reverse-engineering

问题 So the goal is for me to write out the C code that corresponds to this assembly : 0: 85 f6 test %esi,%esi 2: 78 13 js 17 <part3+0x17> 4: 83 fe 07 cmp $0x7,%esi 7: 77 14 ja 1d <part3+0x1d> 9: 8d 0c f5 00 00 00 00 lea 0x0(,%rsi,8),%ecx 10: 48 d3 ff sar %cl,%rdi 13: 48 89 f8 mov %rdi,%rax 16: c3 retq 17: b8 00 00 00 00 mov $0x0,%eax 1c: c3 retq 1d: b8 00 00 00 00 mov $0x0,%eax 22: c3 retq I am a little confused because the first loop testing the %esi register ends before the second loop ends. Is

问题 At the moment I'm writing a module for the Xposed framework but now I have a problem. I want to inflate a layout from my own package. I thought I can do this by using this code: Context context = (Context) XposedHelpers.getObjectField(object, "mContext"); LayoutInflater inflater = LayoutInflater.from(context); View buttons = inflater.inflate(R.layout.volumebuttons, null, false); But this does not work. When it comes to the third line an exception is thrown (sorry for this unclear formulation.

问题 So I understand that there are many assemblers such as MASM, FASM, NASM, etc. But which version is the disassembler in OllyDbg and Cheat Engine? 回答1: Unless you already know, OllyDBG only supports (afaik) the x86 instruction set. So, what you're seeing will always be 8/16/32-bit instructions. MASM, FASM and NASM are all based on the Intel syntax (as opposed to AT&T version which is primarily used on Unix by GAS), but are in themselves different (feature-wise). OllyDBG disassembles to MASM

问题 I have a virtual machine, which on VM_Create passes the address of a function (systemCalls) to the virtual machine. So I hook VM_Create and steal the syscalls address, put it into a backup function pointer, and the address of my modified systemCalls function pass to the original VM_Create, from which I can alter arguments, add or remove calls, and then call the backed-up syscalls function. That worked well, until a new release of the game. I believe to have found the problem: This is the

问题 In this code, A and B are constants defined with #define . What are the values of A and B? typedef struct { int x[A][B]; long y; } str1; typedef struct { char array[B]; int t; short S[A]; long u; } str2; void setVal(str1 *p, str2 *q) { long v1 = q->t; long v2 = q->u; p->y = v1+v2; } The following assembly code is generated for the setVal procedure: setVal: movslq 8(%rsi), %rax addq 32(%rsi), %rax movq %rax, 184(%rdi) ret 回答1: The structure has the following alignment requirements: a char may

问题 I have some software which uses the documented API for RSA's Authentication Agent. This is a product which runs as a service on the client machines in a domain, and authenticates users locally by communicating with an "RSA Authentication Manager" installed centrally. The Authentication Agent's API is publicly documented here: Authentication Agent API 8.1.1 for C Developers Guide. However, the docs seem to be incorrect, and I do not have access to the RSA header files - they are not public;

问题 I'm trying to understand an Android app which contains a native method named foo in class com.app.Bar Inside class Bar there is a static clause that loads a shared object System.loadLibrary("libfoo.so") which I assume is build with -fvisibility=hidden because the only export is JNI_OnLoad , no JNIEXPORT void JNICALL Java_com_app_Bar_foo which means public native int foo does not follow the naming convention. What is the process when foo is invoked ? How can I extract the address of foo ? I'm

问题 My first question here, hopefully I'm not doing it wrong. My problem is that I have a certain old DOS program which has quite much hacked the file format to the extreme to save space. (Yes, it's a demoscene prod for those who know.) Objdump doesn't want to help me with it; quick Googling yielded no real results for the problem and the manpage doesn't seem too generous in this regard either. There are others yes, like lida. However, for some reason I couldn't get lida to work; I believe there

问题 This question is for Intel x86 assembly experts to answer. Thanks for your effort in advance! Problem Specification I am analysing a binary file, which match Mach-O 64-bit x86 assembly . I am currently using MacOS 64 OS. The assembly comes from objdump . The problem is that when I am learning assembly, I can see variable name "$xxx", I can see string value in ascii and I can also see the callee name like "call _printf" But in this assembly, I can get nothing above: no main function:

问题 I'm quite new to Hibernate since I've always used plain JDBC. I'm trying to configure the entities by using NetBeans' reverse engineering process against a SQL Server database. I've followed the NetBeans' webpage tutorial and I'm able to get a new package into my project with all entities created, but when I run this simple query from Country in the HQL editor I get this error: org.hibernate.type.SerializationException: could not deserialize at org.hibernate.util.SerializationHelper