Questions tagged [arm]
A family of instruction set architectures based on a RISC architecture developed by British company ARM Holdings. Heavily used in embedded devices such as mobile phones, tablets, set-top boxes, ...
347 questions
0
votes
1
answer
38
views
Off-By-One handler addresses for ARM Coretex ISR tables
I'm attempting to reverse engineer the firmware from a GD32F303 microprocessor (this is a STM32 clone). In attempting to follow the on-reset control flow, I'm hitting a few things that confuse me:
...
- 241
1
vote
1
answer
68
views
wzr register usage in main method on ARM
I have this C code :
int foo(){
int a = 1;
int b = 1;
return a + b;
}
int main() {
return 2;
}
After disassembling it shows:
foo():
sub sp, sp, #16
mov w8, #1
...
- 125
0
votes
0
answers
39
views
Interface with PCB for Hardware/Software Hacking
I have the main pcb from a Philips Dreamstation, but don't have the power delivery board. I know it was connected to a 10 pin connector on the board, and when I tried to use the onboard micro-usb port,...
0
votes
0
answers
31
views
How to create ram and rom section IDA?
I have a binary linker descriptor for preloader.bin
ENTRY(_start)
romBase = 0x00201000;
bss1Base = 0x00102000;
bss2Base = 0x00267000;
stackBase = 0x00200000;
/* log_sram_buf + bss1 should be less ...
- 101
0
votes
0
answers
34
views
Changing running kernel thread code from another LKM (ARM linux 4.19.130)
I am security testing an embedded ARM linux 4.19.130 IoT device - without kernel source code or ability to change the kernel due to signing.
I have managed to get a root shell.
However, by the time ...
0
votes
1
answer
73
views
ARM64 RE Questions
I have a chunk of ARM code which I am trying to make sense of. I'm new to ARM, so would appreciate some help figuring this piece out. I have added some comments to show my progress so far.
My ...
- 3
2
votes
1
answer
100
views
Reverse engineering AES128 Key Derrivation from MAC Address
Using Ghidra I have acquired the following Psuedo-code decompilation output from an ELF 32-bit LSB executable, ARM aarch64, version 1 (SYSV), statically linked, not stripped.
From this decompilation I ...
- 21
0
votes
1
answer
147
views
Cracking cryptographic function with radare2
I want to reverse engineer an android game, found a method
public static byte[] MNNOPKMJMFP(byte[] AFFEPNLBIIC, byte[] OENOGNMAMPO, byte[] GLLEHJKGIBK) { }
Names are obfuscated, i know that this is a ...
1
vote
1
answer
75
views
Objective-C stub functions on AARCH64
I'm analyzing some functions I see in Machos binaries and I see that whenever there's bl instruction to an objective-c stub function that resides in the __objc_stubs section and in that function there'...
- 185
1
vote
1
answer
348
views
How to pass an SVD file as an argument to IDA Pro in the command line (batch mode)?
I am trying to disassemble a few Arm Cortex-M3 .elf binaries and run a custom IDAPython script (script.py) from the command line (in batch mode). I have been able to do that with the following command:...
- 11
1
vote
1
answer
119
views
Why I can't decompile this ARM function?
I have an ARM (thumb) function from Nokia's firmware:
ROM:10A5409C srv_opps_normal_push_ind_handler ; CODE XREF: srv_opp_event_hdlr+1C6↑p
ROM:10A5409C
ROM:10A5409C var_18 = -0x18
ROM:...
- 259
2
votes
2
answers
138
views
Determine Endianess of some ARM binary image?
I have been advised to analyze an ARM binary image from an Cortex M3 (STM32) for training. It has been directly extracted from flash beforehand and passed to me. However it's unknown whether this ...
- 121
1
vote
0
answers
131
views
How to debug armel and armhf binaries on x86-64 Ubuntu simultaneously?
I'm working on the challenges on ROP Emporium. For the ARMv5 version of the callme challenge, we are given two binaries and two shared libraries: callme_armv5 with libcallme_armv5.so and callme_armv5-...
- 161
1
vote
0
answers
54
views
JEB pro is not showing xrefs for native code (arm)
i have this problem when analyzing arm shared object.
when working with IDA pro, it finds all xrefs but in jeb, most of xrefs are missing.
when JEB finfishes, the final analysis lacks most of xrefs. I ...
- 51
3
votes
0
answers
140
views
IDA Pro debugging an ARM binary on windows with QEMU
I have an arm executable which I was debugging with gdb-multi and qemu-arm on linux, how can I do the same with IDA pro on windows with QEMU, without needing a remote host for "remote debugging&...
- 131