TransWikia.com
  1. All Categories
  2. Reverse Engineering

Reverse Engineering : Recent Questions and Answers (Page 8)

Find answers to your questions about Reverse Engineering or help others by answering their Reverse Engineering questions.

How to get address or symbol of the usage of a constant located in rodata?

I have an elf executable. I found a string (awesome string) in my .rodata section:$ mb-readelf -p 10 a.outString dump of section '.rodata': [ ...

Asked on 08/31/2021 by betontalpfa

2 answer

Why are relocation tables needed?

I understand that the relocation table exists for when an image isn't loaded at its preferred address, but if an image isn't loaded at its preferred address, doesn't everything need...

Asked on 08/31/2021 by ehargitt

1 answer

x64dbg execute till next call OR return

I am using x64dbg and I want to know if there's any way to run the code till next Call statement? I know there is an "Execute till return" option,...

Asked on 08/27/2021 by w4po

0 answer

Why doesn't binwalk see the filesystems in this Eufy Home Base 2 flash dump?

This teardown:https://electronics-teardowns.blogspot.com/2020/07/eufy-homebase2-teardown.html Gives a flash dump for the Eufy Home Base 2 here: https://anonymousfiles.io/Ve9y3cL4/ With this partition table:[ 0.472000]...

Asked on 08/27/2021 by winston_smith

1 answer

WinDbg pattern search not returning expected result

I'm searching for a string, say the old "This program cannot run". Switching context to e.g. notepad, non invasive, with page translation1: kd> !process 0 0 notepad.exePROCESS ffff9d05d0005080 ...

Asked on 08/25/2021 by Assaf Levy

0 answer

How to run another IDA script using IDApython?

I'm using IDA batch scripting to run a script on a dataset of malware the problem is i need to run the VB6 idc script after auto analysis is finished,...

Asked on 08/21/2021

1 answer

How can you dump the unpacked version of a packed library/plugin from memory on macOS?

I'm dealing with a custom-upx packed library that I'm trying to unpack. System is macOS. Given it's a library/plugin, it doesn't have a standalone entrypoint. I ran it through a...

Asked on 08/21/2021 by memboi3

1 answer

How can I de-obfuscate a VBScript (.vbs) file?

I have a VBScript (.vbs) file that is a malware dropper. It executes correctly in a commercial malware sandbox. but does not act the same in my manual analysis lab,...

Asked on 08/17/2021 by Sean W.

1 answer

Is there a clear Ollydbg successor?

I used Ollydbg 2.01 back in 2014 when Olly was working to create a 64-bit version. I was very eager to see the 64-bit version, but sadly that never...

Asked on 08/17/2021 by jamesluschen

0 answer

Stack Machine Interaction using forth

I am trying to solve a puzzle, The only pieces of information we were given were ( a b c d e -- a^b^e ) I have a menu to...

Asked on 08/15/2021 by Cameron2222

0 answer

Ask a Question

Get help from others!

Recent Answers

Recent Questions

Tags

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP