Skip to main content
Reverse Engineering

Questions tagged [debugging]

Ask Question

Process of analyzing live programs through software (e.g. ptrace) or hardware (e.g. JTAGs) devices.

632 questions
Newest Active Bountied Unanswered
Filter by
Sorted by
Tagged with
0 votes
0 answers
18 views

I research kernel object (ko file that loaded into kernel) in Android aarch64 . Is there any way to make code coverage to kernel object? That ko don't print any log to kmesg. Maybe is there any way to ...
Polo1990's user avatar
  • 1
0 votes
0 answers
59 views

I have a display from TurzX where I can display CPU, GPU, etc info. I want to show the DLSS version and preset in the display. The reason for this is I just want to disable the in-game DLSS overlay ...
Aimkiller's user avatar
  • 101
0 votes
1 answer
287 views

I allocated an RWX (PAGE_EXECUTE_READWRITE) memory region inside LSASS.exe (i tried a RX codecave), then wrote my shellcode there. After that, I tried to execute my shellcode via NtQueueApcThread → ...
Muhamba's user avatar
  • 1
0 votes
0 answers
77 views

I like a demo from a demoscene site called pouet.net, i want the source code of that file. i try to unpack the demo exe file with upx but it cannot unpack with it, because it is packed with so called ...
smallbee's user avatar
  • 101
0 votes
0 answers
75 views

a software called Android Utility v175 https://www.mfdl.io/ it is Checking for Update before redirect to Main Program so i wanted to bypass that update checking or something like to tell software that ...
MD SRK's user avatar
  • 1
0 votes
0 answers
60 views

I am analyzing calibration binary files of an embedded system (BMS) that likely uses a CRC-15 CAN checksum. From my firmware and bootloader file analysis, I have found a PECLookup table, which ...
Charles's user avatar
  • 1
0 votes
0 answers
132 views

I am trying to analyze a .NET file that I suspect is malicious. The file is protected by XerinObfuscator and also has Anti-dnSpy and Anti-debug protection. I tried to use de4dot to deobfuscate it, but ...
Nazar's user avatar
  • 1
0 votes
1 answer
216 views

Context I'm working on analyzing how a software's behavior changes when run with different parameters. My goal is to compare the execution traces (e.g., function calls, memory accesses, or instruction ...
MendelG's user avatar
  • 35
1 vote
1 answer
94 views

I am trying to attach the OllyDBGv2 debugger to an external program that is created by CreateProcessA found in a win32 based binary but I strongly suspect that the process is created/ran and ...
Sevren's user avatar
  • 113
0 votes
1 answer
204 views

Given this classic helloworld.c example, #include <stdio.h> int main() { printf("Hello world!\n"); } Under normal circumstances, a compiled EXE file consists of several sections, ...
wqte45's user avatar
  • 1
1 vote
1 answer
73 views

There are two or even more Android applications that somehow interact with each other: Application A invokes application B or sends request to it directly or via third application C. I don't have the ...
Max's user avatar
  • 113
1 vote
1 answer
132 views

How can I attach into an x86 process from windbg? currently I am waiting for the process to load then I am breaking into wow64cpu!KiFastSystemCall to switch into x86 context and only then put bp to ...
Michael's user avatar
  • 13
2 votes
2 answers
112 views

I've got a header file (I know the functions and have some documentation) and a .so file: From a wrapper library and from context, I need to call "Connect", but it does not work, just fails ...
Harry Blauberg's user avatar
  • 21
1 vote
1 answer
135 views

I got to the task of reverse engineering the ELF binary. I found out that it is a compiled SBCL. I have no idea how to do static or dynamic analysis, any tips (where to start, I found basically ...
Grandmaster's user avatar
  • 111
0 votes
0 answers
84 views

I would like to know how I can use reverse engineering technique to learn how Facebook/messenger send messages? I were analyzing my developer tools network tab, but couldn't find anything. Fiddler ...
innocent98's user avatar
  • 1
3 votes
1 answer
215 views

I'm currently debugging a program using x64dbg, and I'm struggling to set up a conditional breakpoint on the CreateFileW function: HANDLE CreateFileW( [in] LPCWSTR lpFileName,...
MendelG's user avatar
  • 35
0 votes
1 answer
93 views

I’m writing a C-SKY (CK803S) processor module for IDA Pro, and a question arose about offsets in transitions, small ones are fine, but long ones lead to nowhere, from the documentation: in code I ...
Andynvkz's user avatar
  • 53
0 votes
0 answers
118 views

I am just starting to learn reverse engineering from lena lectures. I have 2 encrypted sample vids and an offline player which is able to decrypt the videos and play them, is there any way,I can get ...
No One In particular's user avatar
  • 1
0 votes
2 answers
217 views

I'm trying to debug a game and it's closing under few circumstances: When debugging (solved by hooking IsDebuggerPresent to return false when called by the game) When setting a memory/hardware ...
kuhi's user avatar
  • 161
0 votes
0 answers
58 views

I'm able to find the ReadConsoleInputW commands for pause and reading input for commands but I'm unable to find the actual processing of the commands. I'm using x64dbg but I'm fairly new to Reverse ...
user19244091's user avatar
  • 1
0 votes
1 answer
275 views

I'm trying to reverse an apk but there is a strange thing that happens, probably something new for me, basically if I decompile only the resources (not dex files) and recompile it zipalign/sign, the ...
zwave's user avatar
  • 1
1 vote
0 answers
98 views

I'm searching for a software that is capable of decompiling x86 code in C-like code and run a debug session within it with the possibility to see the content of the variables. That above was a quick ...
Alby87's user avatar
  • 111
1 vote
0 answers
155 views

I was able to connect to the chip via SWD/openocd, but I can't figure out what chip it is (says SM9PQ1 2322-52 on chip, googled but cant find anything). I'm hoping to download the firmware after I ...
Low Est's user avatar
  • 11
0 votes
0 answers
95 views

I hope you all are doing well and staying safe. I am in the process of trying to understand how SuperScape stored data in their .VCA/LCA format, so I can extract the original SHAP and PAL data from ...
amoebame's user avatar
  • 1
2 votes
2 answers
168 views

What is the gdb command equivalent of bp MODULE_NAME+0x12345678 in WinDBG? I found this command useful to debug with ASLR (w/o disabling it).
alond22's user avatar
  • 113
0 votes
0 answers
262 views

So I've got this .exe that I want to crack. It's an old management system for people in truck loading business. I kind of understand what's happening with window API calls but I'm unable to access the ...
The one word assaulter's user avatar
  • 1
0 votes
1 answer
97 views

I am trying to debug a dex file from an APK file in IDA Pro. I set some breakpoints when launching the activity. When I start the process, the application waits for the debugger. After some time, IDA ...
Quayyum Ali's user avatar
  • 1
0 votes
1 answer
211 views

I'm following this tutorial here https://www.triplefault.io/2017/07/loading-kernel-symbols-vmm-debugging.html to load kernel symbols with debugging. Setting up the debug environment with IDA Pro using ...
Ballers's user avatar
  • 59
0 votes
1 answer
131 views

Goal: Trying to reverse encrypter to decrypter that successfully decrypts. This is the pseudo-code of the disassembled encrypting program. There are no function calls, and I've been able to somewhat ...
Brandon Gregory's user avatar
  • 1
1 vote
1 answer
436 views

In this pdf file written by the great Saleo: https://saelo.github.io/presentations/36c3_messenger_hacking.pdf Saleo was able to debug the called method names of imessage during runtime with ida pro, ...
rasputin's user avatar
  • 21
1 vote
0 answers
58 views

I'm patching an old game, and I want the retrieve the toggle fullscreen functionality it's supposed to have. In the menu, in the display tab, there is a disabled option of fullscreen mode that you can ...
Yair Derry's user avatar
  • 21
1 vote
2 answers
734 views

I'm currently debugging a program using x64dbg, and I'm wondering how to quickly jump to the start or end (prologue/epilogue) of a function while I'm in the middle of it. I couldn't find this ...
MendelG's user avatar
  • 35
2 votes
2 answers
275 views

Recently, I have been experimenting with using an M1 (Arm64) Mac full-time for RE work, including Windows on Arm under Parallels with x86(_64) binaries. From several online sources discussing this use ...
Benjamin Crawford Ctrl-Alt-Tut's user avatar
  • 131
0 votes
1 answer
230 views

I'm trying to debug a UWP application, and break on startup. However, when I start the application with windbg, the breakpoint didn't work. After further digging I found the process is started by ...
daisy's user avatar
  • 123
2 votes
1 answer
244 views

I'm trying to change the name of a button, but I can't find anything that references it. I looked for the CreateWindow function in the intermodular calls, but I only found a reference to the main ...
William Marques's user avatar
  • 21
1 vote
0 answers
173 views

I'm working on the challenges on ROP Emporium. For the ARMv5 version of the callme challenge, we are given two binaries and two shared libraries: callme_armv5 with libcallme_armv5.so and callme_armv5-...
jinscoe123's user avatar
  • 161
1 vote
0 answers
70 views

i have this problem when analyzing arm shared object. when working with IDA pro, it finds all xrefs but in jeb, most of xrefs are missing. when JEB finfishes, the final analysis lacks most of xrefs. I ...
shetal's user avatar
  • 51
2 votes
1 answer
246 views

The documentation for the Windows Debugger API mentions a debug event called RIP_EVENT. It offers little explanation of what a RIP_EVENT is, only stating that the structure "contains the error ...
tomysshadow's user avatar
  • 137
0 votes
1 answer
133 views

I have a USB device from a vendor (TRENDnet) that has the exact same chipset as a QNAP device with an available firmware patching tool. It's my belief that this firmware patching tool should work ...
Geruta's user avatar
  • 101
2 votes
0 answers
97 views

TLDR: How do I get a panel in radare2 to correctly show the output of a radare2 command piped to an external script? e.g. afvd | python var_displayer.py This is my current view. Multiple panels, ...
Khalid's user avatar
  • 21
1 vote
1 answer
88 views

I'm threat hunting and I'm curious if there should be a shell32.dll in the executable search path in windbg for winword.exe.
user avatar
1 vote
0 answers
107 views

I'm going to publish a library which guarded by anti-debug ,(ptrace_trackme for Linux and isDebuggerPresent for windows). The down side of this library is: users would be abled to debug their own ...
prgbenz's user avatar
  • 81
3 votes
0 answers
207 views

I know the question smells like I want a ready solution but I have been trying many things and after a lot of headaches, still I can't do what I want. There are fast emulators but they don't provide ...
shetal's user avatar
  • 51
3 votes
0 answers
98 views

I am a beginner at malware analysis. I have been trying to analyze Emotet using X64DBG. I followed the steps below and succeeded once, but when I repeated the same steps, I failed. Can you tell me if ...
KOT's user avatar
  • 31
4 votes
2 answers
343 views

I'm reverse engineering a malware that at some point tries to connect to http://api.ipify.org in order to get the IP address of the infected PC. I was able to replicate this behaviour with a small ...
Luca D'Amico's user avatar
  • 318
4 votes
0 answers
610 views

I'm trying to figure out why NSSavePanel fails in my SwiftUI app. I tried every possible documentation, or asking on the Swift programming forums - to no avail. I'm originally a Windows programmer, ...
c00000fd's user avatar
  • 1,770
3 votes
1 answer
65 views

more detailed see this In short, I want to skip syscall when recording program, but it seems that the program would always stop after ths syscall. Hope someone can help me. Thanks. below is running ...
An5Drama's user avatar
  • 133
3 votes
0 answers
114 views

i'm a newbie to this whole shindig, and have started with https://gamehacking.academy. i'm finding this fun, but am getting stuck here: when i try to apply a breakpoint using x32dbg, as in https://...
Axolotl Kumar's user avatar
  • 31
3 votes
0 answers
277 views

I start to use PEStudio for DLL analysis; I understand (more or less) everything, except the "exports (flag)" section: What does it mean the X in the flag column? So, what is a/the flag? ...
Gianluca's user avatar
  • 131
4 votes
0 answers
133 views

I have been having a really strange issue which I have tried all ways to troubleshoot from my end but was not successful. I am going through a malware analysis course and following the debugging ...
Daksh Kapur's user avatar
  • 41

1
2 3 4 5
13