Questions tagged [executable]
A file that can be processed (executed) by the CPU of the machine through the operating system accordingly to the instructions that it contains.
129 questions
0
votes
0
answers
75
views
Bypass Update Prompt to Run Main Program
a software called Android Utility v175 https://www.mfdl.io/
it is Checking for Update before redirect to Main Program so i wanted to bypass that update checking or something like to tell software that ...
- 1
1
vote
1
answer
141
views
Why are these strings padded every other byte?
I've seen this multiple times, through various apps and snooping of hex values. Character strings but every other value is actually a null byte. This particular example is with API Monitor, but I'm ...
- 113
2
votes
2
answers
233
views
How can I extract *.c file hidden in an executable file (SkiFree)
I am a person interested of old games (MS DOS and 16 bit Windows only) and programming. In 2020, I saw an article about hacking SkiFree somewhere on the internet and soon as I followed the ...
- 31
1
vote
0
answers
167
views
Log functions called in IDA Pro?
When I run an exe in IDA how could I log which functions were called into a text file?
log.txt:
call func1
call func2
call func1
call func1
Not worried about indirect calls.
This is for differential ...
- 11
2
votes
1
answer
558
views
Can #if DEBUG in C# become true in the released binary?
I have something like this in my code that checks for user's license:
// C# code:
#if DEBUG
MakeLicenseValidForever();
#else
CheckLicense();
#endif
Now, I need to know if these directives ...
- 123
1
vote
0
answers
69
views
Reversing Executable Package
I have an .exe file that loads some other files when executed, I need to redirect these files and export them. When debugging I know that there is a subfolder /images/%s.png where the files in ...
- 11
1
vote
0
answers
142
views
How to locate executable section
How to locate executable section in PE file?
Is there any of typical way to locate executable section in any PE file?
- 121
0
votes
1
answer
3k
views
How do I get all sections in a PE file using C++?
So I am wondering how can I get all sections and their info from a dumped PE file on the disk, using C++.
I have the entire PE loaded on a buffer, the NT headers, and hopefully the DOS headers.
I need ...
- 28
2
votes
1
answer
3k
views
How to get offset of specific function in exe?
Suppose I have self-compiled exe-file (aka portable executable), its source (c/c++) and generated pdb-file. And what if I want to get offset of its function (non-winapi function) in debugger (x64dbg, ...
- 23
2
votes
1
answer
2k
views
Change manifest file using ResourceHacker CLI
I want to automate some manifest file changes (change requestedExecutionLevel level to requireAdministator from asInvoker) so I have to use ResourceHacker CLI.
I have managed to extract the resources ...
- 21
2
votes
0
answers
260
views
How can I extract working files (in the form of graphics) from these MZP executables?
There's a 1999 PC/Mac game that I'm hoping to extract assets from. All game data appears to be stored in various files with the extension .rsc. I've been able to extract all the game's audio from the ...
- 21
0
votes
3
answers
2k
views
How to extract machine code from a file(especially executable) in C
How to get machine code of a file(mainly executables) in C?
I have written a C program to convert machine code to assembly. But how to get machine code of a file? How would I go about programming a c ...
- 11
0
votes
1
answer
592
views
Generating an elf header
To get a basic understanding of the ELF format, I'm writing a basic program to generate a valid elf file from the most basic assembly output. I'm going step-by-step so I'll probably ask a few ...
- 103
0
votes
0
answers
59
views
static analysis for identifying backdoors
I am doing a research in identifying backdoors in windows .exe files. Currently I found some methods to detect.
1.String search in .exe
2.find Reffrence .dll and win32 Api calls using import table
...
1
vote
1
answer
6k
views
Decompiling Python Files: ValueError
So I have this python file and I successfully unpacked its content inside of it we have our file.pyc
I appended the magic bytes to it so it went from:
E3 00 00 00 00 00 00 00 00 00 00 00 00
to ...
- 51
2
votes
1
answer
5k
views
Can "missing section headers" ELF files still be executed/dangerous?
On VirusTotal, there are lots of ELF samples are missing section headers when using file command to see the info.
Also, when using the Python elftools library to parse them, exceptions will be thrown....
- 75
4
votes
1
answer
12k
views
Best way to protect source code of .exe program running on Python?
I am developing proprietary software that would be distributed in a form of .exe file. In order to use it, users will have to authenticate with their whitelist credentials (username + password).
The ...
- 141
2
votes
2
answers
727
views
Find a instruction in a binary file (PE) based on a virtual address of a string reference
English is not my first language, so I'm sorry if my text isn't so clear.
I'm trying to program an automatic patcher for a PE binary that should work for multiple versions of this executable. For ...
- 23
4
votes
1
answer
897
views
change PE file icon without re-signing the file all over again
Is there any option to set new icon for a signed PE executable in windows without re-signing it again. This means that the icon image, although fully assimilated to the PE file, won't change the hash ...
- 293
3
votes
2
answers
587
views
How can I retrieve image files embedded/compressed in a MPL file?
There are some images hidden somewhere in a PE I have, I can't figure out how to extract them.
This PE is from around 1997 (I think it's 32 bit) and I believe it contains some 3D model renders from ...
- 41
0
votes
0
answers
168
views
I have a .exe program file compiled using Intel Fortran 8.1. for windows 10. Can I edit the code off the .exe file?
I have a .exe program file compiled using Intel Fortran 8.1 for Windows under WinXP with 64-bit Windows 10 system.
Can I edit the code off the .exe file? I need to change a value in the code.
Thank ...
11
votes
3
answers
4k
views
Is there any way to get my own image base without calling any WinAPI functions, such as GetModuleHandle?
Is there any way to get the image base of an .exe without calling WinAPI functions (i.e. imported functions) so that it can't be easily viewed in a disassembler/debugger?
I've been thinking of ...
- 113
-3
votes
1
answer
1k
views
Change value of an IF condition found in IDA
so I have the .idb file of an executeable I want to modify.
In the IDB file, I found this code
And I basically want to change 4111006 to 1006 in that IF condition.
however, when I press TAB to go to ...
- 15
3
votes
2
answers
541
views
Why doesn't this retn instruction return from the function?
I disassembled an exe file on Windows with IDA and saw this function prologue:
I see that when the retn executes instead of returning it jumps to sub_1314cba4.
Why doesn't the retn instruction ...
- 59
8
votes
1
answer
447
views
How to detect internal and shared libraries used in an executable file?
Problem: We want to be able to tell with some certainty that specific versions of internal libraries are being used by a program. For example, if a software uses old, deprecated libraries internally. ...
- 233