Reverse Engineering Stack Exchange
Reverse Engineering Stack Exchange

Most Popular

more tags
1500 questions
5
votes
1 answer

How to scan the ECU Delphi MT05?

The ECU (Engine Control Unit) MT05 from Delphi is used today in many motorbikes and ATV's: Regal Raptor (Raptor, Daytona and Spider 350) AJP (PR7) Benelli (BN600) CFmoto (Terralander X8) Zongshen (RX3) Zhejiang (TR125) Hyosung (GT650RC) Scomadi…
Elmue
  • 441
  • 2
  • 4
  • 11
5
votes
2 answers

Unable to set a breakpoint in IDA 6?

I am unable to set a breakpoint in IDA 6. I have tried pressing F2 , but it did not work. Also, the breakpoints buttons on the toolbar are all disabled. What's the problem?
user22323
  • 151
  • 1
  • 3
5
votes
2 answers

analysing IP camera's UDP packages

I have an industrial IP camera and I want to read its images with a micro-controller, but the camera is only operable from a computer running its drivers/firmware. I used WireShark to access the UDP packages, but the messages seem to be encrypted…
McMa
  • 153
  • 1
  • 8
5
votes
2 answers

OllyDBG's disassembled syntax and c-equivalent

This is probably a pretty simple question as I'm not too used to how the syntax looks for OllyDBG's disassembler. Does this following assembler statement: MOV EAX, DWORD PTR [ESI + 14] Be roughly translated to this C code: eax = *(esi +…
lfxgroove
  • 369
  • 4
  • 13
5
votes
2 answers

Formal obfuscation

My question is related to this question with the excellent answer of @Rolf Rolles. Since the paper of M.D. Preda et al is quite technique so I wonder whether I understand their idea or not. The following phrase is quoted from the paper: The basic…
Ta Thanh Dinh
  • 1,410
  • 8
  • 12
5
votes
3 answers

Origin of "Hacker Protection Factor"

Dexguard claims a "hacker protection factor" of 35 without any explanation of where the number comes from or what it means. I figure the actual statement is meaningless, but I'm very curious to see who is assessing these protection factors. A…
Antimony
  • 2,012
  • 11
  • 16
5
votes
1 answer

Are there any free disassemblers for the NEC 78K0R family of processors?

Another slightly esoteric microcontroller in a product I'm looking at - the NEC 78K0R microcontroller. This is a 16-bit extension of the 78K0. The 78K0 can be disassembled in IDA Pro, but not the 78K0R. Renesas Cubesuite allows viewing of…
Cybergibbons
  • 1,762
  • 2
  • 17
  • 26
5
votes
1 answer

Is it possible to modify a movss or xmm# in Assembly using Cheat Engine?

Im using cheat engine as a beginner to getting into Disassembly and Hacking, and I want to know how to modify an address/pointer (not really sure how to term it) thats using a movss [...],xmm#? Specifically, Im modifying the Health in…
Mister SirCode
  • 253
  • 2
  • 10
5
votes
2 answers

windbg crashdump process by pid from kernel

What is the best way to dump user space process by pid debugging the kernel with windbg? I'm able to attach to the process from user-space with windbg and generate crash by .dump, but how would I do it from the kernel for only a single process and…
gljiva
  • 51
  • 2
5
votes
1 answer

Review a collection of executable binaries to determine similarity

I have a collection of different binaries I want to review for code similarity and classification, but I would rather not have to open each of them in IDA and manually review the code in 15 different samples. What tools or techniques can I use to…
solumnant
  • 173
  • 1
  • 13
5
votes
3 answers

GDB hangs when I try to run and debug a binary

When I type gdb a.out and then run inside the gdb itself I get stuck on the empty line: jericho-laptop:exploit.education jericho$ gdb a.out GNU gdb (GDB) 9.1 ... Reading symbols from a.out... (No debugging symbols found in a.out) (gdb) run Starting…
user3732445
  • 321
  • 1
  • 3
  • 6
5
votes
1 answer

Ghidra can't see basic functions in my files?

I made a simple program in C++ using Visual Studio 2019 to learn. When I open the file with Ghidra, it doesn't seem to detect my functions and I don't know what I'm doing wrong. My program is simple: #include void someFunction() { …
olawrdhalpme
  • 53
  • 3
5
votes
1 answer

Stuck on XOR decryption of firmware

TL;DR I have an encrypted image and the cleartext version, and I'm almost certain it's an XOR cipher, but I can't figure out how to decrypt it. I have a few clues listed below. Ciphertext excerpt (20kB) Cleartext excerpt (20kB) Detail I'm trying…
Malvineous
  • 343
  • 1
  • 11
5
votes
2 answers

BIOS first jump leads to empty memory

I'm trying to reverse a BIOS of an industrial PC in order to repair it. The device is based on an ETX-formfactor mobo, obscure Italian SECO M671, very similar to an old Kontron PM-15(C), but with a custom OEM BIOS. I.e., Intel Celeron M (mobile =…
kutukvpavel
  • 63
  • 4
5
votes
2 answers

Dealing with heavily obfuscated Java, possibly on bytecode level

I've got a jarfile from a friend, he told me to put it thru an decompiler. So I did, but: JD-GUI basically spit out just the imports and didn't show any class data CFR dumped out stack trace on certain and created basically unusable Java code I…
Kamila Szewczyk
  • 153
  • 1
  • 5
1 2 3
99 100