tekwizz123's Blog
Sunday, April 3, 2022
Migration To GitHub Pages
›
This website has been long overdue for an upgrade and after some searching around I've finally found a new home for the blog that I thin...
Monday, December 10, 2018
Practical Reverse Engineering - Chapter 1 pg 35 - Exercise #5 - KeInitializeDPC and KeInitializeThreadedDpc
›
Question: Decompile the following kernel routines in Windows: KeInitializeDpc KeInitializeDpc So for starters lets see if there is any...
Thursday, December 6, 2018
Practical Reverse Engineering - Chapter 1 pg 35 - Exercise #4
›
Question: Implement the following functions in x86 assembly: strlen , strchr , memcpy , memset , strcmp , strset . strlen push ebp mov eb...
Wednesday, November 21, 2018
Practical Reverse Engineering - Chapter 1 pg 35 - Exercise #3
›
Question: In some of the assembly listings, the function name has a @ prefix followed by a number. Explain when and why this decoration exis...
Tuesday, November 20, 2018
Practical Reverse Engineering - Chapter 1 pg 35 - Exercise #2
›
Question: In the example walkthrough, we did a nearly one-to-one translation of the assembly code to C. As an exercise, re-decompile this wh...
Monday, November 12, 2018
Practical Reverse Engineering - Chapter 1 pg 25 - Author's Challenge Solution
›
Question: Take the example shown on page 24 and decompile it further to make it look more "natural" Solution: char * sub_1000...
Thursday, November 9, 2017
Practical Reverse Engineering - Chapter 1 pg 17 Exercise
›
Question 1 Question: Given what you learned about CALL and RET, explain how you would read the value of EIP? Why can't you just do M...
1 comment:
›
Home
View web version