reverse-engineering

问题 This is the disassembly of phase_6 : 08048dbf <phase_6>: 8048dbf: 55 push %ebp 8048dc0: 89 e5 mov %esp,%ebp 8048dc2: 83 ec 18 sub $0x18,%esp 8048dc5: c7 44 24 0c 00 00 00 movl $0x0,0xc(%esp) 8048dcc: 00 8048dcd: c7 44 24 08 0a 00 00 movl $0xa,0x8(%esp) 8048dd4: 00 8048dd5: c7 44 24 04 00 00 00 movl $0x0,0x4(%esp) 8048ddc: 00 8048ddd: 8b 45 08 mov 0x8(%ebp),%eax 8048de0: 89 04 24 mov %eax,(%esp) 8048de3: e8 0c fa ff ff call 80487f4 <__strtol_internal@plt> 8048de8: a3 4c b5 04 08 mov %eax

问题 My program works flawlessly on Windows Vista Ultimate and Windows 7, however it fails on Windows XP. First, my application creates a process of a system file, it calls GetThreadContext(remote_thread) and sets an LPVOID value to the value context->Eip, and then checks the values in the structure MEMORY_BASIC_INFORMATION set from VirtualQueryEx. Here are the values VirtualQueryEx returned when called: Windows XP 0 - allocation base 0 - allocation protect 2088828928 - base address 1 - protect

问题 I intercepted an HTTP request on Charles originating from iPhone to Instagram and here are the headers POST /logging_client_events HTTP/1.1 Host: graph.instagram.com Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Connection: keep-alive Accept: */* User-Agent: Instagram 10.0.1 (iPhone8,1; iOS 10_1_1; en_IN; en-IN; en; scale=2.00; 750x1334) AppleWebKit/420+ Accept-Language: en-IN;q=1.0, hi-IN;q=0.9, Content-Length: 1601 Accept-Encoding: gzip, deflate There is a Post data as well

问题 I want to print out all methods that get called during runtime. They should be printed out in the order that they're called in and if they're called multiple times, they should be printed multiple times. This can be used for reverse engineering - seeing which functions get called when you press a button or do a specific action. I want to use Java agents and instrumentation for this. 回答1: This can be done using Java Agents and an instrumentation library. Java agent - Separate code that can be

问题 Consider this presentation of Joe Cheng were he explains how he and his colleagues implemented the reactive framework in shiny (which is inspired by Meteor): Actual question Could someone explain to me how I would go about finding out about a reactive object's dependencies (i.e. listing their names and environments, actually accessing them, etc.) that have been automatically inferred by shiny::reactive() ? More specifically, I'd like to use that information in my custom "one-stop-shop"

问题 How can I calculate heap chunk size from raw bytes read from memory. I tried below thing. 0:001> !heap Index Address Name Debugging options enabled 1: 00500000 2: 00280000 3: 008f0000 4: 00ab0000 5: 00cc0000 0:001> !heap -a 00500000 .. .. Heap entries for Segment00 in Heap 00500000 address: psize . size flags state (requested size) 00500000: 00000 . 00588 [101] - busy (587) 00500588: 00588 . 00240 [101] - busy (23f) 005007c8: 00240 . 00020 [101] - busy (18) 005007e8: 00020 . 00ca0 [101] -

问题 How can I calculate heap chunk size from raw bytes read from memory. I tried below thing. 0:001> !heap Index Address Name Debugging options enabled 1: 00500000 2: 00280000 3: 008f0000 4: 00ab0000 5: 00cc0000 0:001> !heap -a 00500000 .. .. Heap entries for Segment00 in Heap 00500000 address: psize . size flags state (requested size) 00500000: 00000 . 00588 [101] - busy (587) 00500588: 00588 . 00240 [101] - busy (23f) 005007c8: 00240 . 00020 [101] - busy (18) 005007e8: 00020 . 00ca0 [101] -

问题 Closed . This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed 7 months ago . I want to be able to display a normal YouTube video with overlaid annotations, consisting of coloured rectangles for each frame. The only requirement is that this should be done programmatically. YouTube has annotations now, but require you to use their front end to create them

问题 Closed . This question needs to be more focused. It is not currently accepting answers. Want to improve this question? Update the question so it focuses on one problem only by editing this post. Closed 7 months ago . I want to be able to display a normal YouTube video with overlaid annotations, consisting of coloured rectangles for each frame. The only requirement is that this should be done programmatically. YouTube has annotations now, but require you to use their front end to create them

问题 I need a tool to decompile obfuscated .NET code. Yes, I know about Reflector and its plugins (FileDisassemble, FileGenerator). But they create VS project which won't compile. For an example the decompiled code contains: private sealed class d__0 : IEnumerator, IEnumerator, IDisposable { private int <>1__state; private int <>2__current; I need a tool which could rename automatically such name into readable (read "compilable") form. Thnx. 回答1: Salamander .NET Decompiler Xenocode Fox 回答2: I've