Questions tagged [reverse-engineering]

Reverse engineering is the process of discovering the technological principles of a human made device, object or system through analysis of its structure, function and operation.

239 questions
40
votes
11 answers

Can software passwords be bypassed by reverse engineering?

Let's say, on any software (that is installed on Client-Side OS), is it possible, to alter the software in such way (i.e. Zip Passwords) so for incorrect input it redirected to correct "result", like: Is it possible to alter software logic to…
T.Todua
  • 2,727
  • 4
  • 21
  • 30
26
votes
2 answers

What is the difference between Ghidra and Ida?

Is there a comparison between Ghidra and Ida? Are there any specific features and functionality that Ghidra while Ida doesn't? Is there a good source (most preferably book) that explain Ghidra in detail?
Avi
  • 593
  • 1
  • 6
  • 13
5
votes
1 answer

Reverse Engineering for .rtf files

I've received lately a .rtf attachment on my work email from an untrusted email account. I suspect the attacker is exploiting "Microsoft Security Bulletin MS12-029" vulnerability. What are the recommended steps to study this .rtf file and learn the…
Z-D
  • 51
  • 3
4
votes
3 answers

how to make software reverse engineering difficult

In software reverse engineering, we use a dissembler, a debugger, and a code patcher. OllyDbg includes all. One of the differences between actual execution of a program and debugging through using OllyDbg is, in OllyDbg the instruction pipe-lining…
hrishikeshp19
  • 143
  • 1
  • 5
3
votes
1 answer

How do security experts benefit from reverse-engineering?

How can reverse engineering (RE) help a security expert? I've participated in CTF challenges and I have seen RE as an important part of CTFs. Can anyone explain or show me a real scenario that shows how RE or cracking can help hackers break…
pyDeb
  • 45
  • 1
  • 6
2
votes
2 answers

Is it possible to extract secret key in compiled code automatically?

If we have a program that contains a secret key in its compiled code, is it possible to write a program that can automatically extract the secret key? Let's assume that the program contains a secret key is not obfuscated and the secret key is used…
Jian
  • 123
  • 1
  • 5
1
vote
1 answer

Easy way to hardware lock an exe file in windows

Hi I want an easy way to hardware lock an exe file to a specific system so that when a user copies that file to another system it does not open.
cooker
  • 391
  • 3
  • 8
1
vote
1 answer

How to identify user created vs. external functions in disassembly

I'm new to assembly and have been playing around with it. While i was analyzing malware, I realised that there are multiple functions named sub_xxxxxx. How does one determine if this sub_xxxxxx is created by a user, or if it is a function that is…
empty
  • 67
  • 5
1
vote
0 answers

Ghidra Load Linux Headers

I'm trying to reverse engineer a linux kernel module (kernel version 4.19). Ghidra does recognize correctly all function names such as: open, misc_register etc, but it cannot determinate their exact signatures. Let's take as an example function…
Rob D
  • 51
  • 1
  • 5
1
vote
1 answer

how to get address of PE section to jump in while backdooring PE binary

I am trying to follow this tutorial to backdoor a simple 32bits PE binary (putty.exe). The method used is to create a new section (named .test) containing some shellcode, changing the first CALL instruction to JMP on it, executing it, and JMPing…
philippe
  • 193
  • 9
1
vote
0 answers

Is there a way to refuse Process Hooking on JailBreak IOS devices

I want to find a way to prevent apps from Cycript attaching. So Far I Know Cycript works as below, but I can not find a way to stop Cycript. One method to stop injection is to add "-Wl,-sectcreate,__RESTRICT,__restrict,/dev/null", but it is very…
1
vote
1 answer

Reverse Engineering Unable to identify String encryption

I'm on an ethical hacking challenge. Which I asked here before. But I need a hint on solving this puzzle. Note: I do not need the problem resolved, just a hint. URI=3b6e6e3b6675707d7b7c7175703b767875777f3b676075663a7c607978 When converting this…
user182148
1
vote
0 answers

IDA PRO address issue

i'm doing some capture the flag challenges, i struggle when I debug on linux with 'ida'. Ida shows that ESP points to '0xFFFFC050' but i can't access it. here's a picture:
1
vote
1 answer

Is it possible to protect your software and similar from being cracked?

With reverse engineering, you can disassemble, edit and do a lot more. This is probably used for cracking software in order to get the full versions and avoid using actual money. I do not really know how keygens work though... but I have read a lot…
That Guy
  • 119
  • 5
0
votes
2 answers

A way for find hard-coded URL/IPs in a dll/exe

Is there a way to see the URL/IPs that are hard-coded in an exe or dll without installing or running it? I once saw a tool that extracted URLs from dll or exes, but I can't remember what it was.
Bryro
  • 123
  • 3
1
2