Questions tagged [binary]
Files with machine code directly readable by the CPU or the interpreter. It encloses any executables, libraries, object code or memory dump of the analyzed software.
154 questions
0
votes
1
answer
288
views
Why after patching (x32dbg/OllyDbg) a simple binary, executed triggers UAC and launches new shell window instead of running on present as original?
I am modifying and testing a very basic Windows executable made by me (using an old 32 bit gcc[MinGW] compiler and an up-to-date Windows 11), to start doing very basic reversing from a program ...
- 133
0
votes
0
answers
58
views
Trying to open the Sprite files from Cookie Shop DS with Python 3.x
I’m trying to rip all of the Cookie Shop DS character sprites by using Python. I already got pypng installed but I don’t understand saving as “cookie2png.py”, It’s too hard for me too do.
Can you help ...
- 1
3
votes
1
answer
160
views
Ghidra is missing known code sections found in Binary Ninja. What settings to change in analysis?
I am studying binary lifting and the impacts of intermediate language representations. I have a binary that is an x86 PE file with a stripped header. I have many of these files so I need a more sample ...
- 31
0
votes
0
answers
85
views
Decompile or analyse injected /usr/bin/cat
I'm trying to decompile or analyse an injected Linux executable binary file /usr/bin/cat ,and find the injected code as a readable.
Need some tips as a beginner how to find the injection method if it'...
1
vote
0
answers
72
views
Tool for reverse-engineering M7702 binary?
I'm considering reverse-engineering a 1994-era embedded system which CPU is a Mitsubishi M37702S1AFP with external 128k × 8 EPROM that I know how to read.
The CPU has 16-bit registers A, B (data), X, ...
- 186
3
votes
1
answer
118
views
Reverse engineer a blackbox function operating on single or double precision floats for emulation
I own and run a NEC VectorEngine 10C which is a PCIe accelerator running a proprietary ISA which has many fun instructions among them is VRSQRT which computes an approximation of the inverse ...
- 131
2
votes
0
answers
191
views
Does AnyOne knows how to reverse python file that is encoded into elf binary .cpython-310.so extension? Please Help me Out
Following is the link to the file that I want to reverse. This is the python file that is encoded in cpython or cython and it is now a binary file.
Please help me to decode it as it is very important ...
2
votes
0
answers
134
views
How to decode this rbf file?
I am trying to decode this file but so far I have no luck. I tried with binwalk and other decoders but still did not see a way of decoding. Any help, more than welcome. The file supposed to have GPS ...
3
votes
1
answer
248
views
Unusual datetime format
I am looking at the registry keys created for three programs from a now defunct company, one of which is trial software. One entry of interest is the REG_BINARY key InstallTime. I have an idea of what ...
- 153
2
votes
0
answers
851
views
Firmware Binary Reverse with Ghidra returns only few codelines decompiled with truncated code
I have tried to decompile the firmware binary of a microcontroller that should be an STM32 (but I'm not sure about this).
After the analysis I get only few codelines with a lot of similar messages:
...
- 121
2
votes
0
answers
275
views
Fix screen resolutions to landscape in bios
I've got an x86 tablet (Dere D10). It works fine, except the screen reports portait resolutions (1200x1920, 768x1024, 600x800, etc.) which causes bootloaders (windows recovery menu, grub, ventoy, etc.)...
- 21
2
votes
0
answers
101
views
Where can I find these compilers given in the Rich Header of a system BIOS file?
I am working on a project which deals with the BIOS file of a well known manufacturer.
I recovered the file from the disk partition which stores and uses the file in case BIOS is corrupted or its ...
- 465
1
vote
2
answers
687
views
Changing the jne to je instruction causes program to generate error
I'm trying to change the instruction from jne to je
I've change an instruction
75 0c jne [some_location]
75 0c is a 2 jump instruction.
So, I've a chaged it to from 75 0c to 74 0c which is ...
- 63
1
vote
1
answer
408
views
How To Access Predefined Class Attributes From IDA Pro After Loading The Binary Without Debugger Attached To Process [closed]
I have this class with constructor offsets and attributes:
public class example
{
// Fields
public float Attribute_1 = 1.5f; // 0x8
public int Attribute_2 = 102 ; // 0xC
// RVA: ...
- 21
0
votes
0
answers
117
views
Reverse Engineering CHALLENGE
I have a BIN firmware archive file starts with 04 02 which is unknown to me
what makes me sure it is an archive file is the source I got it from
BINWALK and all other known tools failed to identify ...
- 1
3
votes
1
answer
729
views
What is data only exploitation?
I was wondering, and after trying to read for the past several months I got totally lost and don't understand this concept. Could someone please explain in simple words the concept of data only ...
- 31
0
votes
0
answers
567
views
Extract smartwatch firmware bin file
I'm trying to extract files from a bin file that's the firmware of a smartwatch.
I tried using
binwalk -Mre firmware.bin
but got no files, this is the result:
How should I extract/modify this bin ...
- 1
1
vote
2
answers
2k
views
Is it possible to reverse CGI binary file?
I wanna reverse CGI binary file.
Is it possible?
What are the recommended tools and guides?
Thank you for reading my question.
$ file test.cgi
status.cgi: ELF 32-bit LSB executable, ARM, EABI5 ...
- 119
1
vote
1
answer
750
views
IDA Pro, How to forcefully disassemble "mips 32" instead of "mips 16"?
While disassembling a mips binary, IDA Pro attempts to disassemble into mips 16 mode, even though It's mips 32 ISA.
Below is that code snippet.
.text:XXXXXXXX .set nomips16 # <= ??
.text:...
- 153
1
vote
0
answers
163
views
What type of file has the file signature 'BOOT'?
I have a .bin file which I am trying to disassemble into something that I can edit. Given that binary files can contain just about any binary data, I found it difficult to assess what file data is ...
- 61
3
votes
0
answers
1k
views
How to get the functions that call or access a string in Binary Ninja?
I am reversing engineering a program. Right now I was using Hopper.
With Hopper once I find a string I can right click and I have an option call "References to ..."
that will return a list ...
- 531
3
votes
1
answer
1k
views
Advanced Binary Exploitation CTF
I wanted to ask your assistance: Where can I find advanced ctfs (that hopefully contain solutions) regarding binary/kernel exploitation? I am interested on finding x86_64 linux/windows/arm64 that ...
- 56
0
votes
0
answers
1k
views
Decoding messages sent/received by Python websocket client
I am using the websocket module for my client in python3, and I am trying to troubleshoot some errors I am getting that lead to the client disconnecting after seemingly random intervals.
When I ...
0
votes
1
answer
232
views
How do i identify parameters function of md5sum of specific binary?
So, i downloaded the binary. Here are some details before moving forward:
revbinary: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2,...
- 103
1
vote
1
answer
5k
views
How to open new window of decompiler or resize the decompiler of Ghidra?
This is very small and inconvenient to read. How do i open new Window (any shortcut key) or resize it, for some reason i cant resize.
Any help?
EDIT: Oh thanks Shane Riley, i clicked the blue button ...
- 113