Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "reverse engineering"
Definitely my security teacher. He actually expected us to actively learn the stuff and put effort into our education. He guided us through malware analysis and reverse engineering, simplifying it without insulting us.
We had students who thought they knew everything and he corrected them. We had arrogant students he put in place.
He treated us like adults and expected us to act like adults.
That's the only class I enjoyed studying for, because he would tell us exactly what wasn't on the exams (it was an intro course, didn't need to know the math). There were no trick questions.
I told him about the shitty teacher and he helped me through that confidence block. He helped me realize I *can* make it through the workforce as a female in security because I will work my ass off to be the best I can be. He reminded me why I love computers and why I want to go into forensics.
He's been a great mentor and role model and hiring him is one of the few things my department did right.7
FUCK PROPRIETARY FILE FORMATS. I'm now commiting to devoting the rest of my life to reverse engineering these shitty things. I'm fed up 😤19
Best experience: reverse engineering a CMS site to build a mobile app for it
Worst experience: reverse engineering a CMS site to build a mobile app for it
Back when I was in school (about 15 years old) and I played games, I had a particularly favourite game that I would play. It was a lesser known strategy game made by a single hobbyist Dev.
I was already known in the community for making some mods for the game and chatbots.
What most people didn't know was that I had made a map hack and various other cheats that made it significantly easier to win by reverse engineering the game and modifying the x86 assembly in ollydbg.
One thing in particular I had been working on at the time was a game replay editor. I had reverse engineered the saved game (replay) format and was able to replay them, edit them and generate them.
During one particular match, a person in the community particularly annoyed me and I edited the saved game to change what his moves were and the words he spoke. It made him look a bit like an idiot but IMHO was only a slight exaggeration of the truth.
I posted the game replay on the forums and everyone was in hysterics about the crazy things he did and said in the replay.
As no one knew I had this capability they all believed the replay and even the guy in the replay couldn't believe it himself and didn't understand what happened. He just kept telling everyone it didn't happen and the 'truth is in the pudding'.
Although I originally intended to tell everyone what I did, I never did and whenever the guy entered in to a game everyone would laugh about it and say 'the truth was in the pudding'.
He was no longer annoying me and it sort of made me feel like a god at the time.
So that's my wk65.4
Impostor vs Kenner syndrome
We got a new kid which does his internship from school. We talked and he asked me what stuff I had done with 14 - 16. I remembered with 14 I was really into reverse engineering, assembler and c/c++ but never managed to actually build something.
So he started to say stuff like he could replace me in an instant and he should get paid for this internship at least as much as I did, because he made some websites and games already.
I really was down. Kids today get a lot of shit done and I was a disappointing lazy little shit just playing games and try to reverse engineer stuff and learn assembler and c++.
It's been month and shit hit me when I've seen his stuff was copy pasted from a tutorial/ YouTube video.
Today's ressources, languages, frameworks make it really easy to build something but I still got respect for everyone every age who is interested and get into programming and stuff.
But I hope you'll read this you little shit and realise that you can use a simple physics engine by copy and pasting code. So don't talk disrespectful to people in general especially when they can create a whole game and physics engine.15
I miss the days I actually enjoyed playing games.
6 years of programming later...
I'm always wondering how did they make the game? Once I find out how, I lose interest in the game.
I spend more time reverse engineering/exploiting/modifying the Client of games than actually playing them, more out of curiosity than causing harm.
Am I evil? 😫5
I often times write code and think to myself "I don't have to comment this, it's obvious what is going on", only to find myself back at the same code, figuring out wtf it does...1
!rant 📚 📑
Cybersecurity books @Humble Bundle
There is a really great Humble Book Bundle at the moment, starting at 1$. The bundle contains several cyber security books ("Practical Reverse Engineering" and "Security Engineering" have a good reputation).8
Taking a for-giggles training on reverse engineering... It's theory. Basic level theory. Posted 6 months ago.
"someone might want to reverse engineer Microsoft Word in order to change its code so that it could be run on a Mac."
Are we ignoring how old Word has had Mac support????
When you try to reverse engineer some $5 toy but the ICs Datasheet is only in chinese ;-(
And Google translate for pdf sucks.4
1 - Writing a 20 lines Python module in 15 minutes approx.
2 - Accidentally deleting this module.
3 - Taking 1 hour finding a way to generating source code from the compiled PYC Python file.1
It's not that understanding code is so hard (although it can be); understanding the _intent_ is hard. This MVP is great, but when no one had time to document what is actually supposed to happen, programmers have to reverse-engineer the *design*.4
The coolest thing I have worked on is a League of Legends sandbox. A reverse engineering of the official server, so we could do whatever we want.
MFW after a year of reverse engineering everything I finally talk to the last guy and he shows me the heaps and heaps of documentation he wrote that nobody ever bothered to mention
Dev at the start of a project: My code will be effective, clean and well organised!
Dev at the end of a project: console.log("Reverse engineering strictly prohibited.")
I'M A SENIOR DEVELOPER NOT A BUSINESS ANALYST...
IF YOU GIVE ME SOME CRAPPY LEGACY CODE THAT SOMEONE RANDOMLY DECIDED TO USE, THE ONLY WAY I CAN UNDERSTAND IT IS BY RUNNING IT AND REVERSE ENGINEERING THE "BUSINESS LOGIC".
ADD THAT WITH BAD INPUTS... THE ONLY THING YOUR DOING IS WASTING MY TIME..
JUST BURN THE WHOLE THING AND GIVE ME THE REQUIREMENTS OF WHAT YOU ACTUALLY WANT....
It feels like I've been fucking a pig all week...
Oh and now my team agrees and will look to get the actual requirements from the business...
This feels like a hallow victory.... As that was the first thing I told them to do....
I have found the best game for learning ever XD
I have recently heared about io.netgarage.org and tried to solve several it's levels, and I find this game awsome
It is the best to learn reverse engineering)) it is just like an Impossible quiz, where you have to smash the stack to get to the next level))
I have wasted much time for that, but it is worth it))
((Not an advertisment))7
So I've been working trying to get a file exporter for a binary file format mostly reverse engineered - 2001 Super Monkey Ball 2 (GameCube) if anyone's interested.
Everything works fine, goals show up in the right places, wormholes work as intended, etc. That is everything, except every single level you create will be invisible, or crash (Depending on which version of Dolphin emu you use).
This happens whenever trying to specify object names for 3D objects. I checked, all the many offsets seem correct, Object names are correct. Tried both null terminated strings and fixed 80 character strings - nothing.
Some other guy also made an exporter that works, however the code is an absolute mess - basically unreadable. It also lacks some newer parts of the file spec, which is the main reason as to why I'm rewriting it.
And as I'm working with an almost entirely unheard of file format, there are few people to go to for help. The 2 I know who are also familiar with the LZ file format have no idea either...
That shitty moment when you are reverse engineering an app (LINE), but can't find any useful hints.
Web analysis didn't help. Decompiling the windows executable also didn't help. Testing the app on different behaviour with python scripts didn't help. Analysing the android app on windows with the jadx decompiler and other decompiler didn't help that much.
BUT today it worked. I did use a paid "Dex dump" android application. I found some methods that the app receives from the servers with a thrift protocol.
Now I just need to find the right parameters to be finally able to make a bot. Hehehe.
That was a hard way, but it paid out. I did learn so many things. It took me like a whole year.5
I am trying to reverse engineer a fingernail hardening device for rapid hardware prototyping (becoming some kind of hardware developer I guess)
Since it is a fucking mess (all cables are black) they've chosen a weird construct to operate microcontroller on 240Vac (seems to be possible and made in very low energy consuming devices) i do not find any datasheet for one of the used products. It would help a lot but no. And messing around with high voltage is no fun.
I'm unsure if this fits as a dev rant since most/all I've read so far are software-related.9
I did reverse engineering on window command prompt hahaha
of course it was just for the commands:
which were the ones I needed because the admins in my school blocked cmd.4
I am a computer science student and have worked with Java and C++ until now. A week ago i started in a job i have gotten from my professor. I have to reverse engineer a big python project and figure out how some things work on the serverside. This is the first time i have to work with python.
I get that you can write code fast with this dynamically typed language, but BOY. Is it just me or is this language fucking hard to reverse engineer? I mean what the fuck. There are some member variables in which can be anything. Like you suggest there is an object of this and that and then python comes in and is like: Good guess, but fuck you.4
Just succesfully converted my entire app from using web scraping data fetching to direct API by reverse-engineering their android app to get to their private API
App is running much faster and more stable now, feels good5
I just got an some ESP32 so I started playing with idf by espressif that it's released under apache 2.0.
So i thought "it's open source"
I spent 10 minutes searching for low level WiFi and BLE APIs on github.
Then I found an old issue
where an espressif dev says:
"The low level Bluetooth & WiFi implementations are proprietary"
they distribute Binary files in another repo also under apache 2.0.
-- (obviuosly) except reverse engineering.2
It was an internship. They wanted me to spoof the government's digital signature on some online tax-filing documents by reverse engineering the government's application, just because the whole process of recieving authentic signatures would have taken time, and they wanted it _now_2
When you are trying to reverse engineering context free grammar rules from given sentences......
Not possible. Worst assignment yet.2
For my design thesis I'm gonna design a banking app for kids. And i'd like to have a look at competitors apps screendesign.
Is it possible to open android and/or iphone apps in android studio/xcode in order to have a look at the screen designs?
Because I'm no kid or parent so getting accsess the legit way is out of question.6
Most fun i had was reverse engineering lg tone & talk where my headset would vibrate and talk to me on deployments or when something happened
Recipe for reverse engineering data structures / binary formats:
1℅ understanding the theory.
1℅ expections about what you will find.
45% trial and error.
Reverse engineering a USB device driver I already have the source for because apparently it runs on Donald Trumps hair magic.
Some business users have been chasing me all week to produce a report using some old report with some modifications.
I didn't write the old code and have no context as to what the data is.
My current reaction is:
so you want a report that says X using some vague input which you haven't clearly defined or explained to me...
Have you heard about black boxes and overfitting (i.e. reverse engineering a process based on sample data)?
TLDR: I can generate a report that will say anything you want it to say... doesn't mean it will be right in future use cases.
Why don't people (originally GBoard suggested peepee) understand "junk in = junk out"
What would be the best "hot"/upcoming languages for a final year college project?
The project will focus on reverse engineering.
Basic Example: Intercepting signals from products such as a toy helicopters/drones/etc, reverse engineer the signals and try gain control of the device from that.
That's just a very basic function and there will be much more to it, but I'm struggling to decide on a language to pursue hand-in-hand with this project!
I hear Rust, Go, Julia and co being tossed around a lot.
Any suggestions would be helpful!
Someone had created a program in VB that was used to properly format files for EFTs for a while. It wasn't working with a particular file, so I just ended up reverse-engineering it in Python.
Everytime I try to use company-wide libraries, I need to do damn reverse engineering. Why the fuck they don't put actual examples on the documentation!
I hate programmatic auto layout. It's such a mess! Simple shit like cells that can easily be defined in a .nib become spaghetti coded messes that violate every good programming practice ever. Want to recreate the same style of cell again? Good luck reverse engineering the hieroglyphics your teammate wrote when creating the layout by hand. Never mind a whole bunch of useless shit is done in code that could easily be defined via runtime attributes through the storyboard. But why learn a new approach? Cause job security. Or because for some reason Interface Builder tools are seen as "too hard" or "not scalable" to use.. fuck me.2
I was introduced to disassembly/reverse engineering today. It's amazing how many production applications use isLicenseValid() or other helpful function signatures to assist in my practical learning :p I'm looking at you sublime text
I want to begin in reverse-engineering.
Creating or beginning to create an emulator stimulates me. Can someone give me some tutorials, keywords, links to where I should search if anyone knows this kind of stuff ?2
How I hate all those people who think VisualStudio Code is Open Source. It's not! Read the f*cking license!
In fact, you aren't even allowed to inspect its network traffic. Not to mention reverse engineering. That's nowhere near OpenSource.
You sure can download the source code, licensed as MIT, but building it won't give you the same piece of software.
Don't believe in everything someone tells you. Use your brain and check the facts.15
I think I’m changing my career goal from web developer to a reverse engineering job. I’m having so much fun with it this morning 😁😁😁
6 hours of work before I actually wrote a line of code today. Reverse engineering stuff is interesting but not always fun
Balancing final year CS with a startup that's that will be difficult and might end in a big payout, yay or nay?4
Bitcoin malwares are everywhere.
The hard part is doing reverse engineering and wondering why its feeding on only top of the stack in assembly
Edit: Using IDA Pro
!Rant Now for some nice, relaxing (infuriating) reverse engineering.
At least they were kind enough to use .Net1
Why the hell Medium ended support for embedding profile feeds into external websites? I'm here trying to find a workaround, reverse-engineering Medium's JSON responses (obv no docs for a deprecated feature) and feeling so fucking stupid.
Looking for some guidance on a final year college research project:
I was going to look into hacking drones/toy helicopters/those Fitbit watch things or whatnot, but I'm not sure if it would go down well! Some technologies I'm looking to explore through this project include reverse engineering, machine learning and container technologies (docker, rkt) if that helps?
Am I along the right lines or should I take a different approach with different topics? If so, an update on what's "hot" or upcoming at the moment would be helpful.
Today after the week and a lesson time in an high-school I got back home and decided to play some sacred 2
I had already installed some mods on it given that I have already finished it years ago and I wanted some challenge.
It ends up that the mods add too much difficulty, so I open up the configuration files of the mod (some sort of Lua tables) and then spend like an hour and half doing some reverse engineering on it to find a middle way between the vanilla and the Uber difficult mod
Anyone knows if u can make good money by reverse Engineering apks and looking for security holes? Anyone experienced in doing that and how much could u charge1
Russians Engineer a Brilliant Slot Machine Cheat
...But as the “pseudo” in the name suggests, the numbers aren’t truly random. Because human beings create them using coded instructions, PRNGs can’t help but be a bit deterministic. (A true random number generator must be rooted in a phenomenon that is not manmade, such as radioactive decay.) PRNGs take an initial number, known as a seed, and then mash it together with various hidden and shifting inputs—the time from a machine’s internal clock, for example—in order to produce a result that appears impossible to forecast. But if hackers can identify the various ingredients in that mathematical stew, they can potentially predict a PRNG’s output. That process of reverse engineering becomes much easier, of course, when a hacker has physical access to a slot machine’s innards...
Aren't we all, just pieces of pseudo softwares, reverse engineering our way to find our source code....🤔1
Reverse engineering with IDA, be like:
Ow that makes sense, lets jmp there, nope thats not... aaah this must be the subroutine I was lookig for, nope thats not it, repeat.