Questions tagged [automation]
The use of executable programs or scripts to achieve well-defined sequences of operations without human interaction.
23
questions
1
vote
1
answer
104
views
How to decrypt or decode unknown file formats?
I have got a new challange. I hvae some log files that mostly contain android device modem and ap logs.
The file extension varies depending on the chipset. There is specific tool provided by the ...
2
votes
1
answer
1k
views
J1939 message payload checksum
I am attempting to reverse engineer some proprietary J1939 CAN traffic so that I can remotely control some actions on a vehicle. I have collected a number of traces covering the events I want to ...
1
vote
0
answers
100
views
Retrieve all parameters of specific function: How to automate
I'm trying to reverse engineer.NET binary with dnspy. I have a decryption routine that is used to display useful strings. It takes one integer value as a parameter and uses it in the decryption ...
1
vote
1
answer
87
views
Automated instruction analysis of dynamic memory
Introduction to problem: I have a binary executable with an unknown network packet protocol. I want to reverse engineer this packet protocol. My current way of doing it is to send some data and step ...
1
vote
1
answer
282
views
IDApython - Turning a modified operand into a string reference
I am working on an IDAPython script that is supposed to fix the disassembly of a firmware, by resolving it's symbol table.
The core of the script is working fine, but I have some issue when it comes ...
5
votes
1
answer
196
views
Review a collection of executable binaries to determine similarity
I have a collection of different binaries I want to review for code similarity and classification, but I would rather not have to open each of them in IDA and manually review the code in 15 different ...
0
votes
0
answers
339
views
Is there a way to see 'imports' in a .NET binary?
Programs such as Detect It Easy or IDA can show functions and libraries (DLLs) imported by a binary in the case of C/C++ binaries. I have a collection of .NET malware that I'm analyzing and would like ...
0
votes
1
answer
228
views
x64dbgpy: application unresponsive when trying to automate inside breakpoint callback
When a breakpoint callback is triggered trying to automate the debugger inside the callback causes the application to become unresponsive. x64dbg continues functioning but the application itself doesn'...
0
votes
1
answer
338
views
Automatically detecting and carving images from .doc, .docx and spreadsheets
I'm looking for a tool that can extract detect and extract any image format from word documents in both .doc and .docx formats for an automatic document classification use case. It is nice to just ...
3
votes
2
answers
3k
views
(MacOS) disable codesign check / run codesign on multiple files
so I have two questions, I'll try to keep it short (also, im a noob):
I run logic pro x and other software to make music, and some third party plugins make program crash if they get a:
Exception ...
0
votes
2
answers
625
views
Automating a crackme solving process
Let's say we have a simple crackme, which asks for a password. After verifying it, eax will contain 1 if it is correct, and 0 otherwise. Is there a way (I am interested both in Linux and Windows) for ...
2
votes
2
answers
8k
views
Automating bypassing anti-debug checks
I'm working on bypassing the anti-debug checks of an unpacker in x64dbg. My end goal is to bypass all of the checks so that I can run the (unmodified) process with a debugger attached without any ...
1
vote
1
answer
455
views
How to create empty IDB file with IDApython?
Is it possible to create empty idb file using idapython?
My intention is to use it afterwards to populate with several binary code blobs and run some analysis on the resulting idb file and all this ...
7
votes
1
answer
9k
views
How to automatically rename some IDA functions from a given list?
I have a text file which contains a list of function name and address pairs, structured like this :
194C:841B LoadMessage
194C:8429 ShowDialog
...
Is there a way (eg: script, automation, ...) to ...
3
votes
2
answers
1k
views
How to identify code ran when clicking on an object in a game
I've played with using software like cheat engine to modify memory, null out code and even inject some code of my own. However finding the right spot to modify is always a difficulty. I'd like to be ...