reverse-engineering

问题 I'm trying to search for a function by its "signature". However I can't figure out what address range I'm supposed to be searching? I've had a look at VirtualQuery() and GetNativeSystemInfo() but I'm not if I'm on the right path or not. Edit: Question re-attempt. Using Win32 API I'm trying to find out how to get the start and end address of the executable pages of the process my code is executing in. This is what I've tried: SYSTEM_INFO info; ZeroMemory( &info, sizeof( SYSTEM_INFO ) );

问题 I have two build variant in my Application, one is release and other is debug. In a release, I have set my https URL. In Debug, I have set my local URL for testing purpose. is it possible if I upload my release variant to PlayStore that somebody can reverse engineered it and see my Local testing URL? I dont want to expose my testing URL? 回答1: If you just use flag to switch running environment and sorce code contain the local testing URL, it'll able to find in the disassembled smali files even

问题 I want to reveal my desktop java application to public, but I'm not sure how to protect it from reverse-engineering or source code stealing? Is it possible to convert the application to an exe file? and if it is, wouldn't that be enough to protect it? 回答1: If it's really worth someone's time to reverse engineer your source from the binary, they will. You might be able to make it slightly harder, but never impossible. 回答2: You can use a Java Obfuscator such as ProGuard. ProGuard is a free Java

问题 Size contains the number 86. var_10= dword ptr -10h var_C= dword ptr -0Ch size= dword ptr 8 push ebp mov ebp, esp sub esp, 28h mov eax, [ebp+size] mov [esp], eax ; size call _malloc mov ds:x, eax mov [ebp+var_C], 0 jmp short loc_804889E loc_804889E: ~~~~~~~~~~~~~~~~~~~~~ mov eax, [ebp+size] sub eax, 1 cmp eax, [ebp+var_C] jg short loc_8048887 loc_8048887: ~~~~~~~~~~~~~~~~~~~~~ mov edx, ds:x mov eax, [ebp+var_C] add edx, eax mov eax, [ebp+var_C] add eax, 16h mov [edx], al add [ebp+var_C], 1 I

问题 I'm trying to understand assembly in x86 more. I have a mystery function here that I know returns an int and takes an int argument. So it looks like int mystery(int n){} . I can't figure out the function in C however. The assembly is: mov %edi, %eax lea 0x0(,%rdi, 8), %edi sub %eax, %edi add $0x4, %edi callq < mystery _util > repz retq < mystery _util > mov %edi, %eax shr %eax and $0x1, %edi and %edi, %eax retq I don't understand what the lea does here and what kind of function it could be.

问题 I'm writing a small SSL proxy server and keep getting ssl.SSLError: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:661) from an android app client but not a browser. I did set ssl.CERT_NONE . Here is my test code: SSLcontext = ssl.SSLContext(ssl.PROTOCOL_SSLv23) SSLcontext.load_cert_chain('server.crt', 'server.key') SSLcontext.verify_mode = ssl.CERT_NONE SSLcontext.check_hostname = False s = socket.socket() s.bind(('127.0.0.1', 443)) s.listen(5) c = s.accept()

问题 I have a program (I own the rights) written in QuickBASIC 3.0, though I do not have anymore the source code. Anyone know a decompiler that I can use to see what the program does? Basically it gets some numbers in input and it performs some calculation, showing some results. Nothing too complicated. Thanks 回答1: I haven't seen any publicly available tools but there's a page from a guy who claims to have made one. You could try contacting him. I wouldn't recommend trying it on your own if you

问题 Given an arbitrary executable, is it possible to determine some or all of the indirect branch destination addresses? What is a programmatic approach to computing these destinations? I'm asking because I am reconstructing a CFG from an executable and can't figure out a clean way of computing indirect branches. Sometimes the operand can be determined with a little forensic analysis, but other times it's not so clear. 回答1: Calculating possible indirect branch destinations in a compiled program

问题 Closed . This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed 3 years ago . In order to address some level of protection against reverse engineering or decompilation, I decided to move the important parts of my C# application including several xml resources into a native C++ DLL file based on the method described here for using resources in C++ programs

问题 Solved! After following Matti's suggestions, I removed the custom functions and all is well. Original Post: I'm new to XSLT as of today, so I'm sure this is a no-brainer for many of you. Anyways: I've been tasked with creating a widget for my company's website that uses data provided by a 3rd-party vendor. The vendor refuses to send us a sample XML file ( even a blanked-out one with just the element tags! ) so I'm trying to recreate the XML based on what I can see in the XSLT that they -did-