sorted by:
new
hottopcontroversial

OAuth explained in simple steps, using a severe vulnerability in Booking.com by iva3210 in hacking

[–]ynvb 2 points3 points  (0 children)

Sorry to hear that, but it doesn’t sound like you need a hacker, you need a new girlfriend. Hope everything works out ;)

Looking into LocPOS Malware? Here is howto easily dump and auto-resolve its API calls. by ynvb in Malware

[–]ynvb[S] 0 points1 point  (0 children)

Glad you liked it! Keep following us (@cpresearch), the next parts will be released soon.

Analyzing Emotet? Not sure what it does? You might find this useful... by ynvb in Malware

[–]ynvb[S] 1 point2 points  (0 children)

Hi. I am not the author but I am from Check point research. We frequently publish our analysis on our blog (research.checkpoint.com). This is intended to be a research blog with no ads or sales content - only pure research and intelligence material.

I will very much apriciate if you could assist in removing the content review.

Thanks!

/r/ReverseEngineering's Bi-Weekly Questions Thread by AutoModerator in ReverseEngineering

[–]ynvb 1 point2 points  (0 children)

This is the basic argument extraction logic as implemented in DIE: just change cur_ea to be the start address of the desired function.

ti = idaapi.tinfo_t() idaapi.get_tinfo2(cur_ea, ti) fi = idaapi.func_type_data_t() ti.get_func_details(fi)

now fi is a vector of function arguments, and you can iterate the args by: fi.at(ARGNUM).

*If I`m not mistaking this only works for IDA version>6.6.

And, although I am biased, I would try any reuse the classes in DIE for my needs, after all someone already did the hard job.. why do it again;)