reverse-engineering

问题 So I was reading Hacking the Art of Exploitation and in the book, they use the strcpy() function in their C code: 1 #include <stdio.h> 2 #include <string.h> 3 4 int main() { 5 char str_a[20]; 6 7 strcpy(str_a, "Hello, world!\n"); 8 printf(str_a); 9 } They then proceed to compile their source code and analyze it with gdb . He sets a breakpoint on line 6, the strcpy function, and line 8, but when setting a break on strcpy it reads the following: (gdb) break strcpy Function "strcpy" not defined.

问题 Given a C Python frame pointer, how do I look at arbitrary evaluation stack entries? (Some specific stack entries can be found via locals() , I'm talking about other stack entries.) I asked a broader question like this a while ago: getting the C python exec argument string or accessing the evaluation stack but here I want to focus on being able to read CPython stack entries at runtime. I'll take a solution that works on CPython 2.7 or any Python later than Python 3.3. However if you have

问题 Given a C Python frame pointer, how do I look at arbitrary evaluation stack entries? (Some specific stack entries can be found via locals() , I'm talking about other stack entries.) I asked a broader question like this a while ago: getting the C python exec argument string or accessing the evaluation stack but here I want to focus on being able to read CPython stack entries at runtime. I'll take a solution that works on CPython 2.7 or any Python later than Python 3.3. However if you have

问题 This is my first attempt at reverse engineering, and really, I don't know how to go about it. I have a procedural kind of mind and no foundation of knowledge on popular encryption methods. But, it seems to me, if I have the very minimum data in the correct format, and know that there is an occurrence in the data of a certain word, or words, and where that word begins and ends in the data - that I could somehow discover the method of decrypting the entire file. ----- ENCRYPTED ----------------

问题 I am working on this c program. I am compiling it with gcc on a 64 bits x64 linux: #include <stdio.h> char buffer[]={0x90,0x90,0xC3}; int main(int argc, char *argv[]) { void (*fct)(); fct=buffer; fct(); return 0; } 0x90 opcode is NOP 0xC3 opcode is RET I want to know what i should do in order to run this program. I get a segfault when running it... Thanks 回答1: TL;DR Compile with -z execstack to enable Linux's read-implies-exec feature for your executable. Despite the name, it applies to all

问题 I am working on this c program. I am compiling it with gcc on a 64 bits x64 linux: #include <stdio.h> char buffer[]={0x90,0x90,0xC3}; int main(int argc, char *argv[]) { void (*fct)(); fct=buffer; fct(); return 0; } 0x90 opcode is NOP 0xC3 opcode is RET I want to know what i should do in order to run this program. I get a segfault when running it... Thanks 回答1: TL;DR Compile with -z execstack to enable Linux's read-implies-exec feature for your executable. Despite the name, it applies to all

问题 I am working on a Roblox lua script that I found when searching for backdoors into a game I moderate. The backdoor loaded an external script that I got the source code for and I am working on decoding and reverse engineering it. The line that I am having trouble with is local varname = #{6133} This is really confusing me because I have never encountered it before. I do very little Lua programming but I am experience in Java and C++, but even after research I don't know what the #{number} does

问题 I am trying to reverse engineer a binary and the following instruction is confusing me, can anyone clarify what exactly this does? =>0x804854e: repnz scas al,BYTE PTR es:[edi] 0x8048550: not ecx Where: EAX: 0x0 ECX: 0xffffffff EDI: 0xbffff3dc ("aaaaaa\n") ZF: 1 I see that it is somehow decrementing ECX by 1 each iteration, and that EDI is incrementing along the length of the string. I know it calculates the length of the string, but as far as exactly HOW it's happening, and why "al" is

问题 This question already has answers here : Binary Bomb - Phase 4 (1 answer) having trouble with bomb lab phase 4 [closed] (1 answer) Closed 2 years ago . I'm having a bit of trouble understanding the following assembly code for the bomb lab. Running through it so far, I've figured out that the answer is supposed to be two decimal values. If not it will explode the bomb. Then, function 4 is making sure that the first value inputted is between 0 and 30. (0x1e) Then it jumps to func4 where it does

问题 When we use Docker it's very easy push and pull image in a public repository in our https://hub.docker.com but this repository it's free only for public image(only one can be private). Currently it's possible to execute a reverse engineering of a public image in repository and read the source code of project ? 回答1: You can check how an image was created using docker history <image-name> --no-trunc Update: Check dive which is a very nice tool that allows you to views image layers. 回答2: As