Skip to main content
Reverse Engineering

Questions tagged [binary-analysis]

Ask Question

The process of gathering information about a binary file, either with static or dynamic methods.

553 questions
Newest Active Bountied Unanswered
0 votes
1 answer
30 views

How to extract 7z archive with LZMA compression

I have firmware file, which contains a raw MIPS32 binary code. I used binwalk to scan for signatures binwalk -B -t image.out and for executable opcodes binwalk -A -t image.out Top part of the output: ...
minto's user avatar
minto
  • 215
0 votes
0 answers
23 views

Save game files

I recently decided to embark on the adventure of reverse engineering game save files and I am trying to modify the Eternium game data, I have tried to see similarities between the different saves but ...
Adrián Cancio's user avatar
Adrián Cancio
  • 1
0 votes
0 answers
18 views

Why pwndbg interprets the input as a command but not as input to the program?

I'm debugging a program which has anti-debug techniques. One was to detect ptrace which pwndbg evaded easily but now the when the program expects an input pwndbg interprets it as its own command ...
Jugert Mucoimaj's user avatar
Jugert Mucoimaj
  • 101
0 votes
0 answers
30 views

I extracted a file from inside the dump that contains the serial number and I need to analyze it

I extracted a file from inside the dump that contains the serial number and I need to analyze it I want to unpack and compress this encrypted file after modifying it
elctro1991's user avatar
elctro1991
  • 1
0 votes
0 answers
36 views

The dumb dvr performs factory settings automatically and does not save the settings

I have a DVR device from Hikvision that does not save any changes or settings, and when it is restarted, it returns to the factory state... I tried another dump, not from the same brand name, and it ...
elctro1991's user avatar
elctro1991
  • 1
0 votes
2 answers
78 views

Finding the address of a function in an exe that I have the source code of

I've been playing around with some leaked source codes and I find that locating a function in source in the compiled exe is not so straight forward. And i'm thinking what are the ways to get that ...
Yang Jim's user avatar
Yang Jim
  • 1
1 vote
1 answer
58 views

Static offsets Vs. Loaded Offests

I am developing an application integrity concept tool that performs integrity checks based on a comparison of Windows syscalls in a static PE file on disk to those loaded. Can I match the offset of ...
Shockmeister's user avatar
Shockmeister
  • 11
0 votes
0 answers
41 views

Dynamic analysis of cmd dependent software

There is a PE file, which can't run by itself, and can only be called from cmd.exe, it doesn't create independent processes, and can be launched independently only with .bat scripts, which without &...
flying_meatball's user avatar
flying_meatball
  • 1
0 votes
1 answer
59 views

Offset addressing

I’m writing a C-SKY (CK803S) processor module for IDA Pro, and a question arose about offsets in transitions, small ones are fine, but long ones lead to nowhere, from the documentation: in code I ...
Andynvkz's user avatar
Andynvkz
  • 13
1 vote
0 answers
43 views

Potential vulnerabilities in a binary run as root

I am given a vulnerable 64-bit stripped application, it conducts basic password strength checks on linux(/etc/shadow). The application receives workers(which creates worker process for performing the ...
emotional_piper's user avatar
emotional_piper
  • 111
0 votes
0 answers
53 views

Help determine 3d model vertex structure serialized binary

Help determine 3D model vertex structure serialized binary. Example of single vertex: A3 D0 5D BA C9 27 3F 3A DC 6C 87 3B 2B 75 EE 00 FF FF FF FF 92 2F 29 80 B1 19 64 3F 02 82 1D 3F What I got so far:...
S4TURN's user avatar
S4TURN
  • 1
0 votes
0 answers
89 views

Help Extracting a CramFS filesystem from .img binary

I'm trying to extract a CramFS filesystem from a firmware binary for the FVS318Gv2. It downloads as a .zip file that can be decompressed to reveal a firmware .img file and a readme.htm. Running ...
cdbrunow's user avatar
cdbrunow
  • 1
0 votes
0 answers
66 views

Decompile or analyse injected /usr/bin/cat

I'm trying to decompile or analyse an injected Linux executable binary file /usr/bin/cat ,and find the injected code as a readable. Need some tips as a beginner how to find the injection method if it'...
Dany Burgos's user avatar
Dany Burgos
  • 1
0 votes
0 answers
45 views

Unknown Mitsubishi automotive MCUs - are these using unknown architecture?

Please help ientify the architecture (ISA) of MH8200F and MH8110F which is found almost exclusively on Mazda ECUs with L3CK, L587, L5E8, LFAR, LFFR, LFJP firmwares I've revealed that the MH8501F is ...
Andy's user avatar
Andy
  • 1
1 vote
1 answer
160 views

VxWorks flat binary file

VxWorks has a "flat binary file" format in which the initial 8 byte values are 45 53 54 46 42 49 4E 52 (ESTFBINR if interpreted as ASCII). I know very little about their content except: ...
g1l1t1's user avatar
g1l1t1
  • 31

15 30 50 per page
1
2 3 4 5
37