Skip to main content
Reverse Engineering

All Questions

Ask Question
Tagged with
8 questions
Newest Active Bountied Unanswered
4 votes
2 answers
2k views

How can I get xrefs to class member variables in IDA?

I'm working on a decompilation of a windows PE (with its full debug symbols in a PDB) and I'm using IDA to help with it. I want to know how I can get a list of all references to a given class member ...
underthevoid's user avatar
underthevoid
  • 315
1 vote
0 answers
35 views

How to tell when Cor20 starts for DLL's that are supposed to meet ECMA-335?

When I look at a .Net compiled DLL that is supposed to conform to ECMA-335, I see the PE Header well defined up to 0x1EF, but there seems to be block between 0x1F0 and 0x208 which is mainly 00's that ...
Hmm Right's user avatar
Hmm Right
  • 11
1 vote
1 answer
195 views

Static Offset in PE

I am making a crackme, that get's hexadecimal values and converts it to ASCII to get the password. The problem is I use a part of code into the main function to search the opcodes from .text section ...
jame's user avatar
jame
  • 111
0 votes
1 answer
155 views

How can I tell if a virus was made by Russians? [closed]

I have been looking around quite a bit on the internet for something that could tell me more than basic section on a binary. I have a PE file and usually I see just what compiled it (MSVS or GCC ... ...
LUser's user avatar
LUser
  • 793
2 votes
0 answers
3k views

Unpacking Inno Setup installers with InnoExtractor?

I want to know how to use the application InnoExtractor to unpack/extract the files of Inno Setup installers. Some good tutorial/video to learn? I get this application from here.
user8067's user avatar
user8067
  • 21
42 votes
8 answers
82k views

Is there any way to decompile a .NET assembly or program?

Are there any tools available to take an already compiled .dll or .exe file that you know was compiled from C# or Visual Basic and obtain the original source code from it?
APerson's user avatar
APerson
  • 927
43 votes
3 answers
28k views

Unpacking binaries in a generic way

I find that more and more often binaries are being packed with exe protectors such as upx, aspack etc. I tried to follow a few tutorials on how to unpack them but the examples are often quite easy ...
Remko's user avatar
Remko
  • 3,283
19 votes
4 answers
15k views

Checking if an .exe is actually a .jar wrapped in an .exe

Let's say I have a .jar file and wrap it into a .exe using any number of free utilities out there, like JSmooth. Would it be possible to tell, given just the .exe, if it was generated using one such ...
APerson's user avatar
APerson
  • 927