reverse-engineering

Tools to help reverse engineer binary file formats

What tools are available to aid in decoding unknown binary data formats? I know Hex Workshop and 010 Editor both support structures. These are okay to a limited extent for a known fixed format but get difficult to use with anything more complicated, especially for unknown formats. I guess I'm looking at a module for a scripting language...

direct show source filter debug

i have direct show source filter which i'd like to know what it does internaly. it is skystar2 card sdk dshow source filter, id' like to know how does it get stream of data from pci card driver and how it comunicates with it , how can i debug or reverse thiS? ...

Protect .NET code from reverse engineering?

Obfuscation is one way, but it can't protect from breaking the piracy protection security of the application. How to make sure that the application is not tampered with, and how to make sure that the registration mechanism can't be reverse engineered. Also it is possible to make to convert C# app in native code, Xenocode is too costly. ...

How to reverse engineer binary file formats for compatibility purposes

I am working of a file preparation software to enable translators work easily and efficiently on a wide range of file formats. As far as text-based formats (xml, php, resource files,...) are concerned, my small preparation utility works fine, but a major problem for most translators is to handle all kinds of proprietary binary formats ...

Google's Imageless Buttons...

There have been a few articles recently about Google's new imageless buttons: http://stopdesign.com/archive/2009/02/04/recreating-the-button.html http://stopdesign.com/eg/buttons/3.0/code.html http://stopdesign.com/eg/buttons/3.1/code.html http://gmailblog.blogspot.com/2009/02/new-ways-to-label-with-move-to-and-auto.html I really lik...

Deciphering MMORPG Protocol Encoding

I plan on writing an automated bot for a game. The tricky part is figuring out how they encoded their protocol... To make the bot run around is easy, simply make the character run and record what it does in wireshark. However, interpreting the environment is more difficult... It recieves about 5 packets each second if you are idle, henc...

How can I reverse engineer scrambled packets in a windows app?

I have a windows exe app that used to sends packets to a server in the clear. This app (lets call it the client app) is definitely close sourced, but some clever hacker hex-edited the binary, and made it send packets that are scrambled. Now, obviously, those packets are scrambled in a way that is decipherable (otherwise the server would...

Where is Reverse Engineering used?

I ask myself where reverse engineering is used. I'm interested at learning it. But I don't know if I can/should put it on my CV. I don't want my new chief to think I am an evil Hacker or something. :) So is it worth it? Should I learn it or put my effort somewhere else? Is there a good Book or tutorial out there? :) ...

How does one disassemble Pro*C/C++ programs?

Is there a way to disassemble Pro*C/C++ executable files? ...

Identifying Algorithms in Binaries

Does anyone of you know a technique to identify algorithms in already compiled files, e.g. by testing the disassembly for some patterns? The rare information I have are that there is some (not exported) code in a library that decompresses the content of a Byte[], but I have no clue how that works. I have some files which I believe to be...

Disassemling a Win32 DLL with symbols

I've scoured Google and found to large a variety of tools and answers. I want to disassemble a DLL into something at least readable, e.g. recognise Win32 API calls by their names etc. How do I go about this? ...

What is your favourite anti-debugging trick?

At my previous employer we used a third party component which basically was just a DLL and a header file. That particular module handled printing in Win32. However, the company that made the component went bankcrupt so I couldn't report a bug I'd found. So I decided to fix the bug myself and launched the debugger. I was surprised to fin...

Attempted to read or write protected memory when calling native C DLL.

I have a native C dll that exports one function besides DllEntryPoint, FuncX. I'm trying to find out how FuncX communicates with it's caller, because it has a void return type and no parameters. When I call it from a C# harness, I get an AccessViolationException - Attempted to read or write protected memory. I have a hunch that its cl...

Protecting my code from reverse engineering

As discussed in similar questions here and here I want to protect my code from reverse engineering. My situation is as Simucal describes in his (excellent) answer here: Basically, what it comes down to is the only chance you have of being targeted for source theft is if you have some very specific, hard to engineer, algorit...

Issues and Advantages with obfuscation of Algorithms and Software versus Patenting?

There's been quite a few questions about Obfuscation and how to avoid Reverse Engineering, etc... that got me thinking about a few points: Why do people believe that they have some incredibly valuable algorithm. Even if an algorithm is awesome, a single algorithm doesn't make a program. The experience and Business model have more powe...

Finding a function in a disassembly.

I'm busy following a tutorial where the author uses DUMPBIN to list exports, and OllyDbg to get the assembly code for an exported function. How would I find the functions code in the complete disassemly, given that the export tables RVA's don't correspond to real addresses in the disassembly. ...

Reverse engineer C++ DLL

I have a small utility that was originally written in VS2005. I need to make a small change, but the source code for one of the dlls has been lost somewhere. Is there a free or reasonably priced tool to reverse engineer the dll back to C++ code. ...

Reverse Engineer SQL2008 Database to Diagram

Visio 2007 support reverse engineering a MSSQL Database. However, SQL2008 is not supported (link). Are there other (free?) tools that can do this? thx. ...

Is reflection reverse engineering?

You can find out a great deal about the internals of an application through reflection, it's exposed by the .NET BCL (base class library) and it makes it trivial to retrieve actual IL for any .NET method. Reverse engineering on Wikipedia: Reverse engineering is the process of discovering the technological principles of a device,...

How can I find out which programming language was used to write any web site?

If there is no file extension on the end of the URL, how can I find out which programming language - PHP, .Net, ASP, etc. - was used to write a particular website? For example - www.andromeda.mn. Answers: uptime.netcraft.com/ -- Dave Webb builtwith.com -- Jason M Insert after url ?=PHPE9568F34-D428-11d2-A769-00AA001ACF42 -- thomasr...