Highest Voted Questions - Reverse Engineering Stack Exchange

10

votes

2 answers

How did this 80286 detection code work?

I'm poking through a disassembled 16-bit DOS game circa 1992. The original system requirements state that the game needs an IBM AT-compatible machine or later, with the 286 processor, to run. And there's a stub around main() that checks for the…

asked Sep 19 '18 at 02:39

smitelli

258
1
7

10

votes

1 answer

How to write [sp+local_variable] in radare2

Hello I'm playing with my native android library, everything was going smoothly till now. I have problem with opcodes, i don't know how to tell radare2 to write str opcode with specifc registry, and point it to stack pointer and local variable.…

asked Jun 14 '18 at 14:46

TheKalin

268
1
10

10

votes

1 answer

What is the meaning of single letters in IDA's functions window?

IDA's functions window, the window that lists all functions identified by IDA, has several columns represented by a single letter/character each. See example in attached picture. The characters are: R, F, L, S, B, T and = What is the meaning of…

asked Jun 04 '18 at 20:34

NirIzr

11,765
1
37
87

10

votes

1 answer

Radare2- How to see stdout in Visual Mode

How can I display any standard write in visual mode. For example if I run dc command it runs the program normally and displays all the text normally. But if I enter visual mode with V< enter > and use S to run through the program it displays the…

radare2

asked Apr 20 '18 at 16:15

Corey

175
6

10

votes

2 answers

mathematical background behind exploit development and vulnerabilities

I would like more information about the mathematical foundations of vulnerability and exploit development.online sources or books in the right direction will be helpful.

vulnerability-analysis

asked Apr 11 '13 at 18:39

viv

784
1
4
17

10

votes

2 answers

Fixing the checksum of a modified Android ELF

I've hex-edited a string in an Android ELF binary. Now, it won't run, and gives the error message CANNOT LINK EXECUTABLE, presumably due to a bad checksum. Does anybody have a tool to fix the checksum?

asked Apr 10 '13 at 17:38

user1636717

181
2
8

10

votes

2 answers

Porting Linux executable from 32bit to 64bit

As you might imagine, source code is not available. The executable was written using C/C++ and compiled using gcc. This is what file has to say about the file ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared…

asked Apr 10 '13 at 07:50

Mellowcandle

4,795
6
34
47

10

votes

2 answers

ARM64 syscalls table

I wonder if there some syscall table for Linux ARM64 architecture? I found syscall table for Linux ARM32 and many other architectures, but the problem still exists. Does anyone know where can I find a syscall table exactly for ARM64?

asked Dec 05 '17 at 19:46

merrychap

103
1
1
8

10

votes

2 answers

What is "instruction camouflage" obfuscation?

I have an obfuscated binary which only print a simple Hello World! and exit like this: Hello World! But, when I am looking at the assembly with objdump, I cannot find any call to printf or write, nor find the string Hello World!. 0804840c

: …

obfuscation

asked Apr 09 '13 at 08:27

perror

19,083
29
87
150

10

votes

3 answers

Struggling between syscall or sysenter ( Windows )

As I understand, from windows XP, there is a sysenter instruction introduced, instead of int 2e interrupt. But on win 10 there is syscall instruction used in ntdll. So is the sysenter used only for x86 windows systems? And syscall only for x64 bit…

asked Sep 30 '17 at 13:03

PastaAlaCarbonara

101
1
3

10

votes

2 answers

Why does IDA add "db" statements between disassembled code

I'm trying to analyze a MS-DOS COM file that I wrote a few years ago with IDA Free 5.0, I've since renamed the segment to code_and_data and named constants and set data types correctly. However, when looking at the disassembly, I get db…

asked Aug 25 '17 at 12:13

Thomas Perl

203
2
6

10

votes

3 answers

Windows API reference for OllyDbg

There is an old help file containing Windows API I used few years ago with ollydebug, which can jump to the appropriate help page of function when double clicking on the function in the disassembly window. Is there a more recent reference like this…

asked Apr 05 '13 at 12:46

Mellowcandle

4,795
6
34
47

10

votes

0 answers

RE Tplink TD-W8960N V7

I am trying to reverse engineer a TDw8960 v7 TP-Link router. Currently the router has a bug, whereby setting the MTU via the GUI has no affect. It seems regardless of the value placed here despite showing a default value of 1480, all interfaces are…

asked Aug 02 '17 at 15:51

The Humble Rat

265
3
10

10

votes

4 answers

How to create an API for a web application without its source code?

There's a post here (http://narenonit.blogspot.in/2011/07/my-youmint-api-to-send-free-sms.html) in which the author has tried to inform pretty well, as far as I can guess. The exact problem I'm facing is how to study the HTTP connection. Would it be…

websites

asked Apr 04 '13 at 11:54

Mr Programmer

101
4

10

votes

1 answer

Reverse Engineering ZyXel C1100Z modem firmware

first time post so please bear with me. For days I have been trying to bypass a password my ISP has added to their remote CLI with no luck. I have a Zyxel C1100Z DSL modem that I've purchased from my ISP and I have been trying to breakdown their…

asked Jun 16 '17 at 15:29

Brandon Bryant

301
2
11

Most Popular