Questions tagged [linux]
A free and open source POSIX compatible operating system with a monolithic kernel and a kernel module system. Originally created by Linus Torvalds.
353
questions
1
vote
1
answer
317
views
Linux Embedded board - Kernel Panic problems
I need to duplicate an old embedded board based on a Yocto-based Linux.
I have bought a new board with the same part number and now I need to put the old software in the new board (the new board has ...
0
votes
1
answer
228
views
Debug process that use /dev/watchdog
I want to debug a process with gdb into Linux system, but the problem is that process pings /dev/watchdog so when I tried to debug it, it stop the process for longer than the watchdog interval so the ...
1
vote
2
answers
313
views
Is address in program can change
I talking about linux arch.
When I open program in Ida (statically ) I can see all instructions address like 0x20da mov r8 r2
When I want use that address to breakpoint (for example with ptrace or ...
1
vote
1
answer
2k
views
Unpacking, modifying, repacking and flashing a firmware
I've been trying to figure out how to modify the firmware on a DVR I bought for cheap recently. The built in software isn't great and doesn't offer any option for exporting video other than plugging a ...
1
vote
1
answer
944
views
Find code executed on button press in Qt5 Linux application
I have an executable of a (rather simple) GUI application on Linux, built in Qt5. I am able to run it, and want to find out what happens internally when I press one of the buttons.
I suspect that the ...
2
votes
0
answers
408
views
Shellcode execution segfault
I have been trying to exploit simple buffer overflow caused by scanf. I'm working on x86 Linux. The point is to spawn a shell. I sucesfully overwritten return address and jumped into my shellcode. But ...
1
vote
1
answer
186
views
How can I debug open source C code for Linux?
I want to debug & reverse engineer open source code such as this project. I usually use CLion to write and debug C code on Linux. I've also used GDB. What steps do I need to take to download a ...
3
votes
4
answers
4k
views
Endoscope Camera YPC99 - how to stream on linux
I'm trying to stream video from endoscope camera YPC99 on linux PC using the WiFi connection. From what I have found so far the camera is using IP 192.168.1.1. It supports RTSP protocol on port 7070 (...
2
votes
2
answers
1k
views
Repacking an embedded initramfs
I'd like to modify some of the init scripts in an initramfs that is embedded in a kernel bzImage. I know I can modify them by not changing the size of any files (e.g. by commenting out lines, and ...
1
vote
1
answer
1k
views
Find all syscall in statically Arm Binary
What is the easy and fast way to find all syscall in statically Arm binary ?
Is there any Ida plugin that do that?
2
votes
2
answers
190
views
Modern methods of fuzzing/locating heap bugs and potential vulnerabilites
really glad I found this great learning resource.
I was wondering, is there any way to fuzz or automate heap vulnerability assesment? I know a lot of practical frameworks for stack based fuzzing in ...
1
vote
0
answers
41
views
Format of Alcatel_Lucent I-240W-A backup file
I am trying to modify the backup file of this router in order to change some configurations.
Here is the structure I have until now:
16 bytes of the header, zlib compressed xml with the ...
-1
votes
2
answers
2k
views
How to see assembly of main function?
How can I dump the assembly of main function of binary(not striped) in ubuntu?
I want to see the assembly command and the hex value of this command
There are 1 binary for arm and 1 binary for x86
0
votes
0
answers
54
views
Performing Buffer overflow in Linux
I have buffer overflow in a program i check(it is an array of pointers, and i can overflow the data in the first pointer), but the data i can write is not on the stack, it is on a space the system ...
1
vote
1
answer
712
views
Protected shell in embedded linux
When I run telnetd -l /bin/sh on an embedded Linux device and use Putty to telnet to it, the provided shell is /bin/psh (protected shell).
On this device, /bin/sh is a symbolic link to /bin/busybox.
...
1
vote
0
answers
312
views
IDA shows MEMORY or unknown references on C std library calls (memset, memcpy, etc.)
I'm currently reversing a Linux 32-bit executable (with a statically linked library included in it) but I'm having a little problem I can't find a solution for.
Basically whenever I stumble across a ...
0
votes
1
answer
44
views
Linux encryption/luks/pymouth password scripts corruption
I noticed that the bootup scripts that collect the password for full disk encryption on linux (fedora-31) were displaying corrupted text. The kind that looked like binary data being printed at text:
...
6
votes
1
answer
408
views
The buffer is too short to insert addresses when exploiting buffer overflow
Newbie here. Sorry for what you about to read .
I'm currently working on exploiting a binary on Ubuntu 18.04. Here is some information about the binary:
Its checksec information using pwntools:
...
2
votes
1
answer
828
views
ildasm on Linux: "original" ildasm.exe same as dotnet-ildasm?
I would like to use ildasm on Linux. The original one, that comes with the .NET SDK and can be found on Windows e.g. at c:\Program Files (x86)\Microsoft SDKs\Windows\v8.0A\bin\NETFX 4.0 Tools\.
I ...
1
vote
0
answers
872
views
Extract files of a SquashFS Filesystem
I already asked a similar question but after a deeper analysis of the filesystem I found out that I misunderstood the problem and that's why I decided to delete the old question and make a new one.
I ...
2
votes
1
answer
397
views
reverse engineering hi3516ev200
I am new to reverse engineering and will describe my situation thus far. In short, I am looking for some tips on what to do next to gain access to a piece of hardware I am playing with. I bought a ...
1
vote
3
answers
254
views
How to input ascii control character into program?
I am working on a CTF where I need to pass an address as input to a program. This address contains the value 0x09 (the tab character). This is causing me problems, because it seems that bash is ...
2
votes
1
answer
2k
views
`qemu-mips-static` chroot causing `Invalid ELF image` error
I'm trying to emulate a MIPS binary on my Ubuntu 16.04 x86 system, but I'm not able to. I chroot into the squashfs-root filesystem that I got from binwalking the firmware image.
kan3k1@kaido:~/...
2
votes
0
answers
202
views
submitting input into AFL fuzzer
I have some questions about the AFL Fuzzer:
How does the AFL Fuzzer know where to inject the payload in the code I compile? For instance if I want to inject it in a specific parameter, how do I do it?...
2
votes
2
answers
576
views
Prevent Memory Inspection in a Cython program?
Cython is a great way to protect the source code of a Python program. However, memory inspection and memory reverse engineering can still be done to this Cython program.
What are ways to prevent (or ...
4
votes
1
answer
770
views
IAT vs GOT address resolving: which of them resolve during runtime and which during load time by default?
So based on my knowledge on windows apps, as far as i know the IAT gets filled with correct addresses when the library gets loaded (correct me if I'm wrong)
now in linux, they use GOT, and again ...
2
votes
1
answer
329
views
Unknown archive format from QNX operating system
We are reverse engineering a QNX system and we have found a small file that is uploaded to the system. It appears to be either a file system image or an uncompressed archive of some sort. We can't ...
2
votes
1
answer
943
views
Reverse getline(cin, text)
I'm trying to solve a crackme that was made in C++, and I was able to
"recreate" a function call, through the library calls the program made. Here's the piece of code that I'm trying to reverse:
...
2
votes
0
answers
1k
views
Extracting firmware image from binary
I have firmware file in .bin format, but I need get firmware.img image file and Kernel uImage file for reflashing bricked device. How can I get these parts?
I used Binwalk to extract content, ...
4
votes
1
answer
972
views
Radare2 ptrace can not attach
First my setup:
Linux Mint 64bit 4.15.0-20-generic
radare2 the newest version from github
/etc/sysctl.d/10-ptrace.conf = 0
Executable:
ELF 64-bit LSB executable, x86-64
read write and ...