Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "reverse engineer"
-
Cheat Engine's installer's EULA:
```
15) You may disassemble and reverse engineer any part of this program, although just looking at the sourcecode is easier
```
appreciate the honesty2 -
Client: I want you to reverse engineer this piece of software!!
*posts some link to an exe on altervista along with some unrelated crap*
Oh and "I PAY"! (Because you can't even take that for granted anymore these days.)
Me: Alright, I'll look into it but I'm not a reverse engineering expert so don't expect too much.
*Closes Facebook*
Client, day after: Hey have you looked into it already? Have you finished it already?! HEY, RESPOND ALREADY!!!
Me (thinking): YEAH AFTER 1 DAY AND NO PAYMENT DETAILS WHATSOEVER, I INSTANTLY DROPPED EVERYTHING JUST TO PLEASE YOU, FILTHY RAT SACK!! You fucking wish, motherfucker. Down to lowest priority you go! And if I don't feel like doing it, how about I just drop your request and tell you to suck my fleshy snek, HOW ABOUT THAT HUH? Fucking piece of shit 😤12 -
I had to integrate an internal service. The doc said:
Lorem impsum...
fuck me I had to reverse engineer it.5 -
Actual rant time. And oh boy, is it pissy.
If you've read my posts, you've caught glimpses of this struggle. And it's come to quite a head.
First off, let it be known that WINDOWS Boot Manager ate GRUB, not the other way around. Windows was the instigator here. And when I reinstalled GRUB, Windows threw a tantrum and won't boot anymore. I went through every obvious fix, everything tech support would ever think of, before I called them. I just got this laptop this week, so it must be in warranty, right? Wrong. The reseller only accepts it unopened, and the manufacturer only covers hardware issues. I found this after screaming past a pretty idiotic 'customer representative' ("Thank you for answering basic questions. Thank you for your patience. Thank you for repeating obvious information I didn't catch the first three times you said it. Thank you for letting me follow my script." For real. Are you tech support, or emotional support? You sound like a middle school counselor.) to an xkcd-shibboleth type 'advanced support'. All of this only to be told, "No, you can't fix it yourself, because we won't give you the license key YOU already bought with the computer." And we already know there's no way Microsoft is going to swoop in and save the day. It's their product that's so faulty in the first place. (Debian is perfectly fine.)
So I found a hidden partition with a single file called 'Image' and I'm currently researching how to reverse-engineer WIM and SWM files to basically replicate Dell's manufacturing process because they won't take it back even to do a simple factory reset and send it right back.
What the fuck, Dell.
As for you, Microsoft, you're going to make it so difficult to use your shit product that I have to choose between an arduous, dangerous, and likely illegal process to reclaim what I ALREADY BOUGHT, or just _not use_ a license key? (Which, there's no penalty for that.) Why am I going so far out of my way to legitimize myself to you, when you're probably selling backdoors and private data of mine anyway? Why do I owe you anything?
Oh, right. Because I couldn't get Fallout 3 to run in Wine. Because the game industry follows money, not common sense. Because you marketed upon idiocy and cheapness and won a global share.
Fuck you. Fuck everything. Gah.
VS Code is pretty good, though.20 -
My first hack... Back at the days when phones had disks to dial a number. I was a kid of cause, I'm not that old. I used to like to call my grans. Once, when I supposed to go to sleep already, I've found out that there is phone socket in my room (the one connected to the copper wire, that is where the word "phone line" came from).
It took me about a half of an hour to detach handset from the toy phone and about two ours to reverse engineer dialing protocol (you just need to disconnect the line sequentially corresponding number if times).
And after that I've heard my granny's voice. I was literally overwhelmed that it worked.6 -
Impostor vs Kenner syndrome
We got a new kid which does his internship from school. We talked and he asked me what stuff I had done with 14 - 16. I remembered with 14 I was really into reverse engineering, assembler and c/c++ but never managed to actually build something.
So he started to say stuff like he could replace me in an instant and he should get paid for this internship at least as much as I did, because he made some websites and games already.
I really was down. Kids today get a lot of shit done and I was a disappointing lazy little shit just playing games and try to reverse engineer stuff and learn assembler and c++.
It's been month and shit hit me when I've seen his stuff was copy pasted from a tutorial/ YouTube video.
Today's ressources, languages, frameworks make it really easy to build something but I still got respect for everyone every age who is interested and get into programming and stuff.
But I hope you'll read this you little shit and realise that you can use a simple physics engine by copy and pasting code. So don't talk disrespectful to people in general especially when they can create a whole game and physics engine.14 -
Hello, I just want to let you know I'm working on a 15 year old product and it is currently in production.
It uses Angular.js and one of the earliest versions of React.js. I cannot use ES6, we don't have Babel, no JSX syntax, no CSS preprocessor. No webpack.
I must support browser since IE6 with an ES3 syntax. (luckily I got some some polyfills for an ES5 syntax)
When I build a component I have to call React.createClass and React.createElement.
The render() function is basically a nested pile of React.createElement.
There is no documentation for this product, no tests, no anything.
I had to reverse engineer it in order to understand how it works.
The code base uses mixed programming styles and naming conventions, plus thousands of little js files.
Oh and obviously no hot reload, every time I make a change I have to restart everything.
Please, send help.
I'm in danger.
Sincerely,
An underpaid developer
....
I'm not crying, you are crying...19 -
No, MD5 hash is not a safe way to store our users' passwords. I don't care if its been written in the past and still works. I've demonstrated how easy it is to reverse engineer and rainbow attack. I've told you your own password for the site! Now please let me fix it before someone else forces you to. We're too busy with other projects right now? Oh, ok then, I'll just be quiet and ignore our poor security. Whilst I'm busy getting on with my other work, could you figure out what we're gonna do with the tatters of our client's business (in which our company owns a stake) in the aftermath of the attack?7
-
FUCKING TELEGRAM FUCK YOU STAY IN YOUR FUCKING API DOCUMENTATION AND STOP FUCKING TESTING YOUR SHIT ON A PRODUCTION SYSTEM WHY WOULD YOU DO THAT FUCK OFF WHY AM I EVEN DEVELOPING SHIT FOR YOUR PLATFORM ANYMORE WHEN FOLLOWING YOUR DOCUMENTATION LEADS TO FUCKING ERRORS AND WE HAVE TO DECOMPILE AND REVERSE ENGINEER YOUR FUCKING "OPEN SOURCE" APPS BECAUSE YOU DONT EVEN BOTHER TO FUCKING UPDATE THE SOURCE CODE ONCE A YEAR WHAT THE FUCK
Thank you for your attention7 -
Trying to reverse engineer an API.
Who on fucking earth thought it would be a good idea to let the response be JSON but.... THE VALUE OF THE MAIN INFORMATION THING/KEY PLAIN (UGLY AS HELL) HTML WITH EVEN GOOGLE TAGS BULLSHIT...
WHY?! THIS HURTS.
EHVIENZJVYENWBFFJSJZ 💀12 -
Senior manager: I cant understand how this project has taken so long?
Me: Well you hired me as a C# WPF developer and then asked me to deliver an android app without any kind of training so i had to teach myself app development and reverse engineer the undocumented protocol it needs to use to communicate with our product.
Senior manager: Ok. I get that, but it should only take around 3 months to get up to speed though right?
Me (to myself): how in the hell? New platform, self teaching, undocumented protocol for a complex low level real-time system, other responsibilities taking at least 50% of my time and i should be as productive as an outsourced app dev company in 3 months???!! FFFFFUUUUUUUUUUUUUU!!!!!!!!!3 -
In the begining of time, when The Company was small and The Data could fit in some fucking excel sheets, Those Who Came Before implemented some java tool to issue invoices, notify customers and clear received payments.
Then came the Time Of The Great Expanse, when The Company grew to unthinkable levels. Headcount increased with each passing day, and The Data shows that everything was going great!
But when the future seemed bright, came The Stall-Out. The days when The Company could not expand as fast as it did before. And Those Who Came Before left, abandoning their Undocumented Java Tool to its own luck.
Those who came after knew nothing of the inner workings of the Undocumented Java Tool. They knew only that the magical Jar would take a couple fucking excel spreadsheets and spit out reports and send emails like magic.
And those were The Dark Days.
In the darkness, The Data grew to be a monster. Soon a fucking excel spreadsheet could not hold The Data contained any longer. Those Who Came After, fearing the wrath of The Undocumented Java Tool, dared not mess with its code. Instead, they fucking cut away the lowest volume transactions from the fucking input spreadsheet, and left the company to report the unbilled invoices as "surprise losses". Fucking script kiddies, were Those Who Came After.
Then, at The Darkest of Days (literally, Dec 21st), marched into the project The Six Witchers, who fear not the Demon of Refactoring.
This story is still unfolding. Will The Six Witchers manage to unravel the mysteries of The Undocumented Java Tool? Will they be able to reverse engineer the fucking black box, and scale it's magic into a modern application?
Will they decrease revenue forecasting error by at least 2% in a single strike?
Only the future will tell.16 -
Got hired as an SSRS engineer. Walked into work day 1 thinking I was a bad ass with my SQL joes2pros knowledge and quickly (and i mean quickly) got smacked down with what real SQL procs look like........should've renamed my title to SSRS reverse-engineer. Good times.2
-
It has been bugging the shit out of me lately... the sheer number of shit-tier "programmers" that have been climbing out of the woodwork the last few years.
I'm not trying to come across as elitist or "holier than thou", but it's getting ridiculous and annoying. Even on here, you have people who "only do frontend development" or some other lame ass shit-stain of an excuse.
When I first started learning programming (PHP was my first language), it wasn't because I wanted to be a programmer. I used to be a member (my account is still there, in fact) of "HackThisSite", back when I was about 12 years old. After hanging out long enough, I got the hint that the best hackers are, in essence, programmers.
Want to learn how to do SQL injection? Learn SQL - write a program that uses an SQL database, and ask yourself how you would exploit your own software.
Want to reverse engineer the network protocol of some proprietary software? Learn TCP/IP - write a TCP/IP packet filter.
Back then, a programmer and a hacker were very much one in the same. Nowadays, some kid can download Python, write a "hello, world" program and they're halfway to freelancing or whatever.
It's rare to find a programmer - a REAL programmer, one who knows how the systems he develops for better than the back of his hand.
These days, I find people want the instant gratification that these simpler languages provide. You don't need to understand how virtual memory works, hell many people don't even really understand C/C++ pointers - and that's BASIC SHIT right there.
Put another way, would you want to take your car to a brake mechanic that doesn't understand how brakes work? I sure as hell wouldn't.
Watching these "programmers" out there who don't have a fucking clue how the code they write does what it does, is like watching a grown man walk around with a kid's toolbox full or plastic toys calling himself a mechanic. (I like cars, ok?!)
*sigh*
Python, AngularJS, Bootstrap, etc. They're all tools and they have their merits. But god fucking dammit, they're not the ONLY damn tools that matter. Stop making excuses *not* to learn something, Mr."IOnlyDoFrontEnd".
Coding ain't Lego's, fuckers.35 -
I've optimised so many things in my time I can't remember most of them.
Most recently, something had to be the equivalent off `"literal" LIKE column` with a million rows to compare. It would take around a second average each literal to lookup for a service that needs to be high load and low latency. This isn't an easy case to optimise, many people would consider it impossible.
It took my a couple of hours to reverse engineer the data and implement a few hundred line implementation that would look it up in 1ms average with the worst possible case being very rare and not too distant from this.
In another case there was a lookup of arbitrary time spans that most people would not bother to cache because the input parameters are too short lived and variable to make a difference. I replaced the 50000+ line application acting as a middle man between the application and database with 500 lines of code that did the look up faster and was able to implement a reasonable caching strategy. This dropped resource consumption by a minimum of factor of ten at least. Misses were cheaper and it was able to cache most cases. It also involved modifying the client library in C to stop it unnecessarily wrapping primitives in objects to the high level language which was causing it to consume excessive amounts of memory when processing huge data streams.
Another system would download a huge data set for every point of sale constantly, then parse and apply it. It had to reflect changes quickly but would download the whole dataset each time containing hundreds of thousands of rows. I whipped up a system so that a single server (barring redundancy) would download it in a loop, parse it using C which was much faster than the traditional interpreted language, then use a custom data differential format, TCP data streaming protocol, binary serialisation and LZMA compression to pipe it down to points of sale. This protocol also used versioning for catchup and differential combination for additional reduction in size. It went from being 30 seconds to a few minutes behind to using able to keep up to with in a second of changes. It was also using so much bandwidth that it would reach the limit on ADSL connections then get throttled. I looked at the traffic stats after and it dropped from dozens of terabytes a month to around a gigabyte or so a month for several hundred machines. The drop in the graphs you'd think all the machines had been turned off as that's what it looked like. It could now happily run over GPRS or 56K.
I was working on a project with a lot of data and noticed these huge tables and horrible queries. The tables were all the results of queries. Someone wrote terrible SQL then to optimise it ran it in the background with all possible variable values then store the results of joins and aggregates into new tables. On top of those tables they wrote more SQL. I wrote some new queries and query generation that wiped out thousands of lines of code immediately and operated on the original tables taking things down from 30GB and rapidly climbing to a couple GB.
Another time a piece of mathematics had to generate all possible permutations and the existing solution was factorial. I worked out how to optimise it to run n*n which believe it or not made the world of difference. Went from hardly handling anything to handling anything thrown at it. It was nice trying to get people to "freeze the system now".
I build my own frontend systems (admittedly rushed) that do what angular/react/vue aim for but with higher (maximum) performance including an in memory data base to back the UI that had layered event driven indexes and could handle referential integrity (overlay on the database only revealing items with valid integrity) or reordering and reposition events very rapidly using a custom AVL tree. You could layer indexes over it (data inheritance) that could be partial and dynamic.
So many times have I optimised things on automatic just cleaning up code normally. Hundreds, thousands of optimisations. It's what makes my clock tick.4 -
Do you know when you think "Oh that doesn't look too hard. I bet I can do it in no time"?
That is how I felt when I saw the DIY 3D printer kit Anet A8. It's only 150€ on gearbest so that is pretty cheap.
The reviews said it takes about 3 - 4 hours to build and I though "Ok I am a computer specialist and engineer so 3h sounds reasonable".
When I bought it from gearbest the first problems started: 5 days after the estimated shipping date the packet was still not on its way. After I fucked the support up, it finally arrived 3 weeks after the estimated date.
When I took the first look, everything seemed to be fine except for some small scratches but for that price that is not a problem.
So I started to build the printer at about 14:00 and even if some random sites in the manual were in Chinese I felt confident to get it done in a view hours.
And then it started to get really fucked. The first problem was that 2 screws were unusable and I had to use my own screws instead. The next problem was that the manual was just in the wrong fucking order at some points and I had to reverse multiple steps to get it right.
But the most fucked up thing: There should have been 2 threaded rods with a length of 345mm but the rods had a length of 310mm which was nowhere listed in the parts list. So I had to go buy some aluminium rods to fill the gap temporary so that I can at least go on with the build before getting a replacement. And I could go on and on and with the problems but the point is, it is now 19:30 which is about 5.5 hours after I started and I am still not fucking done with this.
So what have I learned?
Cheap Chinese hardware is good, but only as long as you don't have to assemble that shit yourself.2 -
TLDR: crappy api + idiot ex client combo rant // devam si duška
I saw a lot of people bitching about APIs that don't return proper response codes and other stuff..
Well let me tell you a story. I used to work on a project where we had to do something like booking, but better..crossbreed with the Off&Away bidding site (which btw we had to rip off the .js stuff and reverse engineer the whole timer thingy), using free versions of everything..even though money wasn't an issue (what our client said). Same client decided to go with transhotel because it was sooooo gooood... OK? Why did noone heard of them then?
Anyhow, the api was xml based.. we had to send some xml that was validated against a schema, we received another that was supposed to be validated againts another schema.. and so on and so on..
...
...
supposed..
The API docs were nonexistent.. What was there, was broken English or Spanish.. Even had some comments like Add This & that to chapter xy.. Of course that chapter didn't even exist yet. :( And the last documentation they had, was really really old..more than a year, with visible gaps, we got the validation schemas not even listed in the docs, let alone described properly.
Yaaay! And that was not everything.. besides wrong and missing data, the API itself caused the 500 server error whenever you were no longer authenticated.
Of course it didn't tell you that your session was dead.. Just pooof! Unhandled crap everywhere!
And the best part?! We handled that login after inspecting what the hell happened, but sent the notification to the company anyways.. We had a conf call, and sent numerous emails explaining to them what a 'try catch' is and how they should handle the not authenticated error <= BTW they should have had a handled xml response for that, we got the schema for it! But they didn't. Anyhow, after two agonizing days talking back and forth they at least set up the server to be available again after the horrified 500 error. Before, it even stopped responding until reset (don't ask me how they managed to do that).
Oh yeah, did I mention this was a worldwide renown company?! Where everybody spoke/wrote English?! Yup, they have more than 700 people there, of course they speak English! <= another one of my ex clients fabulous statements... making me wanna strangle him with his tie.. I told him I am not talking to them because no-one there understood/spoke English and it would be a waste of my time.. Guess who spent almost 3 hours to talk to someone who sounded like a stereotypical Indian support tech guy with a flue speaking Italian?! // no offence please for the referenced parties!!
So yeah, sadly I don't have SS of the fucked up documentation..and I cannot post more details (not sure if the NDA still holds even though they canceled the project).. Not that I care really.. not after I saw how the client would treat his customers..
Anywayz I found on the interwebz some proof that this shitty api existed..
picture + link: https://programmableweb.com/api/...
SubRant: the client was an idiot! Probably still is, but no longer my client..
Wanted to store the credit card info + cvc and owner info etc.. in our database.. for easier second payment, like on paypal (which he wanted me to totally customize the payment page of paypal, and if that wasn't possible to collect user data on our personalized payment page and then just send it over to paypal api, if possible in plaintext, he just didn't care as long as he got his personalized payment page) or sth.... I told the company owner that they are fucking retards if they think they can pull this off & that they will lose all their (potential) clients if they figure that out.. or god forbid someone hacked us and stole the data.. I think this shit is also against the law..
I think it goes without saying what happened next.. called him ignorant stupid fucktard to his face and told him I ain't doing that since our company didn't even had a certificate to store the last 4 numbers.. They heard my voice over the whole firm.. we had fish-tank like offices, so they could all see me yelling at the director..
Guess who got laid off due to not being needed anymore the next day?! It was the best day of my life..so far!! Never have I been happier to lose my job!!
P.S. all that crap + test + the whole backand for analysis, the whole crm + campaign emails etc.. the client wanted done in 6 months.. O.o
P.P.S. almost shat my pants when devRant notified my I cannot post and wanted to copy the message and then everything disappeard.. thank god I have written this in the n++ xDundefined venting big time issues no documentation idiot xml security api privacy ashole crappy client rant11 -
Have you encountered projects that were beyond saving?
Been freelancing for a client via agency for the past year. In the beginning the deal was to maintain identity verification sdk for android maybe 10-15 hours a month or so. Their flow consisted of around 25-30 screens, so I took it thinking it was easy. Boy I was wrong.
Codebase was and still is a complete spaghetti, backend weird and overcomplicated and impossible to talk with someone in backend. Had to reverse engineer their complicated flows many times just to make a small change on the app. There also are lots of issues with capturing/sending camera recordings especially on older devices. The fact that Im the only dev maintaining this doesnt help either.
First few months it was just maintenance, later some small features and soon it become a 40 hour a month gig. I was able to deal with it but then management changed, they started micromanaging me heavily and now they want me to do 60-70 hours a month. Also they asked to implement some unnecessarily complicated features and to be honest without refactoring most of the codebase I cant even begin to think of how to implement them.
Also workload in my main job increased. Started sacrificing my evenings, weekends and basically my wellbeing to work on their product. Tried to relax but then I realized Im just spending my freetime thinking about their project all of the time. Best part is that last few updates fucked up the whole flow and I dont even understand where the problem is anymore: backend, 3rd party integration issues or something else that I did.
Last friday told them that my availability changed and Im quitting. Told them that Im gonna provide support till the end of the month but no big features. Just spent a full shift in my main job and another full shift working on their product, trying to untagle their spaghetti.. Im totally lost and burned out. Meanwhile stupid manager is asking why "simple" stuff according to him is taking too long.
I should receive my last payment from agency this week, also asked them to send it to me earlier but no answer so far. At this point Im so burned out that I dont care anymore about the last payment, even if client complains that everything is broken and doesnt want to pay me. Project is beyond fucked and that SDK as well as their backend is a ticking time bomb. Im done.14 -
There is a company providing a very speciffic service. And it has a core application for that svc, supported by a core app team.
That company also has other services, which are derivations of the core one. So every svc depends on core.
Now that we're clear on that... I was working in a team of one of the subservices. We very strongly depended on core. In fact, our svc was useless if integration w/ core broke down.
The core team had an annoying habbit. They refused to version their webservices and they LOVED to push api updates w/o any warnings. Our prod, test, other envs used to fail bcz of core api changes quite often. Mgmt, IT head was aware of the problem and customers' complaints as well.
So as a result, once core api changes we're all in a panic mode: all prior priorities are lowered and revival of prod is to be our main focus. Core api is not docummented, the changes are not clear, so we have to reverse engineer the shit out of it. We manage to patch our prod up w/ hotfixes, but now we have tech debt. While working on the debt, core api changed again, in test env. Mgmt pushes debt back and reallocates us to hotfix test. Hotfix is 80% done when another core api breaks. Now mgmt asks us to drop wtv we're working on and fix that new break. By the time we're to deploy the hotfix, another api breaks in another env. The mgmt..... You get the picture :)
2 years go by, nothing has changed so far.6 -
Normal person : 365 + 1 = 366
Developer dealing with julian dates : 365 + 1 = 1(New year)
Business person : 365 + 1 = 001 (because they like symmetry in their file names with dates)
We found this BUG, now we are celebrating our new year by changing code in each of script to format string accordingly.2 -
So I have to fix this motherfucking insane regex with over 1k chars in it ...
This fucking shit is not maintainable and there are no comments or any other sort of documentation.
And this bullshit was not build via code so that bastard wasted weeks of time to develop that shitty expression by hand on a online regex tester website.
So I have 3 options:
1. Reverse engineer everything and waste my precious time
2. Delete that shit, analyze the input and write the regex via code instead of creating it by hand
3. Look for that "super duper clever" dev and break his legs.
I think option 3 suits me best.
And for you dear reader, if you are regexphile, enjoy this gigantc regex with >16k chars:
http://madore.org/~david/weblog/...7 -
Taking a for-giggles training on reverse engineering... It's theory. Basic level theory. Posted 6 months ago.
"someone might want to reverse engineer Microsoft Word in order to change its code so that it could be run on a Mac."
Are we ignoring how old Word has had Mac support????
Or "To prevent circumvention, some programs require as part of the terms of use that you do not attempt to reverse engineer their code." like this will stop someone who wants to circumvent having to pay from acting illegally, because we all totally read EULAs and T&Cs...
Whyyyyyy4 -
I wrote a Blender plugin that uses vector math, matrices, calculus, trigonometry, and likely other types of math. There's recursion, filesystem access, image processing, interface logic, and on and on.
And worst of all - other people are expected to use it, so there's added pressure to do a good job.
Oh, the hours I spent trying to figure out why the imported geometry looked like an exploded mess. Fumbling around with mathematics I didn't fully understand was exhausting. Finding help was impossible at times because I didn't have the vocabulary to even describe the problems I was having. And getting it to complete an import before the heat death of the universe was not easy.
Every time I made progress and thought I was done, I would discover a bug that other importers didn't have, leaving me to sift through languages that definitely aren't Python to see if I could reverse engineer the logic they used.
I almost gave up a few times, but didn't.
Now I have something that, while not used by many people, works very well, is very efficient, and doubles as a palette cleanser when I need to do something for fun or for a challenge. Plus I learned a lot along the way.4 -
I hate having to reverse engineer an application you built, just to understand it. All because you haven't worked on it in months.
-
Okay. So my dumbass boss took this project that had a steep timeline. I told him straight up, it won't work because we won't make the timeline. If we do this, I will be the one bending over backwards to deliver. I don't like to promise and fail. I got the oh don't worry let's just try. If we don't make it that's fine. Unfortunately that's not how I work. I refuse to deliberately fail. So I say okay and we begin. I suggested open source is the fastest way to deliver bit the fucked up part is, I am the only senior dev in the team. I will be expected to reverse engineer the open source app to connect our own deployment parameters. Use tech I have never used before. Connect frontend and backend. Handle dns bullshit. I have literally been working on Vibes and coffee for the past two weeks because ofcourse I ran into so many issues. Now I have an extension for Monday and I hate to fail. So I am not sleeping or resting just working on a fucking java app I didnt build and I am expected to make it work seemlessly on our production environment. I made some progress. Deployed frontend, deployed backend. Forgot to connect production dB so I decided to go with azure database for mysql driver since we have credits on azure. Now my java app is pissing itself over ssl handshake. I generate my keystore and add it and now java socket just times out. I want to pummel somebody or a punching bag that looks like my boss.15
-
The problem being a dev at a big company (around 1000 devs) with huge codebase (I mean huge, tens of thousands of modules, if not millions) is that, as many hands touch the code of a project and deadlines are always short, not everyone care about changing the documentation afterwards.
This translates to double the work everytime you need to fix a bug or something as you have to quickly reverse engineer the modules to understand it - the documentation often reflects an old version and it messes things up much more than it helps you out.4 -
When you try to reverse engineer some $5 toy but the ICs Datasheet is only in chinese ;-(
And Google translate for pdf sucks.4 -
So before the Age of JavaScript, when programming was trying to be an engineering discipline, I felt like we were getting close to figuring out what worked and what didn't. We had rules of thumb (more general than Patterns) and code smells.
Then JavaScript came in and no one had time to think about "engineering" anymore. I'm fine with MVP and small iterations, but the disdain I see for making code clean and extendable and improvable is baffling (and annoying). First-time coders might never have had to fix someone else's code, but two weeks in a chair should have fixed that.
It's not that understanding code is so hard (although it can be); understanding the _intent_ is hard. This MVP is great, but when no one had time to document what is actually supposed to happen, programmers have to reverse-engineer the *design*.4 -
When your colleague comments out some of your codes just to reverse engineer how it works. And checked it in!!!1
-
Spent almost four days trying to reverse engineer a feature the previous developers failed to document but a sales lead from before the take over was counting on.
Turns out it was never made and the whole exercise was a waste of time.3 -
!rant
How I think the process for designing a hardware-driver is like
CEO: "Alright everyone, we have designed and created this great product, now let's write a driver for it!"
PM: "Great then! We just code for Windows, create an eye-catching UI but leave the actual at the worst possible case that could work!"
Dev: "B-But isn't there other OSes, like Linux and Android that people use on their computers too?"
PM: "Shut up! We are going to JUST support Windows and f*** no absolutely other OSes!
Dev: "But what if they are also developers, and want to control and use this great product by programming it themselves? We should make the driver open-source, or at least give them some APIs!"
PM: "Nonsense! They are only going to use this product on M$ Windows, and with the program we provide to them, even if it's crappy and crashes most of the time!"
Dev: "But-but..."
PM: "No buts! That's our final decision!"
And some other consumer devs are like, "F*** it, we just reverse-engineer the codes and write a new driver ourselves!"
:|3 -
How to reverse engineer without knowing how to reverse engineer:
1.Open IDA pro
2. Hit shift+f12 for the strings view
3. Choose an interesting string
4. Hit x and go over the xrefs
5. You are now earning at least $140K a year.
Bonus: say that you can code html2 -
My own colo server. My own cloud. My own infra.
Fuck all of the CSP's and their fucking broken TOS and their data privacy violations!
Why do you think Amazon is so cheap? Because when they discover a product/service/software on AWS makes money, they WILL Reverse engineer it, make it and price you out of the market. It's their business model!5 -
So I've created this account specifically for this rant. I usually just browse anonymously.
I've recently been hired in a big company that is one of the biggest Microsoft users in the world and my essentially revolves on making it easier for our collaborators to work with SharePoint (and other ms software)
Never in my life have I hit that much of a roadblock. So for the past week I've been trying to integrate what Ms calls webparts. And to modify the default webparts Ms provides you need to their properties (or Metadata). Except here's the big problem these are NOT documented anywhere (unless I failed to find it, if you do know where it is documented please HMU), so I've found myself trying to reverse engineer the js scripts that are served with SharePoint to figure out what the webpart properties are called and what type of data they are! I've been going through endless github repos using the CSOM nuget package (it's the library everyone uses to interact with SharePoint) and I finally found out about this other library called PnP which is a wrapper around CSOM that makes it easier to use. That wrapper has a way for me to load existing page and look at the properties of existing webparts. So here I thought it was the end of my suffering and I could finally get an idea of what it should be. Turns out this method doesn't work because one of the dependencies it has has had breaking changes and they still updated it even though it breaks their code! So for the past two days I've been trying random combinations of key values with different data types and json serialization methods.
Oh and yeah I've also looked at all the http calls via the chrome network tab, the metadata is not served as an individual file but is computed by Ms servers when they're serving you their html files.
So uh yeah run from CSOM if you can..3 -
It’s funny being on the other side of interviews. People say how complicated it is to get a job, and it is. But then they show up to a third round Senior Software Engineer technical interview and is unable to write a function on the white board in any language or even pseudo code to reverse a string. That isn’t complicated stuff...
Argh, very frustrating.2 -
It is 4 am now.
There it is. My obsession to destroy electronical things got me once again lol. I found a Canon printer last month and put it in my room to gather more electronical parts (for future arduino projects).
I am quite impressed about what makes Canon printers so different from Epson printers.
Canon really makes it fucking hard to open the inside of the printer.
Epson printers were way easier to open. A big plus for Epson.
Canon printers have weird design. Everything somehow sticks inside of something else with no room inside the printer. Like spaghetti.
Wherelse Epson printers have a plenty of room inside with a better design. No need to waste alot of time to reverse engineer it (figuring every single cable, motor, and what else not out). A plus for Epson here.
Now... what might have impressed me alot?
Take a look at the attached picture. The power on button(design), the display (it is usually soldered on Epson printers) and the "door servant" as I call the part with the blue cables. The "door servant" pushes the stick down when it has electricity.
I never found these like this in Epson printers.3 -
After I cured my depression with Vortioxetine which was prescribed to me because of pure luck, I can notice that something has changed.
I can't tell if I like or don't like something anymore. It doesn't matter now which food to eat, what music to listen to, I just can't see the difference. I dropped all my side projects, quit my job and got another, much easier one. I don't see the big picture of things anymore. I also lost my ability to reverse-engineer problematic outcomes and find solutions.
I used to be an architect but now I can't design anything, I just forgot how to do what I could do without thinking. I forgot Lisp and Clojure, functional programming is too hard for me now. I just don't understand it.
My iq also significantly dropped.
Summarizing all that, and also remembering that liking or not liking something implies that you have a personality, I can only see one reason – I probably don't have a personality anymore.
Here's a summary of my experiences from when I was depressed:
depression makes you dumb
you struggle with simplest tasks
you only eat and go to the bathroom because sometimes your basic instincts win
depression takes your power of will – the most valuable thing you have
society doesn't understand and shames you
you can't think
you can't focus
you can't study
you need money but you can't make it
you don't have that save space inside your thoughts anymore
you don't have dreams
your sleep schedule is fucked
every night there's a nightmare and you can't wake up
you can't cry
they prescribe you one neuroleptic after another and they only makes it worse, turning you into a vegetable
you feel nothing but shame and irrational infinite guilt10 -
We use a third party paid company to produce a service and give ongoing support for it, which all our revenue streams depend upon. They are shit and their service is shit. Here's how my conversation about testing went today.
Me: 'hey X wrote an integration test project for the service. It shows the service is broken 50% of the time. We should give their team access to it and have them run it as part of CI'
Colleague: 'They are too shit to setup CI'
PM: 'we are stuck with them so there is no point. It is what it is'
Boss: just ignores me. Not even a reply.
Some days later
Head of QA: 'Hey Dev and QA are broken'
Me: 'because their service is broken. I made so and so suggestion before but it was rejected. We will just have to accept Dev and QA are broken 50% of the time'
Head of QA: 'no we cant'
Me: 'ok so we should setup the tests to run by giving them access'
Head of QA: 'No we shouldn't. The tests can only be used by us and if they break it tells us so we can act on it, or choose not to'
Me: 'We would not want to act immediately on all our revenue streams breaking? Yes we can reverse engineer their client and fix errors as they occur, or we could just have them run the tests and a team our company pays for can stop adding breaking changes to their own API every other day. Right now it has been broken for 2 weeks.'
Head of QA: 'in an ideal world we would have an internal team so you're wrong'
Me: :)
I really don't understand how they can come to such a conclusion. Am I missing something or am I surrounded by total fucking idiots?2 -
Just wanted to code some better public transportation route calculator (better ux) and found out that the pt company offers an API.
EVERY FUCKING REQUEST HAS TO BE SENT AGAINST THE SAME FUCKING ENDPOINT IN A POST REQUEST WITH THE ORIGINAL REQUEST AS FUCKING XML IN THE FUCKING BODY. At least they offer xsd files... BUT THATS NO FUCKING HELP. At least not that much of a help. AND THE DOCUMENTATION DOES NOT STATE A SINGLE FUCKING EXAMPLE OF HOW TO USE THAT FUCKING ENDPOINT. I FOUND THIS OUT BY SENDING RANDOM REQUESTS TO THE ENDPOINT TRYING TO REVERSE ENGINEER THE EXISTING FUCKING FRONTEND AND NOW I NOTICED THAT 80% OF THE FUCKING DOCUMENTED FEATURES ARE DISABLED BECAUSE: NOT FUCKING SUPPORTED!!!
MAAAN WHY DO YOU DO THIS.
Alternatively I'd use the GTFS files they provide but THEY ARE FUCKING INCOMPLETE AND DONT STICK TO THE EXISTING STANDARD GOOGLE DEFINED... They also offer a different propietary format... BUT THATS FUCKING UNDOCUMENTED AND FUCKING INCOMPLETE... -
To be honest I forgot completely about the ducks and was kind of disappointed to see them, don't understand me wrong, its a great addition to the shop (especially to support devrant more when buying them and I will probably do too) and trogus (wow it's pronounced t-rogus) deserves a lot of respect for going through the very hard process of developing it, getting somebody to do a decent quality result etc. but I was hoping for the new site that got hyped up some time ago or some update to the app that fixes design issues on phones that have 2k resolution and no statusbar and more. ("just open a github issue" - I don't have one right now and it didn't get much attention anyway, since I am in the niche of people with those kind of setups, most people it seems have phones that can even barely run the app lol). The login still pops up each time you visit the site (basically just click it away, but it's rather annoying to have it pop up), it's nowhere near to the original app (although the native app is written in some sort of wrapper anyway?) - especially what comes to options, customizing, deactivating things, posting into categories (newest feature), getting notifications etc
There is some community builds that try to recreate a better desktop experience, but sadly fail to do so (sorry to devrantron and others, but what the fuck were you thinking when you rounded only the top right and left corner?) - since they always have something that is just thrown out to "be there" or design fails (which devrant just lacks and looks good across the board), that makes me rather cautious if that program doesn't send my credentials to some african prince. ("just look at the sourcecode", yes I have better things to do, thanks)
I could just create my own build, having to reverse engineer the whole website and app (granted, most of it are just api calls), but I simply lack the time (so I understand why my mentioned problems aren't getting really any attention or can't be implemented that fast, yet still its somewhat bugging)
I have listened to the Q&A and I know you guys are working full time at for example adobe (amazing that you both have time to be putting it towards devrant), so its not as much of a rant, just wanted to get out my disappointment about the event I felt personally. Still nice to have seen you and talk with the community a bit (although the time I feel was picked more towards your US audience rather than EU?).3 -
I really hate PHP frameworks.
I also often write my own frameworks but propriety. I have two decades experience doing without frameworks, writing frameworks and using frameworks.
Virtually every PHP framework I've ever used has causes more headaches than if I had simply written the code.
Let me give you an example. I want a tinyint in my database.
> Unknown column type "tinyint" requested.
Oh, doctrine doesn't support it and wont fix. Doctrine is a library that takes a perfectly good feature rich powerful enough database system and nerfs it to the capabilities of mysql 1.0.0 for portability and because the devs don't actually have the time to create a full ORM library. Sadly it's also the defacto for certain filthy disgusting frameworks whose name I shan't speak.
So I add my own type class. Annoying but what can you do.
I have to try to use it and to do so I have to register it in two places like this (pseudo)...
Types::add(Tinyint::class);
Doctrine::add(Tinyint::class);
Seems simply enough so I run it and see...
> Type tinyint already exists.
So I assume it's doing some magic loading it based on the directory and commend out the Type::add line to see.
> Type to be overwritten tinyint does not exist.
Are you fucking kidding me?
At this point I figure out it must be running twice. It's booting twice. Do I get a stack trace by default from a CLI command? Of course not because who would ever need that?
I take a quick look at parent::boot(). HttpKernel is the standard for Cli Commands?
I notice it has state, uses a protected booted property but I'm curious why it tries to boot so many times. I assume it's user error.
After some fiddling around I get a stack trace but only one boot. How is it possible?
It's not user error, the program flow of the framework is just sub par and it just calls boot all over the place.
I use the state variable and I have to do it in a weird way...
> $booted = $this->booted;parent::boot();if (!$booted) {doStuffOnceThatDependsOnParentBootage();}
A bit awkward but not life and death. I could probably just return but believe or not the parent is doing some crap if already booted. A common ugly practice but one that works is to usually call doSomething and have something only work around the state.
The thing is, doctrine does use TINYINT for bool and it gets all super confused now running commands like updates. It keeps trying to push changes when nothing changed. I'm building my own schema differential system for another project and it doesn't have these problems out of the box. It's not clever enough to handle ambiguous reverse mappings when single types are defined and it should be possible to match the right one or heck both are fine in this case. I'd expect ambiguity to be a problem with reverse engineer, not compare schema to an exact schema.
This is numpty country. Changing TINYINT UNSIGNED to TINYINT UNSIGNED. IT can't even compare two before and after strings.
There's a few other boots I could use but who cares. The internet seems to want to use that boot function. There's also init stages missing. Believe it or not there's a shutdown and reboot for the kernel. It might not be obvious but the Type::add line wants to go not in the boot method but in the top level scope along with the class definition. The top level scope is run only once.
I think people using OOP frameworks forget that there's a scope outside of the object in PHP. It's not ideal but does the trick given the functionality is confined to static only. The register command appears to have it's own check and noop or simply overwrite if the command is issued twice making things more confusing as it was working with register type before to merely alias a type to an existing type so that it could detect it from SQL when reverse engineering.
I start to wonder if I should just use columnDefinition.
It's this. Constantly on a daily basis using these pretentious stuck up frameworks and libraries.
It's not just the palava which in this case is relatively mild compared to some of the headaches that arise. It's that if you use a framework you expect basic things out of the box like oh I don't know support for the byte/char/tinyint/int8 type and a differential command that's able to compare two strings to see if they're different.
Some people might say you're using it wrong. There is such a thing as a learning curve and this one goes down, learning all the things it can't do. It's cripplesauce.12 -
Don't like the way how to do something? Witte software for it! You need something automated? Develop the autonation algorithms! Don't like how an open source application works? Change it! Don't like how the closed source application works? Fucking reverse engineer and patch it!
Being a developer opens incredibly man doors in the world of information technology, that technology that drives our world, society and so, so many parts of everyone's life. So why on earth wouldn't you want to be a developer?2 -
I am a computer science student and have worked with Java and C++ until now. A week ago i started in a job i have gotten from my professor. I have to reverse engineer a big python project and figure out how some things work on the serverside. This is the first time i have to work with python.
I get that you can write code fast with this dynamically typed language, but BOY. Is it just me or is this language fucking hard to reverse engineer? I mean what the fuck. There are some member variables in which can be anything. Like you suggest there is an object of this and that and then python comes in and is like: Good guess, but fuck you.4 -
Company had problematic client projects that each client has a bucket load of change requests. Company doesn't know how to say "No" to them. Company can't afford to pay the subvendors for the changes and the subvendors aren't willing to do them for free.
I went in, reverse engineer the shit out of each application, database, system, documented my own findings, changed according to each client request. This involves editing tables in MSSQL, rerouting PHP files, adding field and validations in C#, passing parameters in VB to Crystal Report, and managed every change request into my own personalize ticket system (that the company does not have).
Saved the company, everyone was grateful. A couple of months later, the company hasn't paid my salary on time, I left like a boss.
They're in shit again and need my help. Haha! -
The reason why developers should know the whole context of problem statement rather than just demanding requirements
Or
why the managers should set up the context of the problem rather than expecting magical solutions7 -
2nd post progress of this project https://devrant.com/rants/9985730/...
I went to shop to buy missing ir diode and bluetooth for arduino.
Launched arduino today with ir receiver and I managed to reverse engineer protocol.
Turns out it’s just NEC remote codes.
I used this library https://arduino.cc/reference/en/... to easily send and receive ir signals.
Everything took me whole day cause I’m rookie in hardware.
I can now remote control medion md 19500 using arduino.
Next step is to make it riding itself.
I need to measure speed and turn angle with error rates.
I will probably use pen and paper and let vacuum cleaner draw angle for me and after that I will use the most modern, accurate and cheapest angle measurement tool that is protractor - school welcome back
Speed can be more complicated and need another external complicated tool that is tape measure and a clock.
I also bought second robot because I got this stupid idea to allow people to control robots using internet.2 -
I am trying to reverse engineer a fingernail hardening device for rapid hardware prototyping (becoming some kind of hardware developer I guess)
Since it is a fucking mess (all cables are black) they've chosen a weird construct to operate microcontroller on 240Vac (seems to be possible and made in very low energy consuming devices) i do not find any datasheet for one of the used products. It would help a lot but no. And messing around with high voltage is no fun.
I'm unsure if this fits as a dev rant since most/all I've read so far are software-related.9 -
I am just saying that many successful biotechs were built on shoddy Unix scripts.
We don’t have to go that far anymore, but if your programmers are swearing at you in five years about your terrible code, that’s a win! You lasted five years and grew enough to hire judgmental programmers! Congratulations!
- Michele busby1 -
Wasted a day as Shitlock Holmes with the build chain.
It would not reproduce the firmware hexfile that had been checked in. Reverse engineering that along with the mapfile to find out the cause, it was a const string that was guarded by an ifdef from another file that was auto-generated as prebuild step via a script that fetched some version control info.
Or, it would have been if the installation instructions had been correct and someone had described that no spaces in the absolute path name of the project are allowed. Otherwise, that shit just failed silently.
I then had to reverse engineer the intended workflow from the commit history in the version control to figure out that the last dev obviously hadn't quite understood the project specific workflow and how the version control interacts with these build scripts.
At least, I finally did get a matching hexfile.1 -
FUCKING SOURCETREE!!!!!!! HOW THE FUCK DO U MANAGE TO BREAK YOURSELF MORE AND MORE...
Got a new PC so had to reinstall and apparently there's a new version, new UI/UX.... works ok... fine... :(
Now after some autoupdates the Bitbucket URL isn't recognized and I need to get a new repo....
I copy the URL (sourcetree://...) from the button but then ST complains some stupid HTTPS SSL cert error..... FUCK!!!
Tried IE, doesn't recognize the URL....
Last resort... I look at the URL itself...
hm.... points to a *.git file
Ok lets use git shell on another repo and get the remote address...
ssh://git@....
FUCK U!!!!!!!!!!!!!!!!!! HAD TO MANUALLY REVERSE ENGINEER AN SSH URL BECAUSE U CANT WORK WITH URSELF...10 -
Ok, now math is starting to make sense and I'm beginning to enjoy it.
Is this a new level of the love of hurting one self or is this the act of enjoyness? Hmmm...
I noticed that I like to "reverse engineer" the formula we have to remember (I don't like remembering without knowing its benefits and reason of existence and it will most likely be forgotten after graduation when I don't find these two attributes of one formula) and I noticed that I am rather old fashioned and like to do it in a complex way instead of the derived ready formula way.4 -
What would be the best "hot"/upcoming languages for a final year college project?
The project will focus on reverse engineering.
Basic Example: Intercepting signals from products such as a toy helicopters/drones/etc, reverse engineer the signals and try gain control of the device from that.
That's just a very basic function and there will be much more to it, but I'm struggling to decide on a language to pursue hand-in-hand with this project!
I hear Rust, Go, Julia and co being tossed around a lot.
Any suggestions would be helpful!
Cheers7 -
Tfw you have to reverse engineer a $50000 machine with practically zero documentation and all vendor specific hardware and software!
Has anybody else been through this ? -
Development: we need Nginx installed on *insert server list*
Me: ok, let me get in tough with the platform team.
Platform team: This should be installed in the userspace, Unix teams don't support this.
And here I am, trying to get a reverse proxy running on servers on which I do not have sudo rights.
Since it doesn't work, it's my fault, both sides block the door.
I installed it locally on a virtual machine, but the compiled or installed code doesn't work once copied.
The joy of being an "application engineer". This job title means nothing!12 -
I'm developing an app for a not so mobilefriendly website.
I do not coorporate with the webmaster, yet, so I need to sort of reverse engineer my way around everything (basically just one feature.. xD).
It's a website for people who likes to fish, and they *have* to submit their catches. So, when people submit their catches via the form and click "Submit", the URL they are sent to goes like
http://url.tld/submit_catch.asp/...
I can't figure out if that is a POST request, or what it is.
Somehow, I need to submit a catch from the Android App, and all I currently got is that URL.
What do I need to look into to solve my issue here? Any help appreciated :)22 -
The importance of not using static salt / IVs.
I've been working on a project that encrypts files using a user-provided password as key. This is done on the local machine which presents some challenges which aren't present on a hosted environment. I can't generate random salt / IVs and store them securely in my database. There's no secure way to store them - they would always end up on the client machine in plain text.
A naive approach would be to use static data as salt and IV. This is horrendously harmful to your security for the reason of rainbow tables.
If your encryption system is deterministic in the sense that encrypting / hashing the same string results in the same output each time, you can just compile a massive data set of input -> output and search it in no time flat, making it trivial to reverse engineer whatever password the user input so long as it's in the table.
For this reason, the IVs and salt are paramount. Because even if you generate and store the IVs and salt on the user's computer in plaintext, it doesn't reveal your key, but *does* make sure that your hashing / encryption isn't able to be looked up in a table1 -
Trying to reverse engineer a competitor's system, which is a pain due to lack of documentation (despite the fact that it's "open source")... Then I run into some documents on the web about a much earlier version, and suddenly, we're in business 😈😈
-
If only time was open-source, we could just create an Add method. What if we could reverse engineer, and re-implement time and the way we perceive it, through a programmable bio-interface? Imagine the ability to truly multitask, every thought is handled by a new instance of your brain, arguing and developing that thought just as it normally would. 🤔
-
Long post, TLDR: Given a large team building large enterprise apps with many parts (mini-projects/processes), how do you reduce the bus-factor and the # of Brent's (Phoenix Project)?
# The detailed version #
We have a lot of people making changes, building in new processes to support new flows or changes in the requirements and data.
But we also have to support these except when it gets into Production there is little information to quickly understand:
- how it works
- what it does/supposed to do
- what the inputs and dependencies are
So often times, if there's an issue, I have to reverse engineer whatever logic I can find out of a huge mess.
I guess the saying goes: the only people that know how it works is whoever wrote it and God.
I'm a senior dev but i spend a lot of time digging thru source code and PROD issues to figure out why ... is broken and how to maybe fix it.
I think in Agile there's supposed to be artifacts during development but never seen em.
Personally whenever i work on a new project, I write down notes and create design diagrams so i can confirm things and have easy to use references while working.
I don't think anyone else does that. And afterwards, I don't have anywhere to put it/share it. There is no central repo for this stuff other than our Wiki but for the most part, is like a dumping ground. You have to dig for information and hoping there's something useful.
And when people leave, information is lost forever and well... we hire a lot of monkeys... so again I feel a lot of times i m trying to recover information from a corrupted hard drive...
The only way real information is transferred is thru word of mouth, special knowledge transfer sessions.
Ideally I would like anything that goes into PROD to have design docs as well as usage instructions in order for anyone to be able to quickly pick it up as needed but I'm not sure if that's realistic.
Even unit tests don't seem to help much as they just test specific functions but don't give much detail about how a whole process is supposed to work.9 -
Getting a CodinGame puzzle's description without scraping the page.
I spent hours playing with different endpoints and changing values in postman, all to no avail. The most promising endpoint also returned user progress, which requires authentication, which requires a dummy account, which is against their ToS (it is allowed to reverse engineer the API though).
Turns out you just had to submit “null” for your user ID and it would remove the progress field.
Why is this tagged bad design?
["puzzle-id-string", user-id-as-int]
For almost anything, you POST json arrays...
Send help. -
So, I need to figure out what ir protocol a controller board uses. I know how to do it with a remote, but how would I do it with the board? Can I reverse engineer the ir reciver to find it's protocol?10
-
So you guys know how universities can sometimes have TERRIBLE old software that hasn't been updated for years, and sometimes you want to do a specific process over and over again so you end up automating it, now, we've built a tool that automates downloading projects from the University Moodle website, and we would like to publish it for other students to use.
Problem.
The University is using SSO.
And so far we've made the application to work by observing the network connections over the Android app version in order to extract the cookie session, now imagine that we publish this little tool, and tell people to do those exact steps, of course it's impractical and misses the whole point of the tool itself for being easy to use.
So, where can I read more about SSO, how can I figure out what the University uses? And if I had to reverse engineer this, where should I start? (It goes over 4 pages and I'm not able to capture those requests to even figure out what's going on)
In short is there a guide where you take a university SSO service and build on top of it? I couldn't find anything that is helpful. -
Reverse engineer an example off of github, use to make something else, stack exchange when it doesn't work, repeat.
-
I was able to replace Okta Verify with an open source Python script and Android app and I wrote a tutorial for it:
https://battlepenguin.com/tech/...
Unfortunately it won't work for our companies VPN which requires Okta Push. After fighting with Security for a bit, it looks like I'll have to do a Part II where I reverse engineer the Okta Verify protocol. -
So, the story starts with me getting a job. Full-time job for the first time in my 21 years old life. After short conversation about how amazing this company is, after countless lies and stood questions they decided to hire me. I had to get come on Monday a week later with everything prepared.
So of course I did that and got to my workplace on designated time. Turned out nobody was expecting me, nothing was prepared for a new programmer and everyone seemed angry at me for no apparent reason.
After long talk with my new boss I got some less than 100$ pc with CPU that couldn't handle virtualization and expected me to work on software that needed extensive use of virtual machine.
PC is of course filled with all kinds of spying software that uses most of the resources. IT teams only job is to check if programmers are working their assess off for at least 8 hours a day.
I've filled a ticket about granting me access to Debian machine on the mainframe so I could work. No response for two weeks. I've lost hope already.
I have to work on open space with more than 30 engineers. Screams, phone calls, alarms, all at once, all the time. My colleagues seem to not care and I can't understand how.
I was tasked with rewriting major application because old developer did some half assed piece of burning shit. It took him more than one year, I'm finishing it in less than two weeks.
Of course nobody except for me is preparing any kinds of documentation. I had to reverse-engineer whole API for alarm system.
Salary is less than a junior programmer should earn.
But I'm stuck here for at least a year because nobody's here wants a guy whose only experience is as a freelancer. -
Trail and error... So many errors.
Also watching videos to learn how code fits together, as well as looking for other people's example code to reverse engineer it, modify it to see what changed. -
I‘ve now my first smart home device. It is only a power outlet, but the story behind it is a bit special.
Because Apple trapped me in there ecosystem I wanted to have a HomeKit compatible outlet. The problem with that: Either to expensive or to big. So my ne mission: Connect a non HomeKit device to HomeKit, but without a too expensive proprietary gateway/bridge.
After a bit of googling I found a software called "Homebridge", build to run on a Raspberry Pi. Fortunately I had one old RasbPi 1 B. So I installed a new Raspbian and installed Homebridge. I forgot how slow it was.
Then I bought a cheap (but good) ZigBee outlet and a ZigBee USB Dongle. With a plugin for Homebridge it was very easy to connect the ZigBee Dongle.
Then I tried to connect the outlet, but the log said "Unrecognized device". After a bit of research I found out that the outlet is not supported by the homebridge-zigbee plugin. As a software engineer I tried to find a solution for it, so I reverse engineered the device recognition (very easy because Homebridge is a node application). After a while I managed to add the configuration for the outlet to the plugin.
And see, it became light.2 -
My brother works in fintech sector. He had created an Options strategy after months of hard work and deployed the strategy in production via CI/CD.
However, the strategy didn't deploy automatically on Monday and few trades didn't happen leading to loss. His boss came down firing at him as to why strategy was not deployed.
Turns out the IT team had changed the password on Friday evening as per their routine password updates.2 -
I'm doing the recommended math tasks. Since I can't trust the prof's solutions (he does errors here and there), I watch YouTube videos, Khan Academy videos, compare the results of the prof with the results of online step calculators such as wolfram alpha and find new rules I've never heard of before.
The prof doesn't really comment every step about why he's doing what. He just provides the solution and I have to reverse engineer from his solution up to the original state of the equation. Repeating the same procedure for the online calculator results as well.
I have to say that "Oh, boy, did I learn so many valuable things..." Stuff that I should have learned when I was at least doing my A levels (Abitur).
It is as if I am opening the gates to a new world. Not even exaggerating. Ok, maybe a bit. Ok, maybe a bit more, but no bit more than that.9 -
Russians Engineer a Brilliant Slot Machine Cheat
...But as the “pseudo” in the name suggests, the numbers aren’t truly random. Because human beings create them using coded instructions, PRNGs can’t help but be a bit deterministic. (A true random number generator must be rooted in a phenomenon that is not manmade, such as radioactive decay.) PRNGs take an initial number, known as a seed, and then mash it together with various hidden and shifting inputs—the time from a machine’s internal clock, for example—in order to produce a result that appears impossible to forecast. But if hackers can identify the various ingredients in that mathematical stew, they can potentially predict a PRNG’s output. That process of reverse engineering becomes much easier, of course, when a hacker has physical access to a slot machine’s innards...
https://wired.com/2017/02/...1 -
Bluez Sucks!
I'm trying to reverse engineer a BLE device.
And bluetoothctl keeps getting stuck with 'InProgress' error after 2 or 3 write requests.
I have to restart Bluetoothd each time.
Docs are even worse (or inexistent) -
Im going to shove their soapy WordPress plugin up their ass sideways.
Just had to reverse engineer a WordPress plugin communicating with a SOAP API.
Why? Because the stupid fucking retard company thinks "we do not support custom integrations at this time, only plugins for certain CMS and some external providers" IS IN ANY WAY AN OK THING? IT IS NOT.
And i am feeling ashamed for having purchased a WordPress plugin (100 bucks) just for reversing it. My server even has to Report to them as wordpress to get access.
So fucking typical for swiss companies
Edit: also, they state they DO support custom integrations on their main website :/