Reverse Engineering Stack Exchange
Reverse Engineering Stack Exchange

Most Popular

more tags
1500 questions
6
votes
1 answer

Are Reverse Debuggers Impossible on OSX?

I have been impressed with the reverse debugging (that is stepping back in time through a program) capabilities in GDB and tools like QIRA, but I am a little confused as to why no such program exists for the OSX platform (GDS does not support…
MrSynAckSter
  • 1,258
  • 1
  • 10
  • 24
6
votes
1 answer

How does ECC work with nandwrite/nanddump in mtd-utils?

I am working on a device which has a NAND flash chip in TSOP48, a SK Hynix H27U1G8F2BTR (1Gbit/128Mbyte, 2048byte (+ 64byte spare) pages, 128K blocks). I have desoldered the chip and dumped the contents to a file. This file contains the OOB…
Cybergibbons
  • 1,762
  • 2
  • 17
  • 26
6
votes
3 answers

Hex-Rays: JUMPOUT statements inserted due to incorrect autodetected function boundaries

I'm trying to RE a Windows executable compiled with VS 2008. After the initial autoanalysis most functions are detected correctly; however, some have wrong end address — for some reason IDA places the end of the function earlier, leaving a chunk of…
Vladislav Ivanov
  • 619
  • 1
  • 4
  • 14
6
votes
1 answer

Reverse engineering of some checksum algorithm

I am trying to reverse some communication protocol between transmitter (controlled by PCF7952 chip) and receiver on 433 Mhz frequency I know how to prepare the "right" package which would be received and controller on the receiver's side 100% will…
Alexander Dimchenko
  • 61
  • 2
6
votes
2 answers

Saving labels and comments in Immunity Debugger

I am using Immunity Dbg v1.85 (the latest version to date). I spent about an hour analyzing a piece of malware, while making comments and relabeling functions from something like X.00402AC0 to something more useful like X.password_checker. After…
AK-33
  • 61
  • 1
6
votes
2 answers

How to generate CFG from assembly instructions?

I want to know is there any tools to use assembly file and convert it to an intermediate language such as RREIL and then generate control flow graph from the intermediate language ? This is the example my assembly file: 7c90e430: lea 0x10(%esp),…
Ben Richards
  • 101
  • 2
  • 4
5
votes
1 answer

How to find the entry point in LLDB on OS X?

How can I identify the entry point of an executable in LLDB? In GDB, we can use the info file command, but that won't work in LLDB. Can anyone show me how to do that?
PSN
  • 153
  • 6
5
votes
3 answers

Is there a tool to see kernel space mapping of a Windows exe?

In Microsoft Windows, a 32bits process calc.exe has 0x0-0x80000000 (2GB) reserved as its user-space and the rest is kernel-space (2GB). So, a process has 2+2 = 4GB of virtual space. This ratio could be 3:1 also. The 2GB user space has the PEB…
rebel87
  • 391
  • 1
  • 3
  • 11
5
votes
1 answer

Reverse engineer 4-bit CRC in LG IR packet

I am reverse engineering IR protocol of LG air conditioner. AC generally send the whole current state of remote on each key press. Data sent is 28 bits long, last 4 bits seem to be the checksum. I have already tried reveng, but without luck. Bits…
Marki555
  • 253
  • 1
  • 7
5
votes
4 answers

Why are PUSHF and POPF so slow?

the experiment is on 32-bit x86 Linux. I am doing some static binary instrumentation work, and basically I am trying to insert some instructions below to the beginning of every basic block. BB23 : push %eax movl index,%eax movl…
lllllllllllll
  • 2,485
  • 2
  • 32
  • 50
5
votes
1 answer

How do i use IDA for heap search for specific types and values?

How do i use IDA debugger to find some specific values in process memory, like values of float or integer, or string type? Then how can i trace how program accesses them?
Croll
  • 163
  • 1
  • 7
5
votes
5 answers

Mysterious bytecode (executable?) file from a chinese decibel meter whose manufacturer has been hacked &/or gone bankrupt

I bought a decibel meter off amazon recently (http://www.amazon.com/Sound-Measure-Tester-Pressure-Decibel/dp/B00CPKSE38/ref=sr_1_1?ie=UTF8&qid=1436376590&sr=8-1&keywords=wensn) which outputs db measurements to a microsd card. I opened the sd card's…
boulder_ruby
  • 151
  • 5
5
votes
2 answers

Need advice : Reverse engineering a pdf with shellcode

Problem : I try to find the plaintext which was hidden at pdf inbuilt with shellcode What i tried : I received a pdf which contains javascript with it ,i dig the pdf as follows : Exploring JavaScript inside: root@kali:~# pdfid APT9001.pdf PDFiD…
BlueBerry - Vignesh4303
  • 1,097
  • 2
  • 11
  • 15
5
votes
0 answers

Python library for linux to demangle MSVC decorated names

I am looking for a python library for linux which can demangle the function names which are mangled by MSVC. for example : Project!??0?$allocator@D@std@@QAE@XZ to Project!public: __thiscall std::allocator::allocator(void) I found that…
in3o
  • 265
  • 2
  • 5
5
votes
1 answer

Replacing small length instruction with larger length instruction

Basically I want to replace MOVS R1, #0x0 with MOV.W R1, #0x123, since later instruction requires 4 bytes it is impossible to simply replace in HEX code. I am using IDA Pro for analyzing native android library. I read about codecaves but my text…
user2578525
  • 165
  • 1
  • 1
  • 5
1 2 3
99 100