All Questions
23
questions
0
votes
0
answers
47
views
How to get which Tedit is referenced when retrieving text
Reversing a borland builder 6 application, I came across this function: @Controls@TControl@GetText$qqrv
Now, the two parameters for the function are:
LEA param_2=>local_8,[EBP + -0x4]
MOV param_1,...
- 1
0
votes
0
answers
48
views
Why a breakpoint works in x64dbg but not in IDA?
I've spent all morning trying to find a solution to debug with IDA the same function I'm debugging in x64dbg.
In x64dbg, I just go to Symbols -> ws2_32.dll -> WSARecvFrom -> F2 (set ...
- 161
2
votes
1
answer
136
views
Understanding the logic behind decompiled code
Hi I was learning reverse engineering by doing some crackme(s) found online using IDA and x64dbg.
I'm quite confused on the below decompiled code.
bool Logic()
{
char CODE[] = "RAND_STRING&...
- 151
2
votes
1
answer
554
views
Instead of doing a (long) analysis of an .exe, can i run that .exe, attach Ida Pro's debugger to it, and get the pseudo code of functions i want?
Basically, I have this 64 bits game.exe file which is about 400mb. It takes about 24 hours to do the analysis of the file in Ida pro 64 bits free version.
Problem is i have to do it again cause there ...
- 73
2
votes
0
answers
159
views
Find an address of injected code via GetModuleHandleA
I am reversing really old game (20 years old).
l2.exe loads Dsetup.dll Network.dll. (not sure about order)
inside of the Dsetup.dll i found and injection (kind of protection) into module Network.dll. ...
- 121
0
votes
1
answer
747
views
How do I find a function and find out what it does using reverse engineering?
I am attempting to find a function in a specific game. Is there any way that, using the assembly code I get from decompiling the game in either IDA or x64dbg, I can locate a function I am specifically ...
- 39
2
votes
1
answer
840
views
Finding function from pattern
I have been trying to reverse engineer a game for a while now. I have a pattern already for the function I want to find:
\x89\x54\x24\x10\x4C\x89\x44\x24\x18\x4C
\x89\x4C\x24\x20\x48\x83\xEC\x28\x48\...
- 39
2
votes
0
answers
400
views
Strange exception thrown while debugging in Win10, but not Win7
I am disassembling a legacy 32-bit (x86) application using IDA Home (7.6) (for x86 disassembly) in a 64-bit Windows 10 environment running in a virtual machine (VMWare Fusion for Mac). The application ...
- 121
1
vote
1
answer
807
views
A tutorial or docs to unpack a custom packed PE
I am facing an odd situation. I have a licensed game that's doing odd actions on the system. I isolated it as I could and observed the behavior both network and so forth, and I suspect it's a custom-...
- 11
1
vote
0
answers
877
views
Is there a clear Ollydbg successor?
I used Ollydbg 2.01 back in 2014 when Olly was working to create a 64-bit version. I was very eager to see the 64-bit version, but sadly that never came to pass. I abandoned reverse engineering for ...
- 11
0
votes
2
answers
1k
views
Breaking on string access from StringTable (resource)
If I have a resource like this:
STRINGTABLE
LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US
{
100, "OK"
101, "Warning"
102, "Error"
103, "Name"
104, &...
- 319
1
vote
1
answer
379
views
Reverse engineer sticky notes to allow external script to open new notes
For a silly little project I wanted to do, I wanted to make it so that I could open new notes (Microsoft Sticky Notes) from an external script - preferably python. Although I'm not good at reverse ...
0
votes
2
answers
2k
views
Finding function in IDA from x64dbg
I've found a function I want to call in x64dbg, and wanted to see it's prototype and how it looks like in IDA. However, I was expecting to see a function in IDA but land in the middle of one.
The ...
- 3
0
votes
1
answer
598
views
Debug with IDA Pro right click option
So I was wondering if is there a way for IDA to appears in the righ click options of an executable.
As you can see, Debug with x64dbg was built by itself, IDA 32 didn't do, so I just changed it in ...
- 153
-2
votes
1
answer
4k
views
Debug and crack .NET executable PE
i'm trying to learn reverse engineering for penetration testing my codes and i believe i won't learn unless i can do some practical so
I'm trying to crack an application that is written in C# and all ...
- 101