Highest Voted Questions - Reverse Engineering Stack Exchange

5

votes

1 answer

What do the following ARM instructions mean?

I have some ARMv7 instructions that I do not understand, despite reading the reference at: ARM Information Center In the context of: a7a4d8: b530 push {r4, r5, lr} a7a4da: 466c mov r4, sp a7a4dc: 4605 mov r5, r0 …

asked Sep 23 '13 at 15:51

chuacw

273
2
8

5

votes

2 answers

Is the output of the gcc compilers the same for all ARM platforms?

Trying to understand how the code is converted in ARM platform from code to binary. Are the gcc compilers used in the different ARM platforms (iOS, Android, Blackberry) the same compiler, except that the header and library files are different? Or…

arm

asked Sep 21 '13 at 00:32

tuckmeng

59
1

5

votes

2 answers

Disassemble, edit and re-assembly iOS ipa apps

I'm trying to get jailbreak statistics for a University project related to security in mobile devices. My purpose is to disassemble, add a sample code and re-assemble to obtain a runnable iOS app again. I have read a lot about IDA, IDA pro,…

asked Sep 20 '13 at 11:37

swoken

53
1
1
3

5

votes

1 answer

Would hiring a RE service be worth it?

Before I clarify my question, I will explain the project I'm working on, and what I've done so far so there will be a better understanding of what I'm trying to do. I'm trying to modify the UI of a Roland GR-55 guitar synthesizer so that the UI…

asked Jul 12 '21 at 02:57

Dukes Mayonnaise

103
7

5

votes

2 answers

Fixing/recompiling a heavily control flow obfuscated function

I've recently come across a binary that has been obfuscated with a very obscure protection. Obfuscation From what I understand, the obfuscator is effective in several ways. Multiple JMPs via relative addressing (0xE9), JMPs to addresses in stack…

asked Jul 08 '21 at 02:36

user29468

5

votes

2 answers

How to decompile external functions of *.so library in ELF with Ghidra?

There are some *.so libraries in my ELF file. I can see the *.so names in "Imports" directory of "Symbol Tree" Window in Ghidra tool. I think there are some external functions in the *.so libraries. How can I decompile external functions of *.so…

asked Jun 03 '21 at 10:06

three2zero

119
1
12

5

votes

2 answers

How do I extract the firmware from this bluetooth speaker board?

I have a bluetooth speaker. Infinity Fuze 100. It's a good speaker. But it has annoying messages on startup and shutdown. And for other interface events. I'd like to either get rid of them entirely, or replace them with simple beeps, instead of…

asked Apr 22 '21 at 11:24

Capstone

143
1
6

5

votes

2 answers

How to add a new CompilerSpec from a .cspec file to Ghidra?

Ghidra uses .cspec files like x86win.cspec to define compiler related information, which are imported in the .ldef files like x86.ldef that define a processor language. How can I add a new CompilerSpec via a .cspec file to Ghidra without editing the…

ghidra

asked Mar 26 '21 at 16:44

Florian Magin

1,444
6
22

5

votes

1 answer

API hooking using DLL injection with Python C-Types

I'd like to write something using Python C-Types that hooks API calls and can be leveraged for unpacking executables. Currently my (Python with C-Types) code launches an executable in a suspended state then performs DLL injection using the…

asked Aug 31 '13 at 03:12

user2743

211
2
3

5

votes

2 answers

Find out whether additional keys are being used when encrypting data

Assume I use a software to encrypt data. How would I go about to find out with IDA or other RCE tools as to whether there is more than one key used during the encryption? I am talking asymmetric encryption here, and it is possible that the software…

asked Aug 27 '13 at 12:45

0xC0000022L

10,908
9
41
79

5

votes

2 answers

Specifying the register value which is constant for all the functions

In the firmwares I met the situation when some register value is set at startup, and then it's implicitly used as a base address to access the variables. e.g. register r13 is set to 0x40000000 which is address of RAM. And then all over the code the…

asked Jan 31 '21 at 14:02

Anton Kukoba

1,840
6
13

5

votes

1 answer

Is there an online service which provides the same functionalities as the Metasploit NASM shell?

Does anyone know if there exists an online service which provides the same functionalities as the Metasploit NASM shell ? Probably the above script can be ported to a standalone tool but I'm not very confident with Ruby, so if someone knows…

asked Aug 23 '13 at 14:22

lc4nt

71
1
4

5

votes

1 answer

Understand/Reverse simple (but good quality) TTS engine

For quite a long time I wanted to add TTS (text-to-speech) to my MCU applications and I tried quite few of them with more or less success always hitting a wall that either quality is not good or needed CPU power is too much. However I recently found…

asked Dec 15 '20 at 11:10

Spektre

1,384
7
13

5

votes

0 answers

Unpack, modify and rebuild an Android App Bundles (.aab) file

I would like to unpack an .aab file, decompile/recompile the classes.dex (baksmali/smali), edit the manifest and, finally, generate a new .aab file. Basically, I am looking for an apktool for .aab

asked Dec 13 '20 at 23:06

Simone Aonzo

175
1
8

5

votes

3 answers

Is Null in Windows equal to zero?

(This question refers to assembly language.) I'm a little bit confused. I've encountered many times Windows functions that are supposed to return a Handle, and if they don't they return NULL. Why do the checks afterward check against zero? Zero…

asked Dec 03 '20 at 17:26

Daniel Benisti

71
5

Most Popular