

10

votes

3 answers

Usage of FHE in obfuscation?

FHE (Fully Homomorphic Encryption) is a cryptographic encryption schema in which it is possible to perform arithmetic operations on the ciphered text without deciphering it. Though there is no really efficient crypto-system with this property at…

asked Mar 20 '13 at 09:35

perror

19,083
29
87
150

10

votes

1 answer

Breaking in and debugging an unknown Arduino program

Okay, so I've got an Arduino which has a sketch flashed to it (that I do not have source code for) which I'd like to reverse-engineer, and I've successfully dumped the flash and disassembled part of it. I would like to be able to use a device like…

asked Apr 30 '14 at 21:47

dingo_kinznerhook

1,016
8
34

10

votes

1 answer

Information provided by Hex-Rays after @ symbol in variable declarations

Could you explain to me the information provided after the @ symbol in Hex-Rays decompilation ? For examples @1 and @5 in the following output: struct WSAData wsadata; // [sp+0h] [bp-1A0h]@1 int v6; // [sp+198h] [bp-8h]@5 int v7; // [sp+19Ch]…

asked Apr 22 '14 at 04:03

Minh-Triet Pham Tran

251
1
8

10

votes

4 answers

How can I get a running thread's start address on linux?

Problem Statement I'm trying to get the address of a running thread's start_routine as passed in the pthread_create() call. Research so far It is apparently not in /proc/[tid]/stat or /proc/[tid]/status. I found that start_routine is a member of…

asked Mar 27 '14 at 15:52

user2804197

211
2
6

10

votes

1 answer

Static analysis data combined with dynamic analysis knowledge

What I'm doing now is placing an awful lot of comments about function variable values, global variable values as comments in my IDA database, which I find ugly after a while and obviously not a best practice. I was wondering if it's possible to…

asked Jan 23 '14 at 10:56

Dominik Antal

2,038
22
39

10

votes

9 answers

Is it "theoretically" possible/impossible to reverse any binary?

I know that reverse engineering from binary to source code (e.g. C++) is generally considered hard or impossible but has any computer scientist actually proven "mathematically" that it's impossible or possible to reverse engineer (any) binary to…

asked Jan 09 '14 at 05:44

Mark

253
1
3
7

10

votes

1 answer

Run command on breakpoint without stopping

I'd like to automate the following in my .gdbinit: break boost::uuids::detail::sha1::process_bytes # When execution stops at the above breakpoint, # I want to display the contents of `rcx` as a string: x/s $rcx c # do not stop here How do I…

gdb

asked Jan 03 '14 at 04:45

Attila O.

203
2
7

10

votes

1 answer

McDonald's receipt codes

Receipts from McDonald's in the UK include a code that allows you to complete an online survey as shown in the attached image (in the green box): After gathering and comparing several receipts I have deduced that the codes use a base 25…

asked Aug 04 '23 at 14:38

user7290573

283
2
13

10

votes

3 answers

Reverse engineer Android native code

I am looking for an reverse engineering tool or a way to decompile the existing android native code to an human understandable format rather than Assembly language. Can anyone please suggest me as i need to unblock one of my priority task. Thanks…

asked Dec 16 '13 at 04:03

msk

109
1
1
3

Most Popular