reverse-engineering

问题 So i am referencing this paper : Binary Stirring: Self-randomizing Instruction Addresses of Legacy x86 Binary Code https://www.utdallas.edu/~hamlen/wartell12ccs.pdf Code interleaved with data: Modern compilers aggressively interleave static data within code sections in both PE and ELF binaries for performance reasons. In the compiled binaries there is generally no means of distinguishing the data bytes from the code. Inadvertently randomizing the data along with the code breaks the binary,

问题 I'm looking for a tool that will reverse engineer Java into a sequence diagram BUT also provides the ability to filter out calls to certain libraries. For example, the Netbeans IDE does a fantastic job of this but it includes all calls to String or Integer which clutter up the diagram to the point it is unusable. Any help is greatly appreciated!!!!!!! 回答1: I think jtracert is what you are looking for. It generates a sequence diagram from a running Java program. Also, because its output is a

问题 I'm trying to write something that will allow a user to use a keyboard/mouse combination on a games console. The approach I've thought of is to do the following: Figure out how input maps to output in the console's controller. This is good old trial and error, basically connecting the controller via USB to a computer and figuring out how the controller responds to input using detailed USB logging. Then, write a userland program that takes keyboard/mouse input and converts it to the controller

问题 I'm struggling to reverse engineer a section of data associated with a CRC-16 checksum. I know the polynom used to calculate the original checksums is 0x8408 but nothing else, I don't know initial value (if any), final XOR value (if any), if the input or the result is reflected... It seems like there is a known CRC-16 generator using thing polynom, CRC-16-CCITT but despite everything I've tried I just can't understand how the original checksum is being calculated. Here is the data I've got

问题 Currently I'm writing a DirectShow based application that should help users configuring their TV capture cards, since GraphEdit seems to be too difficult for most to understand. The idea is that this application exports the generated Graph to a .GRF file, that will be used in another application. Users can select which device (IMoniker) should be used to create a source filter, and can change some settings regarding video / audio. Next to exporting .GRF files, my application should also have

问题 I only want to allow specific DLLs to execute code I have written on a function I hooked. short of performing a stack trace how do you get the module name of your caller? 回答1: Get a stack trace to find the return address of your function, for instance with CaptureStackBackTrace. And then call GetModuleHandleEx passing GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS to obtain the module handle containing that code. Finally, call GetModuleFileName to find the filename associated with that module. 来源：

问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 29 days ago . I am learning react.js from an online tutorial. The source code is provided in the tutorial itself. It will be useful if I can view the sequence diagram displaying interaction between components, actions dispatched, classes ,stateless functions and higher-order functions used in the project and the overall

问题 I have an asp.net web application. I don't have the source code. The bin contains 10 assemblies and a .compiled file. I used Reflector on the App_Code.dll and it shows me classes and namespaces and stuff, but its such a mess. Is there any way to reverse engineer this web app that won't take weeks/months to unfold? The application is pretty basic. Note, the code is written by an engineer that left the company. We own the product. 回答1: With reflector you can save the reflected code out to a

问题 Is it possible to alter the way that an existing x86-64 binary references and/or calls one particular function. Specifically, is it possible to alter the binary such nothing happens (similar to a nop ) at the times when that function would normally have executed? I realize that there are powerful speciality tools out there (ie decompilers/disassemblers) for just this sort of task, but what I'm really wondering is if the executable formats are human-readable "enough" to be able to do this sort

问题 I'm learning the basis of reverse engineering. While reversing a crackme it happened to me to see this pattern at the beginning of almost every function: pushl %ebp movl %esp, %ebp pushl %ebx # because ebx is a callee-saved register subl $0x14,%esp # of course $0x14 changes depending on the function calll 0x08048766 addl $0x1a5f, %ebx # also this value sometime changes depending on the function Where at 0x08048766 there is a function that does just this: movl 0(%esp), %ebx retl So basically,