Reverse Engineering Questions, Problems & Solutions : TransWikia.com ~ Page 17

Find reference to string in radare2

In this crackme solution first the strings are found: $ rabin2 -z crackserial_linuxaddr=0x00000aa0 off=0x00000aa0 ordinal=000 sz=7 len=7 section=.rodata type=A string=User:addr=0x00000aa7 off=0x00000aa7 ordinal=001 sz=11 len=11 section=.rodata type=A string=Password:addr=0x00000ab2 off=0x00000ab2...

Asked on 05/27/2021

2 answer

Academic journals for latest RE/Malware/Exploitation research?

I am looking for journals to keep track of the latest advances in reverse engineering, binary analysis, malware, binary exploitation, etc. ...

Asked on 05/26/2021 by Chase Kanipe

3 answer

How to open new window of decompiler or resize the decompiler of Ghidra?

This is very small and inconvenient to read. How do i open new Window (any shortcut key) or resize it, for some reason i cant...

Asked on 05/26/2021 by Machine Yadav

1 answer

Identify a chip that's very hot on PCB

Does anyone recognize this chip by chance? On the chip it is written:DEYASB86 See picture: I can't find...

Asked on 05/25/2021 by Elazar

1 answer

Stripped or not ? iOS App with unnamed symbol in LLDB

I am faced with an ambiguity being a novice. I'm trying to reverse an iOS application with LLDB and all the function coming from the app (native) are labeled as...

Asked on 05/24/2021 by Kojuda

0 answer

Is there a way to attach x86dbg with ida pro?

IDA has the option to use debuggers but the debuggers are quite limited. Is there a way that I can use to use x86dbg with IDA Pro?...

Asked on 05/23/2021 by Rahul rc

0 answer

Statically injecting translated NASM assembly into existing ELF binary

I'm trying to statically patching ELF binaries in order to incorporate code that can help provide run-time protection. In an effort to save time writing and debugging assembly, I took...

Asked on 05/23/2021 by alcao758

0 answer

Decoding unknown ID format parts

I have a data set where events have a unique ID. Some examples:CkUKGkNNZmY1TkhObi1zQ0ZWT0h3Z0VkaExJQ0xnEidDSlB0bG9UTG4tc0NGWmhpaXdvZDFxOE5fdzE1OTc1NzY4NzU4Mzg%3DCjoKGkNOWHBsX1hJbi1zQ0ZTWks3UW9kRDRNSVdREhxDSXI4emVuSW4tc0NGZm5WVEFJZEVRZ0JrUS0xCjkKGkNMTzJ6TkRWbi1zQ0ZUNkh3Z0VkdGVVQnd3EhtDT3ZOajZYVm4tc0NGWUdGY0FvZGJIc09iZzE%3DCjkKGkNMcnN4OHZKbi1zQ0ZRMXpnd29kUW9VQll3EhtDSTdfZzVmSm4tc0NGVWFBY0FvZGRsQUhFQTQ%3DCjsKGkNMNjlrdFRObi1zQ0ZZMkN3Z0VkVWxnSGxREh1DSktpanFISm4tc0NGVHZCVEFJZEM3a01Udy00OA%3D%3DCjkKGkNNQ2ItbzNWbi1zQ0ZkU013Z0VkX2RRRHNBEhtDSlAzcm8zUm4tc0NGV252T0FZZENkUUJyUTU%3DCjoKGkNOTzhoZVRRbi1zQ0ZVYTBnZ29kN0VrTnlnEhxDSS1qbmRmUW4tc0NGY1pLaXdvZEgxRUFvUS0wCkUKGkNQU0VocjNMbi1zQ0ZaaXNnZ29kQlNjTTZBEidDTVNmbDRiTG4tc0NGWDRBdHdBZF9lQUtPQTE1OTc1NzYyOTkyNDg%3DCjkKGkNJLVh3NEhLbi1zQ0ZaV3JEUW9kUzNBSC1BEhtDTmFWeVpuSm4tc0NGZEtSY0FvZFdWNEVvQTE%3DCjkKGkNKYnZpb3pSbi1zQ0ZVVkE3UW9kV0xzTnVBEhtDSXlKcktQUW4tc0NGZkhEVEFJZEJtOENGdzQ%3DCjsKGkNJRGZsZnpVbi1zQ0ZjM3hnZ29kd1hZRnVREh1DS0t1bE96VW4tc0NGUlQ1V0FvZGE2OElSQS0yNg%3D%3DCkUKGkNJVGhuZHpQbi1zQ0ZZMkJ3Z0VkUkk0Q1N3EidDUC1qbDVITm4tc0NGVnBsaXdvZGJ2b0hLUTE1OTc1Nzc0MzU0Mjg%3DCkUKGkNPRzc4SkRPbi1zQ0ZkbWhnZ29kckprTWJREidDT2FCdmRUTW4tc0NGYnhDOVFVZExfc0lIQTE1OTc1NzcwMDk0NTQ%3DCjoKGkNJN05fZURWbi1zQ0ZZRzJEUW9kamEwTXJ3EhxDTHJ5eVpMVm4tc0NGVWZDVEFJZEkyNEdIQS00CkUKGkNNN1F6TERKbi1zQ0ZWbUd3Z0Vkb0RJSzlREidDT3ZBeUszSm4tc0NGU1FfWUFvZEl1UUZ4dzE1OTc1NzU3MzIyNTM%3DCjkKGkNJeXlwOV9Kbi1zQ0ZkQzZnZ29kaGdBSWVnEhtDSVdRMzd6Qm4tc0NGWmlDckFJZEFNb05BZzU%3DCjoKGkNKQ1YzWnpUbi1zQ0ZjWW5nd29kaUVJRkdREhxDSXVieHBqU24tc0NGVUZrS2dvZElRNElndy0xCjkKGkNMVHJrNWpMbi1zQ0ZVa29nd29kSG1FRmtnEhtDS3VXdGRMS24tc0NGUVdIY0FvZFFuWUVfdzA%3DCjkKGkNQVDhqOV9Tbi1zQ0ZaUlU3UW9kSGZZQkl3EhtDTV9rak9iUG4tc0NGUkVsandvZFdIa1A5QTg%3DCkUKGkNKdmM4S0xRbi1zQ0ZSaktnZ29kdWdRTm5REidDS096NDRQTm4tc0NGUXQ3aXdvZDI1Z0c4dzE1OTc1Nzc1ODMwMDM%3DCjoKGkNOM3ZnTXJQbi1zQ0ZaSk03UW9kWmJvQmx3EhxDSUdVcHBMSm4tc0NGWVptTUFvZFg3SVBZUTMyCjkKGkNKYjZ6YmZMbi1zQ0ZRNkV3Z0VkaW9FRDZREhtDTV9UcG96TG4tc0NGWWpGY3dFZExiVUp0ZzA%3DCjkKGkNPRHZ1Yl9Wbi1zQ0ZZeGU3UW9kMzZ3UG5nEhtDTmYzcFp2R24tc0NGUlpUandvZEt3SUswUTk%3DCjkKGkNKcjV3NkRKbi1zQ0ZUNkh3Z0VkT1RZSGtBEhtDUFRJeXB6Sm4tc0NGZmp5T0FZZENqZ1BfZzA%3DCkUKGkNOZlM4NlhKbi1zQ0ZRcWhnZ29ka3kwUEt3EidDSVBwcDVUSm4tc0NGZl9GVEFJZGhIa0ZiZzE1OTc1NzU3MDc1Njk%3DCjkKGkNONmNsZmJKbi1zQ0ZkYTlnZ29kU3cwRnFBEhtDUEMyOEtMSG4tc0NGZkdDWXdZZDgtTUprUTk%3DCkUKGkNLZTJ1TmpSbi1zQ0ZTTGdnZ29kcDJVSkdBEidDTW1YcHF2Um4tc0NGUmhQS2dvZGRPQURUdzE1OTc1Nzc4ODk4NjM%3DCjoKGkNOang2NUxUbi1zQ0ZRSlE3UW9kN1JNRUlREhxDSlNRaDZqRm4tc0NGWFJSaFFvZFJmUUlZZzgxCkUKGkNLT2dpYXZVbi1zQ0ZRV21EUW9kTngwRy1BEidDSm5lZ3FEUm4tc0NGUzVDaFFvZHlxb0V4dzE1OTc1Nzg2NzI5NjI%3DCkUKGkNLaU8tZURKbi1zQ0ZlcUZ3Z0VkRGhrT1V3EidDTFdEcUtISm4tc0NGYXhDaFFvZFlSRUNmUTE1OTc1NzU4MzM3NDM%3DCkUKGkNPMkJ1YlBLbi1zQ0ZlUGxnZ29kN3JvUFZBEidDTWlfdlozSm4tc0NGWVBKV0FvZDZwb05hQTE1OTc1NzYwMDY3ODk%3DCkUKGkNKR09xS1hTbi1zQ0ZZUkM3UW9kV1FvRzh3EidDUFc2dEkzU24tc0NGUlI0WUFvZGdHb0ZKUTE1OTc1NzgxMjQ0MjY%3DCjoKGkNNekd1N2JObi1zQ0ZjeXlnZ29kdmJZTXZBEhxDTnlnN003S24tc0NGVVZDOVFVZFktZ0Zwdy02CjoKGkNPemd2cmJPbi1zQ0ZZTnRnd29kbzFvSy1nEhxDTEtMMnFfSm4tc0NGWmRBOVFVZGR5WUVrUTEzCjoKGkNLbUxxZXpRbi1zQ0ZaUE1nZ29kbnAwSDRBEhxDTmVqbE96SW4tc0NGUTlIV0FvZDV5QUdaQTEyCjsKGkNKcjMzSkhLbi1zQ0ZSaktnZ29kZ2RnS3N3Eh1DT1N3eXBESm4tc0NGYXhTaFFvZExJSUdlUS0xMw%3D%3DCkUKGkNKT3luXzdSbi1zQ0ZhSkQ3UW9kLWlRTHNnEidDSUhnaVlqUm4tc0NGWVZCOVFVZFdqc05JQTE1OTc1NzgwNDM3MzE%3DCjoKGkNQbWM5UHpQbi1zQ0ZSblBnZ29kTlU0Q3d3EhxDTXVEa3RqS24tc0NGZDVBOVFVZE43MEN1dzIzCkUKGkNMX3k5UDdUbi1zQ0ZRU0d3Z0VkQ2tvR2t3EidDSXVqb19IVG4tc0NGU0pEOVFVZGRZMERyZzE1OTc1Nzg1ODAyODI%3DCjkKGkNJSGJ0b2pMbi1zQ0ZXSDNnZ29kLW5vTlpREhtDSjNrMV8zS24tc0NGUWJ3T0FZZHlJa01rZzA%3DCjoKGkNKT2I4ZHpObi1zQ0ZjcU13Z0VkWjkwRkpBEhxDTUtsc01uTW4tc0NGVnpPVEFJZERmWU9idy0zCkUKGkNNSFVtS19Tbi1zQ0ZjT0J3Z0VkcHRVSXBnEidDTnVLbk9mUm4tc0NGYzVQS2dvZG53WURmUTE1OTc1NzgxNDQ2ODg%3DCjkKGkNNYXJnS1BKbi1zQ0ZRcVJ3Z0VkemdzSGlREhtDT1RCcTdQQm4tc0NGVWIwT0FZZFFwSUpFUTM%3DCkUKGkNJcnFqcGZLbi1zQ0ZVMkh3Z0VkOVpvSHB3EidDS2UyaGZ6Sm4tc0NGWnJIVEFJZDM4a1BjUTE1OTc1NzU5NDY4OTI%3DCjkKGkNJdkM4bzdTbi1zQ0ZaV1BnZ29kWWN3SXd3EhtDTGlfby1MSm4tc0NGUXBCaFFvZDMzQU9wZzA%3DCkUKGkNKYXRqc1RSbi1zQ0ZaQ2xnZ29kTTAwRGpBEidDSW5mejk3S24tc0NGWVJEaFFvZElNd043dzE1OTc1Nzc5MjE1NTQ%3DCkUKGkNMSEgyZGpUbi1zQ0ZZVDBnZ29kOGRzR0tREidDT2lqdTRyUm4tc0NGWWRKWUFvZFg4TU8xdzE1OTc1Nzg1MDA5NDY%3DCjoKGkNLQzN3cjNWbi1zQ0ZRRy1nZ29kQXMwSW5REhxDSXV5NXBuR24tc0NGUXotT0FZZHB6a0h5UTE1CjkKGkNNXzZpWkRObi1zQ0ZZTHdnZ29kZ0JFRGlREhtDTlRWNElIS24tc0NGVXB3andvZHRoMENfZzQ%3DCjoKGkNMNk56dXZQbi1zQ0ZSU3NEUW9kUnRjSGtREhxDTGF0c05yTW4tc0NGUVBoV0FvZHY5Z0xNUS05CjkKGkNQVzJsTFRNbi1zQ0ZYNkh3Z0VkY25FTG53EhtDT21CajZmTW4tc0NGZE9CY0FvZHF0b0tsZzA%3DStarting from the surface, they seem tobe URL encodedbe base64 encoded (although there are only 62 unique...

Asked on 05/23/2021 by siikamiika

1 answer

How to know what does the function do?

I've made a simple c++ program. In the ollydbg i searching for the string which is my name, there are 2-3 call functions near the string location but i don't...

Asked on 05/23/2021 by Frd

3 answer

Binwalk alternative

When examining bin firmware files Binwalk is an extremely helpful tool. There are times though that Binwalk comes up empty and a lot more digging is required to make sense...

Asked on 05/23/2021 by pzirkind

4 answer

Ask a Question

Get help from others!

Recent Answers

Peter Machado on Why fry rice before boiling?
haakon.io on Why fry rice before boiling?
Lex on Does Google Analytics track 404 page responses as valid page views?
Jon Church on Why fry rice before boiling?
Joshua Engel on Why fry rice before boiling?

Reverse Engineering : Recent Questions and Answers (Page 17)

Ask a Question