Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "reverse engineering"
Definitely my security teacher. He actually expected us to actively learn the stuff and put effort into our education. He guided us through malware analysis and reverse engineering, simplifying it without insulting us.
We had students who thought they knew everything and he corrected them. We had arrogant students he put in place.
He treated us like adults and expected us to act like adults.
That's the only class I enjoyed studying for, because he would tell us exactly what wasn't on the exams (it was an intro course, didn't need to know the math). There were no trick questions.
I told him about the shitty teacher and he helped me through that confidence block. He helped me realize I *can* make it through the workforce as a female in security because I will work my ass off to be the best I can be. He reminded me why I love computers and why I want to go into forensics.
He's been a great mentor and role model and hiring him is one of the few things my department did right.7
Client: I want you to reverse engineer this piece of software!!
*posts some link to an exe on altervista along with some unrelated crap*
Oh and "I PAY"! (Because you can't even take that for granted anymore these days.)
Me: Alright, I'll look into it but I'm not a reverse engineering expert so don't expect too much.
Client, day after: Hey have you looked into it already? Have you finished it already?! HEY, RESPOND ALREADY!!!
Me (thinking): YEAH AFTER 1 DAY AND NO PAYMENT DETAILS WHATSOEVER, I INSTANTLY DROPPED EVERYTHING JUST TO PLEASE YOU, FILTHY RAT SACK!! You fucking wish, motherfucker. Down to lowest priority you go! And if I don't feel like doing it, how about I just drop your request and tell you to suck my fleshy snek, HOW ABOUT THAT HUH? Fucking piece of shit 😤12
FUCK PROPRIETARY FILE FORMATS. I'm now commiting to devoting the rest of my life to reverse engineering these shitty things. I'm fed up 😤16
Best experience: reverse engineering a CMS site to build a mobile app for it
Worst experience: reverse engineering a CMS site to build a mobile app for it
Back when I was in school (about 15 years old) and I played games, I had a particularly favourite game that I would play. It was a lesser known strategy game made by a single hobbyist Dev.
I was already known in the community for making some mods for the game and chatbots.
What most people didn't know was that I had made a map hack and various other cheats that made it significantly easier to win by reverse engineering the game and modifying the x86 assembly in ollydbg.
One thing in particular I had been working on at the time was a game replay editor. I had reverse engineered the saved game (replay) format and was able to replay them, edit them and generate them.
During one particular match, a person in the community particularly annoyed me and I edited the saved game to change what his moves were and the words he spoke. It made him look a bit like an idiot but IMHO was only a slight exaggeration of the truth.
I posted the game replay on the forums and everyone was in hysterics about the crazy things he did and said in the replay.
As no one knew I had this capability they all believed the replay and even the guy in the replay couldn't believe it himself and didn't understand what happened. He just kept telling everyone it didn't happen and the 'truth is in the pudding'.
Although I originally intended to tell everyone what I did, I never did and whenever the guy entered in to a game everyone would laugh about it and say 'the truth was in the pudding'.
He was no longer annoying me and it sort of made me feel like a god at the time.
So that's my wk65.4
Impostor vs Kenner syndrome
We got a new kid which does his internship from school. We talked and he asked me what stuff I had done with 14 - 16. I remembered with 14 I was really into reverse engineering, assembler and c/c++ but never managed to actually build something.
So he started to say stuff like he could replace me in an instant and he should get paid for this internship at least as much as I did, because he made some websites and games already.
I really was down. Kids today get a lot of shit done and I was a disappointing lazy little shit just playing games and try to reverse engineer stuff and learn assembler and c++.
It's been month and shit hit me when I've seen his stuff was copy pasted from a tutorial/ YouTube video.
Today's ressources, languages, frameworks make it really easy to build something but I still got respect for everyone every age who is interested and get into programming and stuff.
But I hope you'll read this you little shit and realise that you can use a simple physics engine by copy and pasting code. So don't talk disrespectful to people in general especially when they can create a whole game and physics engine.14
Saw some cheapie little radio in the dollar store, bought 2 of them for reverse engineering. Powered it from my lab bench power supply as usual, and tested whether it actually works before doing anything else.. then I noticed that the tunes were actually quite catchy, so I just ended up listening.
Then I started to notice that the audio wire I was using (the one I've spent a couple of days building earlier) had intermittent audio issues where the right driver would drop out when the wire was held in certain positions. Oscilloscope probing showed that there was some sort of disconnect, with only the 50Hz noise from the power lines showing up. Opened up the connector and noticed that the ground wire had detached. An 28AWG electrical wire that was inside a jack that was meant for stress relief! Yet the copper strands must've detached one by one regardless. What do I need then, huh?! 18AWG which wouldn't even fit on the connector, only to see the strands in that eventually detach as well?! You know what, let's go fancy.. 1AWG which is meant for extremely high current applications!!
At that point I was literally shouting "FUCK!!! Why does this shit always happen to me?!! ONE FUCKING PROJECT THAT FINISHED SUCCESSFULLY, YET STILL BROKE?!!!! WHY!!!!!!"
Clearly I need some fresh air to cool down. On my way to the fast food restaurant to get some Bicky burgers. More shit, humans. One stupid driver who slowed down on me, which of all things I hate the most. GO FASTER ALREADY YOU SLOWFUCK, AND GET THE FUCK OUT OF MY SIGHT!!! Next a pedestrian with a dog.. I swear motherfucker, if that dog comes anywhere near me I'll personally turn it into fucking fricassee.
Ah and then comes the killer.. in this stupid fucking summer, all that's needed to fix any issue is a fucking stupid DESPACITO, right?! More like DeSPASTICo!! FUCK!!!!
.. Back home, rather tired. So essentially a wire that was specifically built to have high endurance broke on me. Back to Bluetooth I guess.2
I miss the days I actually enjoyed playing games.
6 years of programming later...
I'm always wondering how did they make the game? Once I find out how, I lose interest in the game.
I spend more time reverse engineering/exploiting/modifying the Client of games than actually playing them, more out of curiosity than causing harm.
Am I evil? 😫5
Just thought I'd share my current project: Taking an old ISA sound card I got off eBay and wiring it up to an Arduino to control its OPL3 synth from a MIDI keyboard. I have it mostly working now.
No intention to play audio samples, so I've not bothered with any of the DMA stuff - just MIDI (MPU-401 UART) and OPL3.
It has involved learning the pinout of the ISA bus connectors, figuring out which ones are actually used for this card, ignoring the standards a little (hello, amplifier chip that is wired up to the +12V line but which still happily works at +5V...)
Most of the wires going to it are for each bit of the 16-bit address and 8-bit data. Using a couple of shift registers for the address, and a universal shift register for the data. Wrote some fairly primitive ISA bus read/write code, but it was really slow. Eventually found out about SPI and re-wrote the code to use that and it became very fast. Had trouble with some timings, fixed those.
The card is an ISA Plug and Play card, meaning before I could use it I had to tell it what resources to use. Linux driver code and some reverse-engineering of the official Windows/DOS drivers got me past this stage.
Wired up IRQ 5 to an Arduino interrupt to deal with incoming MIDI data, with a routine that buffers it. Ran into trouble with the interrupt happening during I/O and needing to do some I/O inside the handler and had to set a flag to decide whether to disable/re-enable interrupts during I/O.
It looks like total chaos, but the various wires going across the breadboard are mainly to make it easier to deal with the 16-bit address and 8-bit data lines. The LEDs were initially used to check what addresses/data were being sent, but now only one of them is connected and indicates when the interrupt handler is executing.
There's still a lot to do after that though - MIDI and OPL3 are two completely different things so I had to write some code to manage the different "channels" of the OPL3 chip. I have it playing multiple notes at the same time but need to make it able to control the various settings over MIDI. Eventually I might add some physical controls to it and get a PCB made.
The fun part is, I only vaguely know what I'm doing with the electronics side of this. I didn't know what a "shift register" was before this project, nor anything about the workings of the ISA bus. I knew a bit about MIDI (both the protocol and generally how the MPU-401 UART works) along with the operation of a sound card from a driver/software perspective, but everything else is pretty new to me.
As a useful little extra, I made some "fake" components that I can build the software against on a PC, to run some tests before uploading it to the Arduino (mostly just prints out the addresses it is going to try and write to).46
I often times write code and think to myself "I don't have to comment this, it's obvious what is going on", only to find myself back at the same code, figuring out wtf it does...1
!rant 📚 📑
Cybersecurity books @Humble Bundle
There is a really great Humble Book Bundle at the moment, starting at 1$. The bundle contains several cyber security books ("Practical Reverse Engineering" and "Security Engineering" have a good reputation).8
Taking a for-giggles training on reverse engineering... It's theory. Basic level theory. Posted 6 months ago.
"someone might want to reverse engineer Microsoft Word in order to change its code so that it could be run on a Mac."
Are we ignoring how old Word has had Mac support????
When your colleague comments out some of your codes just to reverse engineer how it works. And checked it in!!!2
When you try to reverse engineer some $5 toy but the ICs Datasheet is only in chinese ;-(
And Google translate for pdf sucks.4
1 - Writing a 20 lines Python module in 15 minutes approx.
2 - Accidentally deleting this module.
3 - Taking 1 hour finding a way to generating source code from the compiled PYC Python file.1
This happened with one of our senior profs during the first year of my college. I wouldn't call him a dev if my life depended on calling him a dev but regardless, I narrate the story here.
We were "taught" C++ by some really dumb professors during our first year of college and it was mandatory that everyone cleared the subject regardless of what field of engineering the students chose. Having already done 2 years of C++, it was quite a breeze for me. But during the final lab exam, one of my friends requested my help in solving the quite tough question (for those beginners). Thinking the exam and teaching was unfair, I stupidly wrote the answer on a piece of paper and passed it to him. One of our teachers, who had seen him ask me, was lying low waiting to catch me in the act and she swooped in and busted our asses kicking us out of the exam hall and sending us to the HoDs office like some prize from her war against academic corruption.
In the end, I failed the exam for cheating and had to redo (not only the exam but the entire lab course).
When I returned to college during the summer vacations to redo the course, I first met the antagonist of our story. Having a huge head that looked like a deformed watermelon and an ego the size of a building, he assaulted us first with a verbal diarrhoea of his achievements as a CS professor. I quickly realised that I was in a class of people who had failed to grasp how to make a program that printed "Hello World". To make things shorter, every question the prof gave us, I managed to solve in a mere matter of minutes, several better than his own solutions. Not having expected a student who knew his shit, he was determined to play me down. He hurled tougher question at me and I knocked them over his enormous head piercing his ego. He asked me such questions as how to reverse 1000 and get 0001 and wasn't satisfied with the several ways I gave because none of it were what he had in mind (which turned out to be storing them in a fucking array and printing them in reverse. That's printing not reversing you dung beetle). I kept my calm throughout but on the day of the final exam, he set quite a tough paper for a class of people who had already failed once. To his utter shock and dismay, I aced that too and I produced flawless code. This man who has an MTech from one of the most reputed colleges of my country then proceeded to tell me that he had to cut my marks because I had used more than one function when the question had asked for one function ( it never said only one). I lost my shit and pointed out that since I was the programmer, it was my wish how I coded. I also explained to him how repeating code is a bad practice and one should use functions to reduce redundancy and keep the code clean. Nevertheless, he lost his shit and he threatened me with consequences as apparently "I didn't know who I was messing with". I handed over the paper and stormed out of the class (though he called me back and tried to argue more with me. I apologized for losing my shit and left when he was done talking). I ended up getting a 'C'. Totally worth it.4
It's not that understanding code is so hard (although it can be); understanding the _intent_ is hard. This MVP is great, but when no one had time to document what is actually supposed to happen, programmers have to reverse-engineer the *design*.4
The coolest thing I have worked on is a League of Legends sandbox. A reverse engineering of the official server, so we could do whatever we want.
Dev at the start of a project: My code will be effective, clean and well organised!
Dev at the end of a project: console.log("Reverse engineering strictly prohibited.")
MFW after a year of reverse engineering everything I finally talk to the last guy and he shows me the heaps and heaps of documentation he wrote that nobody ever bothered to mention
I have found the best game for learning ever XD
I have recently heared about io.netgarage.org and tried to solve several it's levels, and I find this game awsome
It is the best to learn reverse engineering)) it is just like an Impossible quiz, where you have to smash the stack to get to the next level))
I have wasted much time for that, but it is worth it))
((Not an advertisment))7
I'M A SENIOR DEVELOPER NOT A BUSINESS ANALYST...
IF YOU GIVE ME SOME CRAPPY LEGACY CODE THAT SOMEONE RANDOMLY DECIDED TO USE, THE ONLY WAY I CAN UNDERSTAND IT IS BY RUNNING IT AND REVERSE ENGINEERING THE "BUSINESS LOGIC".
ADD THAT WITH BAD INPUTS... THE ONLY THING YOUR DOING IS WASTING MY TIME..
JUST BURN THE WHOLE THING AND GIVE ME THE REQUIREMENTS OF WHAT YOU ACTUALLY WANT....
It feels like I've been fucking a pig all week...
Oh and now my team agrees and will look to get the actual requirements from the business...
This feels like a hallow victory.... As that was the first thing I told them to do....
I am trying to reverse engineer a fingernail hardening device for rapid hardware prototyping (becoming some kind of hardware developer I guess)
Since it is a fucking mess (all cables are black) they've chosen a weird construct to operate microcontroller on 240Vac (seems to be possible and made in very low energy consuming devices) i do not find any datasheet for one of the used products. It would help a lot but no. And messing around with high voltage is no fun.
I'm unsure if this fits as a dev rant since most/all I've read so far are software-related.9
That shitty moment when you are reverse engineering an app (LINE), but can't find any useful hints.
Web analysis didn't help. Decompiling the windows executable also didn't help. Testing the app on different behaviour with python scripts didn't help. Analysing the android app on windows with the jadx decompiler and other decompiler didn't help that much.
BUT today it worked. I did use a paid "Dex dump" android application. I found some methods that the app receives from the servers with a thrift protocol.
Now I just need to find the right parameters to be finally able to make a bot. Hehehe.
That was a hard way, but it paid out. I did learn so many things. It took me like a whole year.5
I did reverse engineering on window command prompt hahaha
of course it was just for the commands:
which were the ones I needed because the admins in my school blocked cmd.4
Just succesfully converted my entire app from using web scraping data fetching to direct API by reverse-engineering their android app to get to their private API
App is running much faster and more stable now, feels good5
So I've been working trying to get a file exporter for a binary file format mostly reverse engineered - 2001 Super Monkey Ball 2 (GameCube) if anyone's interested.
Everything works fine, goals show up in the right places, wormholes work as intended, etc. That is everything, except every single level you create will be invisible, or crash (Depending on which version of Dolphin emu you use).
This happens whenever trying to specify object names for 3D objects. I checked, all the many offsets seem correct, Object names are correct. Tried both null terminated strings and fixed 80 character strings - nothing.
Some other guy also made an exporter that works, however the code is an absolute mess - basically unreadable. It also lacks some newer parts of the file spec, which is the main reason as to why I'm rewriting it.
And as I'm working with an almost entirely unheard of file format, there are few people to go to for help. The 2 I know who are also familiar with the LZ file format have no idea either...
I am a computer science student and have worked with Java and C++ until now. A week ago i started in a job i have gotten from my professor. I have to reverse engineer a big python project and figure out how some things work on the serverside. This is the first time i have to work with python.
I get that you can write code fast with this dynamically typed language, but BOY. Is it just me or is this language fucking hard to reverse engineer? I mean what the fuck. There are some member variables in which can be anything. Like you suggest there is an object of this and that and then python comes in and is like: Good guess, but fuck you.4
It was an internship. They wanted me to spoof the government's digital signature on some online tax-filing documents by reverse engineering the government's application, just because the whole process of recieving authentic signatures would have taken time, and they wanted it _now_2
I just got an some ESP32 so I started playing with idf by espressif that it's released under apache 2.0.
So i thought "it's open source"
I spent 10 minutes searching for low level WiFi and BLE APIs on github.
Then I found an old issue
where an espressif dev says:
"The low level Bluetooth & WiFi implementations are proprietary"
they distribute Binary files in another repo also under apache 2.0.
-- (obviuosly) except reverse engineering.2
I fucking agreed for this extension to my internship only because my fucking manager told me, I'd get to work on something exciting. It's been 3 weeks on this new project and I'm still stuck at reverse engineering, feasibility and writing docs !!!!
I JUST WANT THIS THING TO BE OVER IT1
When you are trying to reverse engineering context free grammar rules from given sentences......
Not possible. Worst assignment yet.2
Recipe for reverse engineering data structures / binary formats:
1℅ understanding the theory.
1℅ expections about what you will find.
45% trial and error.
For my design thesis I'm gonna design a banking app for kids. And i'd like to have a look at competitors apps screendesign.
Is it possible to open android and/or iphone apps in android studio/xcode in order to have a look at the screen designs?
Because I'm no kid or parent so getting accsess the legit way is out of question.5
Reverse engineering a USB device driver I already have the source for because apparently it runs on Donald Trumps hair magic.
Some business users have been chasing me all week to produce a report using some old report with some modifications.
I didn't write the old code and have no context as to what the data is.
My current reaction is:
so you want a report that says X using some vague input which you haven't clearly defined or explained to me...
Have you heard about black boxes and overfitting (i.e. reverse engineering a process based on sample data)?
TLDR: I can generate a report that will say anything you want it to say... doesn't mean it will be right in future use cases.
Why don't people (originally GBoard suggested peepee) understand "junk in = junk out"
What would be the best "hot"/upcoming languages for a final year college project?
The project will focus on reverse engineering.
Basic Example: Intercepting signals from products such as a toy helicopters/drones/etc, reverse engineer the signals and try gain control of the device from that.
That's just a very basic function and there will be much more to it, but I'm struggling to decide on a language to pursue hand-in-hand with this project!
I hear Rust, Go, Julia and co being tossed around a lot.
Any suggestions would be helpful!
Most fun i had was reverse engineering lg tone & talk where my headset would vibrate and talk to me on deployments or when something happened
We've been working on a big application on-and-off for the last year (whenever we had time.) It was 99% working, and we left it to work on some other apps. We come back to it, only to find that some big features have magically stopped working. We dig into it and find thT some other dev team completely changed the functionality of one of the existing off-application microservices were utilizing without telling us, and then we had to spend days reverse-engineering what they did so we could retrofit our application to communicate with the microservice again.
We were able to get it fixed, but I just know that they're going to change something else in the future without telling us and it's gonna break again. A little interdepartmental communication would be greeeeaaaat!1
Someone had created a program in VB that was used to properly format files for EFTs for a while. It wasn't working with a particular file, so I just ended up reverse-engineering it in Python.
Everytime I try to use company-wide libraries, I need to do damn reverse engineering. Why the fuck they don't put actual examples on the documentation!
I was introduced to disassembly/reverse engineering today. It's amazing how many production applications use isLicenseValid() or other helpful function signatures to assist in my practical learning :p I'm looking at you sublime text
I want to begin in reverse-engineering.
Creating or beginning to create an emulator stimulates me. Can someone give me some tutorials, keywords, links to where I should search if anyone knows this kind of stuff ?2
I hate programmatic auto layout. It's such a mess! Simple shit like cells that can easily be defined in a .nib become spaghetti coded messes that violate every good programming practice ever. Want to recreate the same style of cell again? Good luck reverse engineering the hieroglyphics your teammate wrote when creating the layout by hand. Never mind a whole bunch of useless shit is done in code that could easily be defined via runtime attributes through the storyboard. But why learn a new approach? Cause job security. Or because for some reason Interface Builder tools are seen as "too hard" or "not scalable" to use.. fuck me.2
6 hours of work before I actually wrote a line of code today. Reverse engineering stuff is interesting but not always fun
How I hate all those people who think VisualStudio Code is Open Source. It's not! Read the f*cking license!
In fact, you aren't even allowed to inspect its network traffic. Not to mention reverse engineering. That's nowhere near OpenSource.
You sure can download the source code, licensed as MIT, but building it won't give you the same piece of software.
Don't believe in everything someone tells you. Use your brain and check the facts.15
I think I’m changing my career goal from web developer to a reverse engineering job. I’m having so much fun with it this morning 😁😁😁
!Rant Now for some nice, relaxing (infuriating) reverse engineering.
At least they were kind enough to use .Net1
Balancing final year CS with a startup that's that will be difficult and might end in a big payout, yay or nay?4
Bitcoin malwares are everywhere.
The hard part is doing reverse engineering and wondering why its feeding on only top of the stack in assembly
Edit: Using IDA Pro
Looking for some guidance on a final year college research project:
I was going to look into hacking drones/toy helicopters/those Fitbit watch things or whatnot, but I'm not sure if it would go down well! Some technologies I'm looking to explore through this project include reverse engineering, machine learning and container technologies (docker, rkt) if that helps?
Am I along the right lines or should I take a different approach with different topics? If so, an update on what's "hot" or upcoming at the moment would be helpful.
Today after the week and a lesson time in an high-school I got back home and decided to play some sacred 2
I had already installed some mods on it given that I have already finished it years ago and I wanted some challenge.
It ends up that the mods add too much difficulty, so I open up the configuration files of the mod (some sort of Lua tables) and then spend like an hour and half doing some reverse engineering on it to find a middle way between the vanilla and the Uber difficult mod
Russians Engineer a Brilliant Slot Machine Cheat
...But as the “pseudo” in the name suggests, the numbers aren’t truly random. Because human beings create them using coded instructions, PRNGs can’t help but be a bit deterministic. (A true random number generator must be rooted in a phenomenon that is not manmade, such as radioactive decay.) PRNGs take an initial number, known as a seed, and then mash it together with various hidden and shifting inputs—the time from a machine’s internal clock, for example—in order to produce a result that appears impossible to forecast. But if hackers can identify the various ingredients in that mathematical stew, they can potentially predict a PRNG’s output. That process of reverse engineering becomes much easier, of course, when a hacker has physical access to a slot machine’s innards...
Anyone knows if u can make good money by reverse Engineering apks and looking for security holes? Anyone experienced in doing that and how much could u charge1
Anyone had any experience in reverse engineering WiFi light bulbs?
My SO and I dislike that our bulb only registers to one device at a time, I had an idea to communicate with it through a web application hosted on my RPi. Unfortunately, I am not a networks man (outside of basic CS education) and have no idea how to reverse engineer the protocols used to communicate with it from my phone and so on.
Reverse engineering with IDA, be like:
Ow that makes sense, lets jmp there, nope thats not... aaah this must be the subroutine I was lookig for, nope thats not it, repeat.
Aren't we all, just pieces of pseudo softwares, reverse engineering our way to find our source code....🤔1