Highest Voted Questions - Reverse Engineering Stack Exchange

8

votes

1 answer

Zte Reverse engineering config.bin file problem

I just got a Zte ZXHN F660 GPON ONT Wireless router with my optic fiber internet provided by my telecom provider. My first discovery was that the eth Lan ports are bricked wich means I can only use one Lan at time and there's a telnet default user…

asked Aug 29 '16 at 10:39

SebastienDuval

83
1
4

8

votes

3 answers

Find out a Java class file's compiler version

I have a java class file. How do I find out the version of the compiler used to compile this file? I'm on Ubuntu Server 12.04.

asked Mar 27 '13 at 16:24

user187

8

votes

2 answers

reverse engineering a printer cartridge chip

Is this stack only about reverse-engineering software and firmware? What about hardware? We have a few semi-industrial ink-jet printers (like $2,000 each so, whatever tier that means to you). It has these special ink cartridges that have chips in…

hardware

asked Jun 03 '16 at 14:53

Daniel

181
1
3

8

votes

1 answer

How i can extract TP-LINK firmware from squashfs?

I have installed FMK and binwalk. FMK have an old binwalk that does not work. So, I ran a fresh binwalk (from git) as follow: $> binwalk -e wr741ndv4_ru_3_13_2_up_boot(140521).bin And in the directory…

asked May 29 '16 at 11:51

Andrew

181
1
1
2

8

votes

1 answer

IDA slow on ~70mb executable

I made IDA load an ~70MB executable, and it's been analyzing it for about 16 hours now (still not finished, although it's over half done). While there is progress, the progress is very, very slow. On the other hand, a 5MB file is analyzed within…

ida

asked Apr 19 '16 at 19:43

MiJyn

181
1
1
4

8

votes

1 answer

Legality of reverse engineering firmware

Not sure if this is the correct place to post this, but I am having some questions regarding the legality of reverse engineering firmware. Specifically, I was looking into the Nintendo 3DS firmware. The EULA clearly states: You may not publish,…

firmware

asked Apr 02 '16 at 14:58

SivaDotRender

255
2
9

8

votes

2 answers

How to retrieve native asm code from .NET mixed mode dll file?

This is seriously one question I couldn't find the answer to anywhere on Google.com When I mean mixed mode I mean .NET application which has unmanaged and managed code together. I used tools .NET Reflector 6 that crashes on native methods or shows…

asked Dec 24 '15 at 01:54

SSpoke

759
1
7
19

8

votes

3 answers

Examining memory in radare2

How can I examine a memory address in radare2 using registers? I would like to achive what this command does in gdb: x/s $ebp+0x4

radare2

asked Dec 18 '15 at 11:09

robert

887
2
12
28

8

votes

1 answer

Reverse engineer TPMS sensor data

I'm trying to reverse engineer data received from TPMS (car tire pressure) sensors. I was able to receive and demodulate the data (433 MHz, FSK, Manchester encoding). Probable packet fields: bytes 1-4: sensor id (4 distinct values detected) bytes…

asked Dec 15 '15 at 13:45

Marki555

253
1
7

8

votes

4 answers

Unpacking binary statically

Say I have a binary that I'm not able to execute (for example it runs on some device that I don't have one of), but I can disassemble it. I can get the docs on the architecture. (It's MIPS little endian in my case.) But the binary has very few…

asked Mar 21 '13 at 04:24

EfForEffort

638
7
12

8

votes

1 answer

Retrieving Objective-C Control Flow?

I am learning to disassemble and analyze objective-c binaries. One of my frustrations is that in Hopper, and IDA, it seems that the proper cross-references and control flow are not preserved. I believe this is because of Objective-C's message…

asked Oct 09 '15 at 18:56

MrSynAckSter

1,258
1
10
24

8

votes

4 answers

Can I set a basic block's parent in IDA?

I got a function whose control flow is kinda screwed... like this: As you can see, the basic blocks at the top left aren't connected to anything; however, if I check the text disasm, this is what I see: As you can see, IDA believes that the call…

ida

asked Aug 29 '15 at 14:17

rev

1,293
12
22

7

votes

1 answer

How can I decode this php code?

I found this backdoor on a client's website. http://pastebin.com/wVs8w44v (original format) http://pastebin.com/acfx49QJ (semi - readable) I have gotten rid of it and realise it's an obfuscated script but how can I deobfuscate it in order to get to…

asked Jun 15 '15 at 17:08

Vikas Thakur

173
6

7

votes

3 answers

Get used jQuery plugins from website

I want to know what jQuery plugins Facebook uses for their special scrollbar, like the two on the left, not the normal one on the right: (source) Generally, how should I go when I want to know what jQuery plugin [website X] uses for [behaviour Y]?

asked Mar 20 '13 at 18:51

user187

7

votes

2 answers

How to retrieve assembly from a raw memory dump?

I have a running memory dump saved as a raw binary file. This isn't a standalone executable - it's literally just a snapshot of running memory. I'm looking for a tool that will help me identify assembly instructions within this binary file. Does…

asked May 20 '15 at 23:21

Runcible

181
1
5

Most Popular