TransWikia.com
  1. All Categories
  2. Reverse Engineering

Reverse Engineering : Recent Questions and Answers (Page 6)

Find answers to your questions about Reverse Engineering or help others by answering their Reverse Engineering questions.

Reverse engineering unknown binary data of .Factory file for Simplify3D

To keep a long story short I'm in the process of trying to reverse engineer the .factory format this program called Simplify3D which is a 3D printing software slicer. I...

Asked on 09/30/2021 by Bradley Heenk

2 answer

strange results with IDA (some function different Pseudo Code)

After show the pseudo code in IDA I see different results: ...

Asked on 09/30/2021 by user3449922

0 answer

how could i follow a system call from a dll -> kernel driver syscall

basically i would like to follow (system calls / internal calls) that basically lands in the kernel i would like for example to debug a specific dll ex : ntdll.dll...

Asked on 09/30/2021 by zeroaceee

1 answer

Reconstructing a PE from unpacked memory in IDA

I’m trying to byte patch a 12 year old program written in MS Visual C++ V9. However, some of its code has been packed with ‘Lock Express V2.0’. I’ve loaded...

Asked on 09/30/2021 by stackoverflowperson

1 answer

Devirtualization

I've recently become pretty fascinated with virtualization and retrieving original code from a randomly generated byte code, such as protectors like VMProtect/etc. But I can not get a grasp on...

Asked on 09/30/2021

0 answer

Unrecognized sequence of bytes

I have this piece of code:.text:00537FDE push offset a3Rrrrrrrrrrrrr ;...

Asked on 09/30/2021 by black4

1 answer

Frida not able to trace sub_XXXXX which must have been called

I have the following pseudocode generated by IDA Pro decompiler:__int64 *__usercall sub_155B5@<X0>(__int64 *a1@<X0>, unsigned int a2@<W1>, char **a3@<X8>){ ... result = sub_222E0((__int64 *)a3, 2 * a2, 0x20u);...

Asked on 09/30/2021 by shinhong

0 answer

Looking for obfuscation patterns within jumps

I'm working on an obfuscated binary. I recognized some patterns used to confuse the disassembler, some used to obfuscate function calls, some other for conditional jumps and so on. The...

Asked on 09/30/2021 by stokdam

0 answer

How does an executable’s static API differ from it’s dynamic API?

Running an executable in Cuckoo sandbox gives me its dynamic API information. How do these API calls differ from their static API information (eg. If I were to just put...

Asked on 09/29/2021 by nidorinas

2 answer

Get function return value

Any idea for more ways to get return value?(No hooks, no hw/memory breakpoints, no call functions).thx :) I tried to find a dword maybe that hold the function...

Asked on 09/29/2021

1 answer

Ask a Question

Get help from others!

Recent Answers

Recent Questions

Tags

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP