Reverse engineering is the process of discovering the technological principles of a human made device, object or system through analysis of its structure, function and operation.
Questions tagged [reverse-engineering]
239 questions
40
votes
11 answers
Can software passwords be bypassed by reverse engineering?
Let's say, on any software (that is installed on Client-Side OS), is it possible, to alter the software in such way (i.e. Zip Passwords) so for incorrect input it redirected to correct "result", like:
Is it possible to alter software logic to…
T.Todua
- 2,727
- 4
- 21
- 30
26
votes
2 answers
What is the difference between Ghidra and Ida?
Is there a comparison between Ghidra and Ida? Are there any specific features and functionality that Ghidra while Ida doesn't? Is there a good source (most preferably book) that explain Ghidra in detail?
Avi
- 593
- 1
- 6
- 13
5
votes
1 answer
Reverse Engineering for .rtf files
I've received lately a .rtf attachment on my work email from an untrusted email account.
I suspect the attacker is exploiting "Microsoft Security Bulletin MS12-029" vulnerability.
What are the recommended steps to study this .rtf file and learn the…
Z-D
- 51
- 3
4
votes
3 answers
how to make software reverse engineering difficult
In software reverse engineering, we use a dissembler, a debugger, and a code patcher. OllyDbg includes all. One of the differences between actual execution of a program and debugging through using OllyDbg is, in OllyDbg the instruction pipe-lining…
hrishikeshp19
- 143
- 1
- 5
3
votes
1 answer
How do security experts benefit from reverse-engineering?
How can reverse engineering (RE) help a security expert?
I've participated in CTF challenges and I have seen RE as an important part of CTFs. Can anyone explain or show me a real scenario that shows how RE or cracking can help hackers break…
pyDeb
- 45
- 1
- 6
2
votes
2 answers
Is it possible to extract secret key in compiled code automatically?
If we have a program that contains a secret key in its compiled code, is it possible to write a program that can automatically extract the secret key? Let's assume that the program contains a secret key is not obfuscated and the secret key is used…
Jian
- 123
- 1
- 5
1
vote
1 answer
Easy way to hardware lock an exe file in windows
Hi I want an easy way to hardware lock an exe file to a specific system so that when a user copies that file to another system it does not open.
cooker
- 391
- 3
- 8
1
vote
1 answer
How to identify user created vs. external functions in disassembly
I'm new to assembly and have been playing around with it. While i was analyzing malware, I realised that there are multiple functions named sub_xxxxxx. How does one determine if this sub_xxxxxx is created by a user, or if it is a function that is…
empty
- 67
- 5
1
vote
0 answers
Ghidra Load Linux Headers
I'm trying to reverse engineer a linux kernel module (kernel version 4.19).
Ghidra does recognize correctly all function names such as: open, misc_register etc, but it cannot determinate their exact signatures.
Let's take as an example function…
Rob D
- 51
- 1
- 5
1
vote
1 answer
how to get address of PE section to jump in while backdooring PE binary
I am trying to follow this tutorial to backdoor a simple 32bits PE binary (putty.exe).
The method used is to create a new section (named .test) containing some shellcode, changing the first CALL instruction to JMP on it, executing it, and JMPing…
philippe
- 193
- 9
1
vote
0 answers
Is there a way to refuse Process Hooking on JailBreak IOS devices
I want to find a way to prevent apps from Cycript attaching. So Far I Know Cycript works as below, but I can not find a way to stop Cycript.
One method to stop injection is to add "-Wl,-sectcreate,__RESTRICT,__restrict,/dev/null", but it is very…
Michael Lee
- 21
- 1
1
vote
1 answer
Reverse Engineering Unable to identify String encryption
I'm on an ethical hacking challenge. Which I asked here before. But I need a hint on solving this puzzle.
Note: I do not need the problem resolved, just a hint.
URI=3b6e6e3b6675707d7b7c7175703b767875777f3b676075663a7c607978
When converting this…
user182148
1
vote
0 answers
IDA PRO address issue
i'm doing some capture the flag challenges, i struggle when I debug on linux with 'ida'.
Ida shows that ESP points to '0xFFFFC050' but i can't access it.
here's a picture:
soolidsnake
- 11
- 2
1
vote
1 answer
Is it possible to protect your software and similar from being cracked?
With reverse engineering, you can disassemble, edit and do a lot more. This is probably used for cracking software in order to get the full versions and avoid using actual money.
I do not really know how keygens work though... but I have read a lot…
That Guy
- 119
- 5
0
votes
2 answers
A way for find hard-coded URL/IPs in a dll/exe
Is there a way to see the URL/IPs that are hard-coded in an exe or dll without installing or running it?
I once saw a tool that extracted URLs from dll or exes, but I can't remember what it was.
Bryro
- 123
- 3