Newest Questions

Ask Question
9,848 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
0 answers
8 views

I'm trying to understand the format of the data sent over the LIN bus in a Volvo car. I read a few frames from register 00. One loop looks like this: 40 00 44 01 00 00 00 01 40 00 95 03 00 00 00 01 ...
hub's user avatar
  • 1
0 votes
0 answers
18 views

I am currently engaged in a deep reverse engineering challenge concerning the HPE SmartMemory authentication mechanism used in ProLiant Gen10 servers (specifically tested on a DL380 Gen10). The goal ...
Next Server's user avatar
  • 1
0 votes
0 answers
23 views

I am trying to dump a Macronix MX35LF1GE4AB NAND SPI flash chip. The way I do is via a custom pytohn script implemented upon: https://github.com/pc-magas/MX35LF1GE4AB_dump The core logic is to iterate ...
Dimitrios Desyllas's user avatar
  • 131
0 votes
2 answers
68 views

I'm working on a decompiler for a language for which I only have the bytecode. I have this graph (and several others with similar patterns) for which I can't seem to figure out the actual pseudo-code ...
DeepQuantum's user avatar
  • 103
0 votes
1 answer
30 views

I have two long files, both with encrypted data at the top, when diffing both files the only parameters that change are the parameter itself and the checksum (last 4 bytes of data). If i have a pair ...
VS VIPER's user avatar
  • 1
0 votes
0 answers
31 views

I'm trying to reverse engineer an old embedded system that has a NEC v40 on it, which is very similar to an 80186 (more like 80188) I guess. As a member of the x86 family, it has a separate I/O memory ...
andrejr's user avatar
  • 101
0 votes
1 answer
29 views

I have a Linux kernel that I open with Ghidra. There is a task_struct that I want to map all the fields. The problem is that os big struct (around 3000 bytes) and have lot of ifdef in the source code. ...
Polo1990's user avatar
  • 1
0 votes
0 answers
24 views

System Details (taken from details listed by UTM about the VM): - Windows 10 Home Edition Virtual Machine via UTM running on ARM MacBook Pro M4 - Emulates x86_64: Standard PC (Q35 + ICH9, 2009) (alias ...
Eshan Kelkar's user avatar
  • 1
0 votes
0 answers
71 views

I'm a beginner with Frida. When I first started using Frida, I encountered an error. Android version: 11 frida-server version: 17.0.7 └─$ pip list | grep frida frida 17.0.7 ...
ho1 tian's user avatar
  • 31
0 votes
0 answers
59 views

I am starring at a lot of assembly code for the Espressig ESP32 (Tensilica/Cadence Xtensa LX6 core) recently and I've been asking myself why I see a lot of functions which look like the following: ...
Matthias W.'s user avatar
  • 101
3 votes
0 answers
40 views

I am currently researching a facial recognition attendance system for Android. I would like to know how it stores the list of people who have attended. In my opinion, apart from sockets, the only way ...
ho1 tian's user avatar
  • 31
0 votes
0 answers
23 views

Has anyone managed to disable Frida's protection in mobile games? I'm not using an emulator, just a mobile phone. I need to get information at the beginning of the game as soon as it opens, because ...
CENTRAL's user avatar
  • 1
0 votes
0 answers
21 views

I've been working for a while on decoding libocos files from the company TianJi Information Technology Inc. I tried using ida Pro debugger and Frida, but they have blocking mechanisms. I tried using ...
CENTRAL's user avatar
  • 1
0 votes
1 answer
389 views

I am modifying and testing a very basic Windows executable made by me (using an old 32 bit gcc[MinGW] compiler and an up-to-date Windows 11), to start doing very basic reversing from a program ...
nostromo's user avatar
  • 133
0 votes
0 answers
33 views

(original png) It's a multi level challenge. While examining through zsteg I found 2 zlib compressed file and a binary executable. I have uncompressed one of the zlib which gave long hex string, which ...
Roshan Kumar's user avatar
  • 1
0 votes
0 answers
64 views

I’m using IDA Version 5.0 to disassemble 16-bit DOS utilities (later versions of IDA don’t fully support 16-bit DOS code). These utilities were created using custom (not commercial) libraries. I have ...
David00's user avatar
  • 1
0 votes
0 answers
27 views

I have a nanoMIPS binary that uses the __adddf3 low-level functions to software-emulate floating point. It's clearly intended to be used on a machine with no floating point hardware. Is there a ...
John Källén's user avatar
  • 1,084
0 votes
0 answers
39 views

What I'm going to do is writing a client for Half-Life, that can connect to a server, process it's packets and reply with new packets, as if it was a normal game's client. There's plenty of custom ...
Orangelite's user avatar
  • 1
1 vote
1 answer
176 views

Is just a very concrete question. If is it possible to write a C program (and how) that once passed through ROPgadget app, it throws, at least, this/one/a: sub rsp, 0x{some-offset} ; ret I would like ...
nostromo's user avatar
  • 133
0 votes
0 answers
41 views

i have a PowerPC RE project with a large function (about 3600 lines in decompile) which several times a day Ghidra by itself decides to split in two parts, since there are a few bytes it cannot ...
karsten's user avatar
  • 103
0 votes
0 answers
176 views

I'm currently creating a private server for a game that closed almost a year ago, and I'm stuck at a point where my server has to respond to the game to populate the server list. The problem is that I ...
Skipper57's user avatar
  • 1
0 votes
0 answers
18 views

I research kernel object (ko file that loaded into kernel) in Android aarch64 . Is there any way to make code coverage to kernel object? That ko don't print any log to kmesg. Maybe is there any way to ...
Polo1990's user avatar
  • 1
0 votes
1 answer
194 views

I am trying to install the labeless plugin for x64dbg (and IDA Pro) in Windows 11 (64 bit). I don't know why I am not succeeding. Perhaps packages are incomplete, because are too old (as tutorials [e....
nostromo's user avatar
  • 133
0 votes
0 answers
39 views

I am having trouble with interleaved ROMs on Ghidra. It does not disassemble the binary instructions to the expected assembly language. I am trying to find out how to turn tire wear off in the arcade ...
tangodownNZ's user avatar
  • 1
1 vote
0 answers
151 views

I'm localizing a Unity IL2CPP game. All data files, as well as localization files, are encrypted in a custom .dat format. I'm currently trying reverse engineering to decode them. I found out that the ...
Alba's user avatar
  • 11
0 votes
0 answers
69 views

I've been working on reverse engineering a Unity game (IL2CPP) to analyze its encryption methods, but I've hit several roadblocks and would appreciate guidance from more experienced reversers. What I'...
TrueSurf's user avatar
  • 1
0 votes
0 answers
47 views

I have some object code produced by a Fortran compiler, which claims to be optimizing, for a legacy mainframe platform. I am trying to figure out the source code which would compile to the same object ...
Leo B.'s user avatar
  • 235
0 votes
0 answers
40 views

Hey folks — stuck on this crackme: https://crackmes.one/crackme/67124a279b533b4c22bd16a1 I found a serial that only works when the debugger is attached. Run the EXE normally and the serial gets ...
Antonio Pagano's user avatar
  • 1
0 votes
0 answers
28 views

I am trying to replace an old YouTube API key from my old STB receiver firmware. I first dumped my receiver firmware to my USB, located the YouTube API key in the firmware file at 4126535 (0x3ef747 in ...
Ammar Elmesaly's user avatar
  • 1
0 votes
0 answers
40 views

I am developing Ghidrascripts with Eclipse Version: 2025-09 (4.37.0). I want to compile the module GhidraEmulatorUI, GhidraEmulatorUI but Eclipse does not find class GhidraPythonInterpreter used in a ...
karsten's user avatar
  • 103
0 votes
1 answer
66 views

I have tried every tool to decrypt the following PPOE password but I failed. Does anyone know how to decrypt it? I Wana shift it to my new Router for Better Wifi Signal. PPOE Password: ...
Talha Sarfraz's user avatar
  • 1
1 vote
0 answers
53 views

IdaPro newbie question here: I have analyzed an Delphi executable with Ida and the function names and variables were "demangled" as in .text:00000000008008AE loc_8008AE: ; CODE XREF: ...
Mihaela Tarasov's user avatar
  • 11
0 votes
0 answers
82 views

I decompiled the code of an Android app. I'd like to find the portion of code that forces the user to update when a new version is detected. This is, however, complicated due to the significant amount ...
Bento's user avatar
  • 101
0 votes
0 answers
71 views

In IDA Pro 8.4 (Hex-Rays), I want to replicate what pressing Y on a local variable does: change its type so The declaration updates, All uses are rewritten (casts added if needed), The change ...
thando's user avatar
  • 101
2 votes
1 answer
222 views

I would like to disassemble some of the ROMs of an ancient computer, an IBM System/23 Datamaster, but I am lost. The computer has a ROM from which it performs IPL and the rest of them have some sort ...
Borg Drone's user avatar
  • 123
1 vote
0 answers
72 views

Could you please advise on how to resolve the issue with variable display in the Locals window during debugging? When execution is halted at a breakpoint at the beginning of a function, the variables ...
LamerDrv's user avatar
  • 11
0 votes
0 answers
68 views

I am trying to change a JC instruction to a JMP instruction, but keep the same jump address. When I tried using the assemble function in ghidra.app.plugin.assembler.AssemblyBuffer it kept changing the ...
Bob's user avatar
  • 1
0 votes
1 answer
164 views

Long time ago I used lighthouse that attach Frida and output a file that I can load to Ida to see code coverage . I see that the repo is not maintenance. 1. 2 etc. Do you know another tool that do ...
Polo1990's user avatar
  • 1
0 votes
0 answers
59 views

I have a display from TurzX where I can display CPU, GPU, etc info. I want to show the DLSS version and preset in the display. The reason for this is I just want to disable the in-game DLSS overlay ...
Aimkiller's user avatar
  • 101
0 votes
1 answer
368 views

Can somebody explain the unpacking/packing concept in this context? (Packing can mean different things in computing, like for example, compressing different numbers to make the most of the space in a ...
nostromo's user avatar
  • 133
0 votes
1 answer
376 views

I am building an AI agent to play this Block Breaker game by Google. My goal is to provide my agents with precise information about the game state, but also the ability for me to manipulate the game ...
Anonymous dev's user avatar
  • 1
0 votes
0 answers
99 views

IDA Pro's debugger has a PIN Tracer. To use the PIN Tracer, I installed the PIN and built idadbg64.dll. I referred to https://docs.hex-rays.com/user-guide/debugger/debugger-tutorials/debugger_pin and ...
Shohei Otani's user avatar
  • 1
16 votes
1 answer
5k views

I am trying decode some images from an old Japanese videogame. I am not very good at reverse engineering, nor at programming, and I can't make sense of what file format this is or how to go about ...
Minotaur's user avatar
  • 163
0 votes
1 answer
86 views

I'm trying to run Piracálculos, a game made for the OLPC XO. I downloaded the .xo file, renamed it to .zip, extracted it, and then tried to work with the sugarPiracalculos file at /Piracalculos....
Dilan Zelsky's user avatar
  • 1
0 votes
1 answer
88 views

I'm writing a MN103 disassembler for the Reko decompiler. I'm basing the disassembler on documentation like MN1030/MN103S Series Instruction Manual (Pub.No.13250-040E). The sample binaries I have ...
John Källén's user avatar
  • 1,084
0 votes
0 answers
69 views

Hello all, The Crumar Mojo Classic is a type of organ (the musical kind, not the body kind) that tries to emulate the old Hammond/B3 organ sounds that are well known from Rock, Jazz et cetera as ...
bitbang's user avatar
  • 1
0 votes
0 answers
103 views

so I'm trying to extract assets like sounds and images out of a game called Road To Valor: WW2. I pulled the apks and eventually got to a file called resourcemain. I set its extension to bundle and ...
Frostyy's user avatar
  • 1
0 votes
1 answer
185 views

conhost cmd /c powershell /ep bypass /e ...
Joe Cotter's user avatar
  • 1
0 votes
0 answers
44 views

The vendor is charging thousands for a software that can do much more than I need... I need the following: Take the .hds file, and import it into a python program in a pandas dataframe or numpy array. ...
Patate324's user avatar
  • 1
0 votes
1 answer
122 views

I would like to reverse engineer a communication protocol encryption (ccTalk BNV), where I have access to the following: a windows application (test program), that can send unencrypted and encrypted ...
Yohnsee's user avatar
  • 3

15 30 50 per page
1
2 3 4 5
197