Questions tagged [binary-code]
60 questions
0
votes
1 answer
ROP - ret VS ret 0
I'm doing a binary challenge from pwnable.kr and I'm examining a some ROP gadget.
Until now I've always used gadget ending with ret or syscall/int 0x80, but now ROPgadget gave me a gadget ending with ret 0.
What's the difference wrt ret?
![](../../users/profiles/277035.webp)
Marco Balo
- 103
- 2
0
votes
0 answers
The difference between a virtual door-lock and a public key
The thing that helped me to understand what is a "public key" was to parallel it with a door lock:
The door lock is public in the sense that anyone can try to unlock it and the door key is the private in the sense that generally, only certain user…
![](../../users/profiles/274024.webp)
humble-learner
- 3
- 2
0
votes
1 answer
What technologies used in a web browser, if any, can be used to push a binary from a server to a client machine?
This question is about if any technologies used by a web browser (HTTP, TCP, JavaScript, etc.) can be used to push a binary file from the web server to a random folder on the client.
This is for a security discussion at work about the dangers in web…
![](../../users/profiles/63673.webp)
coderworks
- 519
- 1
- 4
- 13
0
votes
0 answers
Is there any good way to avoid bypass .so file?
I have a C code project, I want to use .so lib to verify certificate for valid.
I know there is a way to crack .so file by using below tools:
1.IDA_Pro_v6.8_and_Hex-Rays_Decompiler_
2.WinHex
3.ARM_ASM
so, in my opinion, the .so is not a good…
![](../../users/profiles/190529.webp)
244boy
- 935
- 2
- 6
- 8
0
votes
1 answer
How can I find out what's in this NASA JPL "Spy" command line program for macOS and how safe it is?
Discussion under this answer in Space Exploration SE links to items in NAIF; NASA Planetary Data System Navigation Node links for MacIntel_OSX_64bit
I'm looking at these two.
spy:…
![](../../users/profiles/115702.webp)
uhoh
- 1,385
- 1
- 11
- 21
0
votes
1 answer
Protect password from apache user by making file executable-only
I (will) have a binary executable file. It's only permission is user-execute. It cannot be read by user, group, or world. The owner of the file is the Apache user. I don't want the apache user to be able to read the file, but I do want the apache…
![](../../users/profiles/74828.webp)
Reed
- 105
- 4
0
votes
0 answers
Different gdb results
I'm trying to use overthewire narnia problems as a way to learn about binary exploitation and I'm getting different results than any of the walkthroughs
I was looking at https://tuonilabs.wordpress.com/2017/05/13/overthewire-narnia-write-up/ for…
![](../../users/profiles/195319.webp)
CWright
- 123
- 3
0
votes
1 answer
SAT (Satisfiability) it is security risk?
If researcher found satisfiability in any software, this is a threat to security? If answer - "Yes", how can attacker to use SAT?
![](../../users/profiles/176349.webp)
69 420 1970
- 113
- 6
0
votes
0 answers
Does `npm install` retrieve binaries or sources?
I am starting to use npm install a lot for development, but I fear about its security consequences. Does npm install retrieve binaries or sources?
If it's binaries, it's already a deal breaker for me.
If it's sources, what level of scrutiny is the…
![](../../users/profiles/95402.webp)
knocte
- 161
- 7
-1
votes
1 answer
Confused about memory examination using gdb
I started reading "Hacking, The Art of Exploitation" and I am confused about some things regarding memory examination.
When I disassemble main, I get an output of all memories where the individual assembly instructions are, right? Each instruction…
![](../../users/profiles/282260.webp)
jprossv
- 1
-1
votes
1 answer
What can I do with reverse engineering
I have come across a lot of guides and blogs about reverse engineering where they use labs to teach various techniques and methods to break binaries. My question is what actual use cases does reverse engineering have in the real world, as I don't…
![](../../users/profiles/221925.webp)
Abhinav Vasisth
- 1
- 1
-1
votes
3 answers
-1
votes
1 answer
What tools exist to crack, disable, and undo the effects of a malicious Linux binary?
I'm a network Penetration Tester and I'm trying to learn how to crack binaries. As an exercise, I've spent two days trying to crack a Linux binary that was supposedly designed to be cracked. Searching on the web and trying what I know on Linux has…
![](../../users/profiles/139830.webp)
user7451333
- 32
- 3
-2
votes
1 answer
How to determine the number of bytes from a string with mix of "\x" and normal characters?
I was looking at this exercise and it was mentioned that the string \x1AL\xD23k\xCA\x1D\xD7 consists of 8 bytes. However, I fail to see how there are 8 bytes in the string. Shouldn't there be 7 bytes instead since \x1A would represent 1 byte and any…
![](../../users/profiles/124200.webp)
Lew Wei Hao
- 429
- 5
- 13
-4
votes
1 answer
Binary Numbers converted to Hexadecimal private key
Couldn't you use brute force to guess someone’s binary number because it's 1 or 0 - 256 times then just keep switching 1's and 0's around- which then can be converted hexadecimal to guess their bitcoin private key?