TransWikia.com
  1. All Categories
  2. Reverse Engineering

Reverse Engineering : Recent Questions and Answers (Page 40)

Find answers to your questions about Reverse Engineering or help others by answering their Reverse Engineering questions.

What do these 2 Ghidra warnings mean?

When disassembling ARM binaries in Ghidra, I often see these warnings: /* WARNING: Could...

Asked on 11/27/2020 by adg

1 answer

Go back to the function call address

My question is simple : When I enter into a function call, I can't go back to this same call. Is there a functionality which could permit me to do...

Asked on 11/27/2020 by Bob36180

1 answer

IDA/HexRays: how do I retrieve the memory address associated with a given line of decompiled code?

I'm trying to programmatically link decompiled code generated by HexRays with the disassembly code of a given binary by mapping memory addresses between the two. The mapping exists, as I...

Asked on 11/27/2020 by TFD

1 answer

Using IDAPython Problem in finding string avalilable in .idata section

I am new to ida pro and idapythonIn the following case i want to find the string reference "x is less than zero" while processing a block.Tested with...

Asked on 11/26/2020 by neeraj

0 answer

Module name in the export table of a PE image

One of the fields of the PE export table is the image name, see screenshot below for an example. This name is part of the file, even though I can...

Asked on 11/26/2020

0 answer

IDA taking forever to run autoanalysis on remote Android app?

I've disassembled and run auto-analysis on a .so file from an Android apk, and then hooked up the remote ARM debugger to an emulator. IDA then asked me if /data/app/com.package.name/lib/arm/libil2cpp.so...

Asked on 11/23/2020 by Akababa

1 answer

What image format is this?

I am trying to reverse engineer an image file generated by my microscope. It is supposed to be an HDR image. The file has very distinct pattern in HEX editor...

Asked on 11/19/2020 by hlex

1 answer

Order of arguments in __usercall

i have the following function with five arguments: ; int __cdecl trampolineRegister(void) a4= dword ptr 8 ...

Asked on 11/16/2020 by Cawottex

2 answer

Question about weird instructions which is not able to understand for me

I tried to analyze a certain part of program with IDA PRO, So I set a break point at some instruction and start debugging(press F9 key)Afer It start debugging...

Asked on 11/16/2020 by bshi02

0 answer

Get Unaffected and KilledByCall Registers from CompilerSpec using Ghidra's Java API

Is there a way to get the volatile and non-volatile registers from Ghidra's CompilerSpec? For instance, when I look into the ARM.cspec I get the following information:<unaffected><register name="r4"/><register name="r5"/><register...

Asked on 11/15/2020

0 answer

Ask a Question

Get help from others!

Recent Answers

Recent Questions

Tags

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP