Highest Voted Questions - Reverse Engineering Stack Exchange

9

votes

2 answers

How difficult is to decompile C++ file?

I am writing an Android app with AES encryption and I am going to save AES key as a string to a C++ file with extension .cpp. I am also going to create an iOS app which will use the same AES key. Is it possible to save the key in C++ file in iOS?…

asked Nov 07 '18 at 12:59

Daniel Foo

91
1
2

9

votes

1 answer

Annotating the Stack in GDB?

Is there a GUI (or even a script for the CLI) for GDB that will annotate views of the stack with saved registers, each of the frames, etc? It should be possible to gather this information on each call and add it to a view of the stack. Currently,…

asked May 02 '13 at 05:04

David

285
1
7

9

votes

1 answer

Emulating Routers and other Embedded Devices with QEMU

I'm thinking about reverse engineering a few router models and trying to get them running with QEMU. In particular I'm trying to get the web server running. The current issue I'm thinking might be a problem is if the router's firmware is trying to…

asked Nov 01 '18 at 14:39

kkx07805

115
2
5

9

votes

1 answer

Need help to reverse engineer a dog collar transmitter

I have a Petrainer PET998DRU shock collar (similar to this one) that got partially chewed up by the dog it is supposed to train. I salvaged it to the point where I have the following buttons: Mode (to select light, beep, vibrate, and zap Activate…

asked Oct 20 '18 at 12:40

dreed75

93
5

9

votes

1 answer

SCSI interface through USB

I'm trying to dump the storage of Xiaomi Home camera. It comes with USB port, that if inserted while RESET is pressed is recognized in Linux as a SCSI device. I tried mounting the SCSI disc with no success, any idea what's this interface for and how…

hardware

asked Oct 12 '18 at 06:07

Mellowcandle

4,795
6
34
47

9

votes

1 answer

How to get notified about IDA database events not covered in the IDA SDK?

In my previous question I had originally asked for this, but since this aspect of the question was completely disregarded, I feel compelled to ask it separately. There are certain events apparently not covered in the IDA SDK. I learned in the above…

asked Apr 29 '13 at 01:12

0xC0000022L

10,908
9
41
79

9

votes

0 answers

Firmware analysis, can't find file system

I'm TV repair tech and I've found that corrupted firmware is responsible for the failure of a large portion of the TV's I work on. I came up with the idea that if I could reverse engineer the firmware, I could probably write a script which could…

asked Sep 24 '18 at 23:42

Swappart

91
3

9

votes

5 answers

What are the techniques and tools to obfuscate Python programs?

This question is related to this other one. I just wonder what are the techniques applicable and which can be found in the real world to obfuscate Python program (similar questions can be found on stackoverflow here and here). mikeazo mentioned the…

asked Apr 27 '13 at 20:06

perror

19,083
29
87
150

9

votes

2 answers

What are the difference syscall and int 0x2E instructions?

From this question: How does the Windows Native API communicate with the kernel? Here is an example of ZwClose(HANDLE Handle); system call in NTDLL.DLL in Windows 10 X86_64: NtClose proc near mov r10, rcx mov eax, 0Fh test byte…

asked Sep 13 '18 at 15:20

Biswapriyo

1,569
1
16
34

9

votes

1 answer

How can I control the Hex-Rays decompiler plugin from IDA with scripts?

I want to use IDA with the Hex-Rays decompiler plugin as part of automated static analysis, possibly on a large number of files without opening each one and telling it to produce a C file individually. Ideally, I'd like to run IDA from the command…

asked Apr 25 '13 at 06:30

nopnopgoose

529
3
7

9

votes

2 answers

How to view string references?

I have attached debugger to process/application (exe), but when i go to string references, it shows ntdll.dll references, instead of program. how to get the references from program itself? is it protected?

x64dbg

asked Jun 11 '18 at 15:25

T.Todua

643
2
9
20

9

votes

4 answers

What's the easiest way to determine the OS contained in a firmware binary?

I have pulled the Firmware binary from a PPC and have it loaded into IDA. Now I'm trying to determine what operating system it contains but don't know where to start.

asked Apr 16 '13 at 15:30

gigawatt

401
4
11

9

votes

2 answers

Obfuscating Windows Executables

GCC allows you to write optimization plugins that can be used to obfuscate your compiled executable, but this wasn't ported to mingw. LLVM allows something similar but barfs when including Windows.h. Is there a compiler that will allow me to get…

asked Mar 23 '13 at 09:34

mrduclaw

4,066
8
27
40

9

votes

1 answer

Trace back which function called the message box in x64dbg?

I have an error message pop up on the screen every few seconds on a program. I would like to trace it back as to which function is calling the message box and why. I found the referenced string but how do I trace it back to who called the function?

x64dbg

asked Apr 02 '18 at 16:02

user5793353

93
1
1
4

9

votes

3 answers

How can I use DynamoRIO or something similar in Linux kernel space?

I've found some universities that are porting DynamoRIO (or something very similar) to Linux kernel space, but the code doesn't seem to be available. Is there a resource I am unaware of? Here's an example.

asked Apr 11 '13 at 18:05

RobotHumans

563
2
16

Most Popular