reverse-engineering

checksum calculation

To calculate CRC I found a piece of code but I am not understanding the concept. Here is the code: count =128 and ptr=some value; calcrc(unsigned char *ptr, int count) { unsigned short crc; unsigned char i; crc = 0; while (--count >= 0) { crc = crc ^ (unsigned short)*ptr++ << 8; i = 8; ...

Creating an entity diagram of a database without any foreign keys

I need to create an entity diagram of a MSSQL 2005 database. Relationships are defined by using primary keys consistently, but there are no foreign keys anywhere. I tried Microsoft Visio's "Reverse Engineer" function, which of course failed due to the lack of foreign keys. Therefore, I need a diagram tool which doesn't solely rely on f...

How do I disassemble a Python script?

Earlier today, I asked a question about the way Python handles certain kinds of loops. One of the answers contained disassembled versions of my examples. I'd like to know more. How can I disassemble my own Python code? ...

What is the difference between re-engineering and reverse engineering?

What is the difference between re-engineering and reverse engineering? Simple example is much appreciated if provided. ...

Problem with Reflector and Automatic Properties

I've just disassembled a project to debug it using Reflector, but it seems to balk at decoding the 'compile results' of automatic properties, e.g. the next line gives me a syntax error. I've tried fixing these manually, but every time I fix one, more appear. private string <GLDescription>k__BackingField; Is there anything I can do ab...

How to hide strings in a exe or a dll?

I discovered that it is possible to extract the hard-coded strings from a binary. For example the properties view of Process Explorer displays all the string with more than 3 characters. Here is the code of a simple executable that I wrote to simply test it: #ifndef _WIN32_WINNT #define _WIN32_WINNT 0x0501 #endif #include <stdio.h> #in...

How can I find the data structure that represents mine layout of Minesweeper in memory?

I'm trying to learn about reverse engineering, using Minesweeper as a sample application. I've found this MSDN article on a simple WinDbg command that reveals all the mines but it is old, is not explained in any detail and really isn't what I'm looking for. I have IDA Pro disassembler and the WinDbg debugger and I've loaded winmine.exe...

Re-Implement 3rd party TCP Java client

I need to know if there are any tools to figure out the interface to a TCP client. My Company has purchased a 3rd party tool and we really like the Server side and most of the client side. I would like to see if I can figure out the calls that the client side makes to the server so I can create the client side functionality we want. I...

What tools are best for learning reverse engineering.

I am starting to learn reverse engineering and wanted to know what tools people are using and what the pros and cons are to each. I have been using .Net Reflector to reverse engineer .Net apps but I also have to work with old COM dlls and it would be great to figure out what they are doing. Many of the developers who wrote them didn't ...

How to get the structure of software if there is no document?

I am reading a project code, however there is nothing but some .cpp and .h source files. How can I get started and get the structure of the software? ...

Monitoring API calls

I am doing some reverse engineering and want to know which APIs are called from the executable. I am mostly interested in the APIs called on a particular Windows system DLL. I guess one way to do that is to get all APIs exposed from the DLL using dumpbin and put breakpoints on all those from Windbg. Any other approach? This seems like...

How to find the location of a string in memory (have the physical offset)

Hello, i need to find a str[possibly n]cmp out of a hostile binary file. problem is there are a billion in the disassembly. I know it is there becuase of the help from strings. I am disassembling a binary that does not have 'otx' (the dissassembler that puts in the strings for you :) ) I need to know how to find the memory offset of th...

Edit (patch) a binary file in IDA Pro

Hi, i would like to know how to edit a binary file in ida pro (i just need to change one instruction!) (its ARM binary) thanks ...

How to get method signatures from a jar file?

I have a third-party jar file that comes with the javadocs for only part of the API. Is there a way to reverse engineer the jar file to obtain a complete listing of classes and methods? ...

Will arguments to a function be passed on the stack or in a register?

I'm currently analyzing a program I wrote in assembly and was thinking about moving some code around in the assembly. I have a procedure which takes one argument, but I'm not sure if it is passed on the stack or a register. When I open my program in IDA Pro, the first line in the procedure is: ThreadID= dword ptr -4 If I hover my cur...

Modifying a program to fake a button press

I have an MFC application that I was given (without source code) which opens a window with an 'Update' button, which then performs a very long update after being clicked. I'd like to modify the program so that when the window is created (or somewhere else such as DoModal), a message is sent to the program to make it think that the butto...

Reverse engineering a statistics data file from my insulin pump controller

This may or may not be a grey area subject, though my intentions are certainly not, so my intention is not to stir up an ethical debate on the topic of reverse engineering. I'm a type 1 diabetic currently undergoing pump therapy. I'm an OmniPod user, it's a disposable pod that adheres to my body and dispenses insulin for 3 days. It'...

How can I generate this hash?

I'm new to programming (just started!) and have hit a wall recently. I am making a fansite for World of Warcraft, and I want to link to a popular site (wowhead.com). The following page shows what I'm trying to figure out: http://www.wowhead.com/?talent#ozxZ0xfcRMhuVurhstVhc0c From what I understand, the "ozxZ0xfcRMhuVurhstVhc0c" part of...

How would I reverse engineer a cryptographic algorithm?

I wrote an application that encrypts text in this way: Get the input text Reverse the text Convert to hexadecimal XOR with a key Base64 encode Now, I didn't do a lot of encryption/encoding myself, so my question might sound stupid, but, say I get a file which has a content from the above algorithm and I didn't know about this algorit...

java class recompiling

I have a program where some java classes are available. It is possible to decompile them. Is it possible to modify the source code of a class and recompile it, without having all the other .class ? For example, suppose I have a dog.class file, that implement a subclass of animal, which is defined in animal.class. - Can I recompile dog...