Highest Voted Questions - Reverse Engineering Stack Exchange

6

votes

1 answer

The buffer is too short to insert addresses when exploiting buffer overflow

Newbie here. Sorry for what you about to read . I'm currently working on exploiting a binary on Ubuntu 18.04. Here is some information about the binary: Its checksec information using pwntools: Arch: i386-32-little RELRO: Full RELRO …

asked Jan 14 '20 at 10:36

Thành Vũ

63
3

6

votes

1 answer

Is there any way to display the standard input and output of a program to Cutter's console while debugging?

So it's easy to transfer the standard input and output in radare2 to a new terminal using rarun2, here's how: Debugging with radare2 using two terminals i was wondering if i can use rarun2 with Cutter or even display the program's output in the…

asked Nov 20 '19 at 23:26

Alya Gomaa

63
1
5

6

votes

4 answers

How to convert finished PCB to schematics effectively?

I have a PCB board that is a little involved to figure out its working. I spent a good day mapping trace by trace, node by node but still some node connections wouldn't make sense. I know designers use software to reroute PCB traces, making them…

asked Jun 10 '13 at 18:08

user1502776

169
1
1
2

6

votes

2 answers

How do I figure out the which CPU the Sony DPF C-1000 has?

Recently I received a Digital Photo Frame (Sony C-1000) and since I'll never use it as it is, I thought of playing with it and reprogram it. Anything like managing to print out to screen "Hello world" would be a win. I'm trying to understand which…

hardware

asked Jun 11 '13 at 19:31

CuriousMind

61
3

6

votes

1 answer

How does IPA decryption works?

All IPAs being downloaded from AppStore gets encrypted on servers as part of FairPlay DRM. But decryption is accomplished on local device. As far as I know there is some hardware module which contains all the decryption logic. Is there any info how…

asked Aug 12 '19 at 10:39

AseN

161
4

6

votes

1 answer

How to let IDA reload a structure from a C file?

I manage my structures in C files, the header might look like this: #pragma pack(0) typedef struct { short important_value; char _A[2]; // unknown int interesting_value; } STRUCT; I loaded this into IDA via Ctrl+F9. Now I find out…

ida

asked Jun 03 '13 at 08:36

heinrich5991

627
11
21

6

votes

1 answer

Any reason why Ghidra is screwing with this byte in this dissassembly?

I am poking around some PS2 ELFs and I found this weird issue where Ghidra seems to be doubling the value of this byte for some reason. Here's what Ghidra shows: undefined Money_get() undefined …

asked Jul 17 '19 at 03:13

AlphaXeno1

63
6

6

votes

1 answer

What could this sequence of assembly instructions possibly mean?

I have recently came across the following sequence of assembly instructions. call ds:WSAStartup push ecx push edi mov ecx, 69E65AC4h mov edi, 2776452Ah pop edi pop ecx jmp short loc_ABCD Please help me make sense of…

asked Jun 02 '13 at 03:08

PSS

3,088
1
21
35

6

votes

1 answer

ghidra: how to run a python 3 script with headless analyzer

I read the documentation of headleass analyzer. It is used to perform analysis on existing binaries. I know that -postscript flag allows to enter the analysis script. I have a java script which works fine. But, I want to use python 3 for the…

ghidra

asked Jul 08 '19 at 14:13

R4444

1,807
10
30

6

votes

1 answer

Why have two symbols tables?

Why have two symbol tables if .symtab already contains everything that's in .dynsym ?

asked Jul 05 '19 at 20:07

Itra

85
1
5

6

votes

2 answers

Find level data in binaries?

I am trying to recreate an old game just for the sake of nostalgia and learning something new alongside (I can program in various languages and know a bit of assembly language, but I'm new to reverse engineering). The game is called Banania and…

binary-analysis

asked Jun 01 '13 at 13:33

Kenji

163
4

6

votes

3 answers

Reverse Engineering (very) old DOS calculation program

I have recently joined a company that is specialized in air ducts & ventilation systems and I was quite surprised when I noticed that they are still using a DOS program to calculate the pressure loss of a specific duct system. You see, when air…

dos

asked Jun 22 '19 at 16:41

user28805

61
1
2

6

votes

2 answers

Meaning of Flags in ELF Section header?

Given this classic helloworld.c example, #include int main() { printf("Hello world!\n"); } In below sections output, the value for Flags presents a couple of different values, e.g. A, AI, AX, WA, etc. From man elf, I understand A…

elf

asked Jun 11 '19 at 10:39

Jiaming

95
1
6

6

votes

2 answers

IDA is not recognizing cross references

In the IDA view I see (glb_SomeVar is a byte array): cmp al, glb_SomeVar+22h But when I hit x to find the cross references of glb_SomeVar, I only find two other matches in the same function: cmp al, glb_SomeVar+0Ah cmp al, glb_SomeVar+0Bh Is there…

ida

asked May 28 '13 at 19:21

heinrich5991

627
11
21

6

votes

1 answer

Can Ghidra show a function footer in the Listing window

In both IDA and Ghidra have a very nice beginning of function marker text Ghidra: ************************************************************** * FUNCTION *…

ghidra

asked Apr 21 '19 at 03:58

Simeon Pilgrim

942
6
15

Most Popular