Analyzing some logic dumps, a little stuck

ketin0 · 2012-05-25T15:43:14.518641+00:00

What is stumping me is the fact that the values change so little but multiple lines change their data so much and it's not in line with regular binary expression of the values.

Because it's most likely you're not seeing the temperature values here but commands to toggle the LCD segments on or off. Usually each pin controls a segment, but apparently there's not enough pins here. So possibly a couple of pins multiplex to select which set of segments is currently active.

grauenwolf · 2 days

For example, anyone want to have a discussion about Tabs v. Spaces again?

Bring it on.

wordsmithie · 3 days

Wow, you're right. That sucks :/

wordsmithie · 3 days

It does.

jbremer · 9 days

Really, user-mode single-point syscall hooking on Win32? Do tell.

I will answer myself. I forgot that on recent Windows all ntdll wrappers do go through the SystemCallStub pointer and I'm guessing it's writable (but I can't check right now). So it seems a similar approach is possible.

jbremer · 9 days

on x86_64

You keep using that word. I don't think it means what you think it means.

the same can be applied on x86

Really, user-mode single-point syscall hooking on Win32? Do tell.

jbremer · 9 days

Nice title bait, except your "Universal System Call Hooking" only works for WOW64. Disappointed.

questionallthings · 9 days

So basically I was hoping for something that would do the runtime for me so I can grab some quick indicators.

That's why I linked to bytecode debuggers.

maligare · 9 days

Really weird. I'm not in US btw. Have you tried another browser?

maligare · 9 days

The link works for me. Try Google cache maybe?

questionallthings · 9 days

Haven't used any of them, but I found some links:

simpleuser · 13 days

Here you go:

http://www.iecc.com/linker/linkerfig03-10.html

fivepastsix · 16 days

If so, get a job. Get any job.

This.

mrtnkl · 17 days

So I have to install Chrome just to try it? I'll pass, thanks.

the_droid · 17 days

Instead of -D, at least he should have used -d to disassemble code section only. And it's still possible to debug a file without symbols in GDB, you just need to put breakpoints on addresses. Though I hear GDB still has issues with files without section headers (not the case here).

naghizadeh · 19 days

I'm under the impression that C# is essentially Java except made by Microsoft.

C# was authored by Anders Hejlsberg, the creator of Turbo Pascal and later Objective Pascal/Delphi. He also worked on Visual J++. Thus C# is a blend of the ideas from C, Java and Delphi. For example, the properties were lifted almost directly from Delphi, as well as the try...finally statement.

phreakocious · 21 days

Thanks!

phreakocious · 21 days

Yes, I found it later. However, the PDFs are not available (temporarily?). Do you have them somewhere?

phreakocious · 21 days

Looks interesting, but I hope you'll fix the screenshot (that tiny gray font on black background is about impossible to read).

P.S. old link seems dead, is there a mirror?

sztomi · 22 days

stdint.h is available since VC10.

willvarfar · 22 days

Adding comments or renaming variables does nothing to obfuscate the resulting binary code.

aroga · 1 month

Looks handwritten to me. There was no TeX in 1968 :)

linucs · 1 month

Start by subscribing to /r/ReverseEngineering

igor_sk

TROPHY CASE

igor_sk

TROPHY CASE

you'll need to login or register to do that

create a new account

login