Questions tagged [entry-point]
The entry-point tag has no usage guidance.
27
questions
1
vote
0
answers
64
views
Process stuck on the entry point
I'm trying to patch an old game (1998-ish) that runs on windows 95 and windows XP to make it compatible with windows 11.
The current problem with it is that when running the exe file nothing seems to ...
- 21
1
vote
1
answer
155
views
I have gotten three different entry points which one is the correct one?
I am trying to get the entry point of an executable game file.
I have used 3 ways, 2 programs, and 1 c++ code.
C++ Code:
HMODULE GetModuleHandle(CONST CHAR* ModuleName, DWORD ProcessId) {
HMODULE ...
- 269
2
votes
0
answers
68
views
Wrong EP on an .elf CrackMe
I am trying to solve an elf CrackMe. I opened it with IDA Pro and I saw start function is on address 0x1E8. I opened the elf with HxD and I saw entry point is 0x1E9 (and no results on file for 01E8)......
- 21
3
votes
2
answers
945
views
Find the entry point in Interrupt Vector Table ARM9
I'm analyzing the firmware of a device that has the cpu ARM946E-S. It has not a file system, just assembly code and strings.
I've disassembled the firmware using ida pro, but I couldn't find the entry ...
- 31
2
votes
1
answer
403
views
How to find "RawAddress" of a "VirtualAddress"?
I'm trying to parse a PE file manually as below:
1 ### DOS Header
2
3 00000000: 4d5a 9000 0300 0000 0400 0000 ffff 0000 MZ..............
4 00000010: b800 0000 0000 0000 4000 0000 ...
- 207
1
vote
2
answers
384
views
What is the state of the stack in the entry function?
I have an ELF binary and in the entry function the first two instructions are:
XOR EBP, EBP
POP ESI
I'm curious what the state of the stack is at the start of the entry function in ELF and PE ...
- 13
1
vote
2
answers
5k
views
How to find the file address of AddressOfEntryPoint
I have a binary file and in the optional header I have the address of the entry point 0x00011046 but when I put the file inside HEX editor this address doesn't exist, more than that 0x000097f0.
I ...
- 583
2
votes
1
answer
344
views
Identifying ROM segment in unknown firmware update file
I am working on reversing a firmware update from a FujiFilm FinePix S1800 camera. So far I have managed to identify the instruction set (ARCompact) and dump a few things from the camera using the ...
- 383
2
votes
1
answer
883
views
Start vs WinMain()
I am trying to analyze a malicious DLL and when I loaded it in IDA, I can see two functions - DLLEntryPoint and DLLMain. I then proceeded to change the format by switching the characteristics bit that ...
- 141
1
vote
1
answer
412
views
radare2 shows main function arguments argv as pointer to char on the stack, not as pointer to pointer to char
Well, I've been digging around process command line arguments as well as environment variables a bit these last days, especially looking up the way main function arguments were pushed onto the stack.
...
- 51
4
votes
1
answer
5k
views
Thread EntryPoint in TLS callback as AntiDebug technique
I came across a document called The Ultimate Anti-Reversing Reference, which describes various Anti-Debugging techniques. in point 4.Thread Local Storage There is a mention
Thread Local Storage ...
- 153
4
votes
3
answers
10k
views
Start analysis at any position in elf is Entry Point?
An entry point is considered to be the first point to be made in a program. So if I start at any position in the program to start analyzing it can be considered an entry point is not ??
please help ...
- 69
2
votes
1
answer
2k
views
No apparent entry point for stripped, PIE binary using radare2
I am running on 64-bit Windows 7 and am using radare2 to attempt both static and dynamic analysis of a binary executable. The issue is that I cannot seem to find the entry point of where the program ...
- 131
2
votes
1
answer
361
views
Finding out ARC file entry point
I got dump from ci module and after deflate compressed data, this time I can't find the data I am looking for without disassembly it, sometimes I can extract data manually, but this time file is a bit ...
- 153
2
votes
1
answer
5k
views
Entry point for STM32 firmware
I'm trying to disassemble a firmware for a DIY project, open hardware but closed firmware.
My question is how to initialize the disassembler properly (Hopper Disassembler).
The values I try to figure ...
- 123