Questions tagged [operating-systems]
Software managing the hardware part of the computer and providing an API for user-space software to access various services provided by hardware devices.
28 questions
5 votes
1 answer
403 views
How to reverse engineer a setjmp/longjmp sequence?
I'm trying to reverse engineer the GNU libc x86 (32 bit) setjmp / longjmp (re a vuln which may allow arbitrary overwrite of the jmp_buf env. There's a great writeup of the musl setjmp but I can find ...
- 287
0 votes
2 answers
1k views
Why are certain functions from kernel32.dll always imported?
I've been noticing this for a while. Functions like IsDebuggerPresent and GetModuleHandle are always present in a binary's import directory structure. I assume is the Window's dynamic linker, but ...
- 99
1 vote
1 answer
684 views
Does the operating system you use matter?
people recommend windows for reverse engineering, I don't want to install windows as a virtual machine because they are laggy and I already have windows 10 as host, is it possible to use linux vm that ...
- 13
0 votes
1 answer
166 views
Where are the intel manual x86-16?
I was studying the code for x86-16 operating systems(como DOS),with a desassembler, but I can't find the intel manual on the intel website: Searching on google, only unofficial sources. Perhaps the ...
0 votes
1 answer
149 views
Can relative offsets in instructions like call and jmp change after recompiling the same code, or running it in another computer?
So let's say we want to use some instructions as signature for a malware, and it includes some call instructions or jmp instructions. Now, as far as I have seen, they always contain relative offsets ...
- 528
1 vote
1 answer
2k views
How to make sense of RTOS in firmware?
I am reverse engineering a firmware which has a Linux and an RTOS component. I used binwalk to easily locate the Linux filesystems, extract them, mount them, and now I have binaries which I can open ...
- 1,890
0 votes
2 answers
709 views
Is relocation table only used for absolute addresses?
I was reading about mapped and unmapped PE format, and how the alignment between sections changes after loading it into memory and that caused two question for me: is the relocation table used before ...
- 232
1 vote
1 answer
977 views
Windows 10 will not run hex edited application
I'm in a reverse engineering class. Our current assignment is to edit a notepad.exe application. Just to start out, I opened my notepad.exe in FlexHex, went to the end of the.rsrc section, changed a ...
- 135
4 votes
1 answer
2k views
How to dump firmware from car head-unit (VW Radio)
I have a VW Radio which has the possibility to upgrade software via USB. Unfortunately I am not able to find any updates, nor any information regarding the current Software version on the whole ...
- 41
2 votes
1 answer
703 views
Is there any ready-to-go malware analysis/reverse engineering OS? (That is capable of installing on hard disk, preferably)
I just wanted to know if there's any ready-to-go OS for malware analysis/reverse engineering? I prefer OS that is capable of installing on real hardware, not a VM.
- 23
2 votes
0 answers
783 views
Obscure router refuses to flash OpenWrt
This is a very obscure Chinese router from a brand called Wavlink. It's the Model: WN529R2/WN529R2P. It's web interface was pretty limited and wouldn't allow firmware modifications. I found GND/Tx/Rx/...
- 154
11 votes
3 answers
9k views
Struggling between syscall or sysenter ( Windows )
As I understand, from windows XP, there is a sysenter instruction introduced, instead of int 2e interrupt. But on win 10 there is syscall instruction used in ntdll. So is the sysenter used only for ...
1 vote
3 answers
348 views
System programming and reverse engineering
Do I need to learn system programming (e.g. WinAPI and Linux API) to be really good in reverse engineering? Or should I treat it as a reference so that whenever I encounter a system call, I go learn ...
1 vote
1 answer
161 views
Get bindiff of operating system or modified files post upgrade [duplicate]
I am wanting to examine changes made to Windows after an update is made. I would like to see the actually files that were patched and see what in the code might have been changed and see what the ...
- 793
1 vote
3 answers
178 views
Taking up reverse engineering as a research topic, need advice [closed]
I'm currently a computer sciences undergrad who'd like to do some basic research work in reverse engineering as my premier project (for completion of my bachelor's degree). So far, I've studied ...
- 111