IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [reverse-engineering]

Reverse engineering is the process of discovering the technological principles of a human made device, object or system through analysis of its structure, function and operation.

235 questions
5
votes
2 answers

Preventing users from bypassing root/jailbreak detection measures

A pentest was made to our mobile app (Android and iOS version) and we received feedback stating that jailbreak/root detection was ineffective because it was relatively easy to reverse engineer the application and change the return value of the…
Victor
  • 189
  • 1
  • 6
5
votes
1 answer

How to reverse engineer WannaCry?

I was reading an article today about a Google researcher linking the WannaCry malware to the earlier malware Cantopee. I had two primary questions based on the contents of the article. What do the numbers/addresses represent in this image? Can…
mdo123
  • 153
  • 3
5
votes
1 answer

Which file encryption algorithm is used by Synology's Cloud Sync feature?

I'm trying to find out which encryption method is used by a piece of software I use, viz. the 'Cloud Sync' feature of Synology's DSM 6.0 running on a Synology NAS. (Background. This Cloud Sync software stores a backup of my files for me in some…
MarnixKlooster ReinstateMonica
  • 259
  • 4
  • 11
5
votes
2 answers

Revising Phising Email & it's payload... did I do this right?

Recently my company got a widespread phishing email sent to them, thankfully no one clicked the link (which is great!) Since I'm a student and a current intern working in IT Security I wanted to see what this phishing email contained. I started with…
J.Halon
  • 61
  • 5
5
votes
1 answer

A code protector claims that it "ensures it is physically impossible to run code without a serial number" is this a scam?

VMProtect Software (found at http://vmpsoft.com/) claims that it: "allows the generation and verification of serial numbers. Both manual and automatic generation are supported. Serial numbers can be limited by time or date and locked to the…
whatever489
  • 838
  • 3
  • 9
  • 21
5
votes
5 answers

Avoid unauthorized updating of online leaderboard php/sql

I am developing an offline web app (game) for android using cordova (phonegap). The leaderboard of the same is maintained online in my server. Currently this is how the leaderboard is updated Step 1) The user's score is stored in the offline app's…
Sandeep Thedarkprince C
  • 91
  • 1
  • 5
4
votes
1 answer

Reversing encryption by analysing executable

I have a program that reads data from a file, parses/organizes it, and spits it out as an encrypted XML. The application can also take an encrypted XML and spit out the original file. My objective at this point would be to access the clear-text XML…
Juicy
  • 1,407
  • 4
  • 16
  • 31
4
votes
2 answers

Reverse Engineer this basic Hash using known answer?

Little background: I forgot one of my CCTV accounts password, so used the admin account to create a new one. However I can't access the old one as it's not possible to change a user account password, even with the admin account (Via the interface at…
Alexander Wigmore
  • 151
  • 2
  • 6
4
votes
2 answers

Securing an appliance

Scenario: We are in the position to offer a local appliance to run a version of our proprietary software, which is normally provided as SaaS. Question: What steps can be taken to mitigate trivial reverse-engineering in an untrusted environment,…
Admin
  • 41
  • 3
4
votes
0 answers

How can this form boundary be used to detect a different device?

I am trying to talk with an API endpoint usually used by a secure app. I have managed to defeat the signature by extraction the private key from the app. All headers, bearer token and device token match. I did this by trial and error, checking the…
Martijn
4
votes
1 answer

Program detecting sandboxie present - How to prevent?

I am having issues with a particular game, detecting the presence of the games being run inside sandboxie (An application for running programs inside a sandbox) with the goal of running multiple instances of the game on the same computer. The game…
user11912337
  • 41
  • 2
4
votes
1 answer

Reverse Engineering for .rtf files

I've received lately a .rtf attachment on my work email from an untrusted email account. I suspect the attacker is exploiting "Microsoft Security Bulletin MS12-029" vulnerability. What are the recommended steps to study this .rtf file and learn the…
Z-D
  • 41
  • 3
4
votes
2 answers

Why does my stack contain the return address to __libc_csu_init after main is initialised?

I wrote a simple program in C, compiled it, opened it in gdb, set a breakpoint at line 11 and inspected the stack. 1 #include 2 3 int main(int argc, char *argv[]){ 4 char arr[4] = "AABB"; 5 int square = foo(2); 6 …
Hugh Pearse
  • 141
  • 1
  • 4
4
votes
1 answer

What makes malware like Stuxnet or Duqu so advanced?

While malware such as Stuxnet and Duqu have been known for at least six years now, they are still (to the best of my knowledge) considered to be the most advanced malware ever publicly known. My question is, what exactly makes them so advanced?…
jmcph4
  • 163
  • 6
4
votes
1 answer

SSH access during manufacturing

What are security pros and cons if we have to enable SSH access during the manufacturing of the device (i.e. Fire Alarm Control Panel)? It is a manufacturer requirement. SSH access will be disabled before shipping the product, but technically it…
wonder
  • 103
  • 6
1 2 3
15 16