Disassembling A Flat Binary File Using objdump
I found the solution to my own question on a different forum. It looks something like this: objdump -b binary –adjust-vma=0xabcd1000 -D file.bin I’ve tested this and it works.
reverse-engineering
Generate ER Diagram from existing MySQL database, created for CakePHP [closed]
Use MySQL Workbench. create SQL dump file of your database Follow below steps: Click File->Import->Reverse Engineer MySQL Create Script Click Browse and select your SQL create script. Make Sure “Place Imported Objects on a diagram” is checked. Click Execute Button. You are done.
How to unzip, edit and zip an android apk
unzip apk files The simplest method is executing unzip command: unzip xxx.apk -d xxx A directory xxx will be generated to store unzipped files. Actually, .apk files are same as .zip files. Execute command file XXX.apk to see that. get readable text files from apk If you want readable text files such as the manifest … Read more
Is it really impossible to protect Android apps from reverse engineering?
The first stop for me would be to optimise and obfuscate the code with ProGuard which is known to work with byte code targeted at Android’s Dalvik VM (via Dex). It’s a really great tool and can increase the difficulty of ‘reversing’ your code while shrinking your code’s footprint (in some cases dramatically: a recent … Read more
Sniffing/logging your own Android Bluetooth traffic
Android 4.4 (Kit Kat) does have a new sniffing capability for Bluetooth. You should give it a try. If you don’t own a sniffing device however, you aren’t necessarily out of luck. In many cases we can obtain positive results with a new feature introduced in Android 4.4: the ability to capture all Bluetooth HCI … Read more
Stopping at the first machine code instruction in GDB
Starting with GDB 8.1, there’s a special command for this: starti. Example GDB session: $ gdb /bin/true Reading symbols from /bin/true…(no debugging symbols found)…done. (gdb) starti Starting program: /bin/true Program stopped. 0xf7fdd800 in _start () from /lib/ld-linux.so.2 (gdb) x/5i $pc => 0xf7fdd800 <_start>: mov eax,esp 0xf7fdd802 <_start+2>: call 0xf7fe2160 <_dl_start> 0xf7fdd807 <_dl_start_user>: mov edi,eax 0xf7fdd809 … Read more
Tools to help reverse engineer binary file formats
Here are some tips that come to mind: From my experience, interactive scripting languages (I use Python) can be a great help. You can write a simple framework to deal with binary streams and some simple algorithms. Then you can write scripts that will take your binary and check various things. For example: Do some … Read more
What’s a good C decompiler? [closed]
Seconding Hex-rays, but if you can’t justify that cost, Boomerang might work.
How to decompile DEX into Java source code?
It’s easy Get these tools: dex2jar to translate dex files to jar files jd-gui to view the java files in the jar The source code is quite readable as dex2jar makes some optimizations. Procedure: And here’s the procedure on how to decompile: Step 1: Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk … Read more
How can I protect MySQL username and password from decompiling?
Never hard-code passwords into your code. This was brought up recently in the Top 25 Most Dangerous Programming Mistakes: Hard-coding a secret account and password into your software is extremely convenient — for skilled reverse engineers. If the password is the same across all your software, then every customer becomes vulnerable when that password inevitably … Read more