Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [reverse-engineering]

23 questions
107
votes
5 answers

Why are true and false so large?

After finding out that several common commands (such as read) are actually Bash builtins (and when running them at the prompt I'm actually running a two-line shell script which just forwards to the builtin), I was looking to see if the same is true…
Kidburla
  • 1,266
  • 2
  • 10
  • 16
67
votes
1 answer

Understanding what a Linux binary is doing

I recently had a task at work to understand a binary Linux program. However, the program was in binary form. I used the commands file, strings, and objdump to have a slight idea of what it was doing, and what functions it was calling. It seems the…
user271479
43
votes
2 answers

Is it possible to get the information for a device tree using /sys of a running kernel?

Commonly for arm systems, device trees supply hardware information to the kernel (Linux). These device trees exist as dts (device tree source) files that are compiled and loaded to the kernel. Problem is that I do not have access to such a dts file,…
humanityANDpeace
  • 13,722
  • 13
  • 61
  • 107
21
votes
3 answers

convert executable back to C source code

Unfortunately I lost my source code and I just have the output file that made with gcc in linux and I don’t have any access to my pc now.is there any way to convert output file to source file (in c under linux)?
mahsa
  • 211
  • 1
  • 2
  • 3
6
votes
2 answers

I need to modify a script but it's full of gibberish

I need to modify a script which is part of a programme I downloaded. However, when I try to view the script with vim, it is full of symbols, numbers and letters placed randomly. Is there anything I can do to read this script? This is part of the…
Chantelle Dimech
  • 93
  • 3
5
votes
2 answers

How do I hide TracerPID from a process?

I'm conjecturing SQL Server on Linux is checking /proc/self/status for TracerPID and then dying if it's not 0. I want to test that. Playing around, here is the strace, ... lots of stuff openat(AT_FDCWD, "/proc/self/status", O_RDONLY) = 5 fstat(5,…
Evan Carroll
  • 28,578
  • 45
  • 164
  • 290
5
votes
2 answers

How objdump disassemble elf binary

I have a quick question. I have generated a ELF binary from a c code using following code: gcc -o simple simple.c Then I do objdump for that ELF binary: objdump --disassemble-all simple I have checked my directory with ls -a that there is no .o…
Mustakimur Khandaker
  • 151
  • 1
  • 1
  • 4
4
votes
2 answers

Speak directly to a PCI device without a driver?

I have a friend who has a PCI device that has no driver. Is there a command that will allow me to speak to this device without a driver? (we are trying to reverse engineer its protocols.) I will basically be fuzzing it with random data.
MrSynAckSter
  • 239
  • 2
  • 8
3
votes
3 answers

Find the right device to reverse-engineer

I have an Asus GL503VD for which the touchpad doesn't work on linux. I tried many different distros: Arch, Debian, Ubuntu 16/17/18, Sabayon, Pop_OS, Fedora. None of them made the touchpad work so I settled with Ubuntu 18.04 and decided to debug it…
TaiTair
  • 33
  • 4
3
votes
1 answer

strange Linux binary

I have an executable file that is not lending itself for disassembling or decompiling well as usual/expected. file and ldd are giving an output different than the usual: $ file exe_file exe_file: ELF 64-bit LSB shared object, x86-64, version 1…
Rui F Ribeiro
  • 55,929
  • 26
  • 146
  • 227
2
votes
0 answers

Recover static library from executable

I have an existing executable for which a small amount of source code has been lost. In particular, the executable uses a few functions from a static library, and the source code for that library is missing. I do have an older version of that…
maldata
  • 145
  • 5
2
votes
1 answer

What the branch machine op-code means (X86 architecture)?

I have a simple c code which is compiled and then the text code extracted using objdump utility. here is the dump file (A piece of dumped file): 0804841b
: 804841b: 8d 4c 24 04 lea 0x4(%esp),%ecx 804841f: 83 e4 f0 …
husin alhaj ahmade
  • 287
  • 2
  • 12
2
votes
4 answers

Reverse engineering IP camera firmware to find admin password

I'm trying to reverse engineering an IP camera firmware and found the complete ROM OS but I would like to find out the system password so I have looked at /etc/passwd. The file is not there, it is instead in /etc/default/passwd and here is its…
TurtleForGaming Apps
  • 23
  • 4
1
vote
0 answers

DVD recorder based on freebsd, how to edit service disc

I am trying to understand what is written here and how it can be done. Maybe someone will be able to help and understand this: https://forum.videohelp.com/threads/306345-some-problem-with-DVR560H-s-HDD-replacement#post1906393 This is probably a…
jasko887
  • 11
  • 1
1
vote
1 answer

How to dump network requests receive and send?

I want to learn reverse app, I'm confused how to dump network of an app, I tried tcpflow, ngrep, etc. it works but the output data is not human readable, can you give me a linux command to get network receive / send data, from an app / hosts? i try…
noobdev
  • 33
  • 3
1
2