Highest Voted Questions - Reverse Engineering Stack Exchange

6

votes

1 answer

Storing barcodes as ASCII

I am currently looking at a TIFF file generated by a microscope vendor. They store an XML within the TIFF (ImageDescription tag). Within this XML I can find a element. But instead of storing the actual barcode (PDF417, DataMatrix) value,…

encodings

asked Oct 24 '13 at 08:25

tibar

375
4
18

6

votes

1 answer

Understanding hardware extracted keys

I'm a crypto newbie, but have been working on card-access systems that encrypt the card data with 128-bit RSA. I have an example (from a card) of 1024 bits of encrypted data. I also have the public key (1024 bits), which is (rather curiously) placed…

cryptography

asked Oct 20 '13 at 16:24

swx

6

votes

2 answers

Install Ghidra plugin without GUI

I have a plugin that I want to install for Ghidra. The current way to install the plugin is to go to the file->Install Extension in the project window, and add my plugin there. However, in my scenario, I don't have an access to the GUI and I want to…

asked Aug 17 '21 at 15:11

macro_controller

1,858
10
28

6

votes

1 answer

Reverse engineering compressed byte array

We are trying to extract sonar data from a proprietary sonar log file format, which we have working well in most cases. The data is stored in binary, with a variable length header containing information such as depth, geographic location etc, and a…

file-format

asked Sep 27 '13 at 14:01

Matt

161
3

6

votes

0 answers

Why does Hex-rays thinks that 32bit PE is 16bit?

I'm using IDA 6.1 32-bit version. I'm pretty new to IDA and Hex-rays decompiling. My goal is to generate some C source from a 32-bit PE executable. I know this file is 32-bit PE executable. I've looked at the header struct in a hex editor and…

asked Sep 26 '13 at 16:06

crush

233
2
9

6

votes

1 answer

Dalvik Byte code instrumentation framwork for dynamic data dependency analysis

I am looking forward to having your input regarding the availability of any tool that can do instrumentation in byte code level run-time, so that data dependency analysis can be carried out? Such tool exists for x86 binaries, such as Pin. Also i…

asked Sep 19 '13 at 09:15

P basak

161
1

6

votes

1 answer

Program won't crash on heap overflow

I'm trying to learn about heap overflows for this exploitation challenge I have to solve. In short, the program allocates 3 consecutive buffers on the heap, and I have access to write whatever I want to all of them. Even though I write over the…

buffer-overflow

asked Sep 17 '13 at 19:02

user2835

61
1

6

votes

1 answer

HackRF One - Replay Attack on Garage Door does not work (12 DIP switches)

TL;DR solution Setting 4MHz sample rate and 2Mhz bandwidth in the capture tab (according to the Nyquist theorem the sample rate has to be double the bandwidth) Using the length of a DIP switch position in samples as the samples/symbol…

asked May 27 '21 at 16:17

John St

63
6

6

votes

1 answer

AndroGuard equivalent for iOS

I am doing a research project where I want to look at apps that create or extends certain classes. For Android I am using the Androguard project which provide a large set of great tools for inspecting APK files and also comes with an API which I can…

asked Sep 07 '13 at 20:34

Christoffer Reijer

185
5

6

votes

1 answer

How to find event functions called by UI components in a C++/DirectX program

I have a program written in C++ with DirectX (as far as I know). The user interface has menus with buttons and other UI components. To automate a process I would like to find the function called by an event (eg. click on a specific button). How can…

c++

asked Sep 07 '13 at 05:01

samuirai

3,079
4
23
37

6

votes

2 answers

A PE packer: issues with the packed image base address

I am toying with writing a basic PE packer, whose job is simply to execute the attached target PE in memory. I have spent a couple of days getting intimate with the format, and I think that I have grasped it well enough for the purpose. These are…

asked Aug 29 '13 at 00:05

hauzer

63
4

6

votes

1 answer

Debugging Shellcode with Bochs and IDA Pro

I am using the Local Bochs Debugger along with IDA Pro to debug a shellcode. This shellcode disassembles properly in IDA Pro, however, now I want to debug it. I tried debugging but since the configuration of Bochs is bare metal, it will not be able…

ida

asked Aug 24 '13 at 20:46

Neon Flash

765
1
14
29

6

votes

1 answer

WinDBG Hung on Shellcode Execution

I've been trying to debug a piece of simple shellcode with Windbg. To go over the steps I took, I allocated a buffer for the shellcode with .foreach /pS 5 ( register { .dvalloc 400 } ) { r @$t0 = register } and saved the address in the pseudo…

asked Jan 14 '21 at 08:20

rustam Shirinov

395
1
3
16

6

votes

1 answer

Huawei HG8245H, can't read some system files

I have modem Echolife HG8245H (V3R016C10S150). I'm using telnet to connect it. I need to read some files from this modem. There's a shell mode I can enter, but it is nerfed badly: SU_WAP>shell BusyBox v1.18.4 (2016-10-11 19:35:35 CST) built-in…

asked Dec 30 '20 at 10:11

HE9CbITb

101
1
10

6

votes

1 answer

Debugging ARM binary with IDA Pro and Qemu

I am debugging an ARM binary using IDA Pro by connecting to QEMU (remote gdb debugging). In gdb configuration, I am selecting ARM_versatilepb as the device. Now, I am able to successfully debug the ARM binary. However, I am unable to execute the…

ida

asked Aug 18 '13 at 04:55

Neon Flash

765
1
14
29

Most Popular