TheKinrar @TheKinrar

6 posts5 participants1 post today

kasdeyahey if any Fedi beings know about Windows <a class="hashtag" href="https://cryptid.cafe/tag/reverseengineering" rel="nofollow noopener noreferrer" target="_blank">#ReverseEngineering</a> I’d love some advice or help!I’m trying to figure out how the anti-save-scumming system for a game called Teleglitch works. here’s what I’ve figured out so far:<ul><li>when you make a save, the game also secretly hides information about the save somewhere (the information seems to only consist of “the next save that the user loads should be for level XYZ” or “there should be no savefile. if there’s a savefile, it’s invalid”. all other edits to the savefile are accepted by the game as correct - including edits that instantly freeze the game)</li><li>when you try to load the save, the game compares the secret information with the information in the savefile. if the information doesn’t match, the savefile is considered invalid and the game refuses to load it</li><li>the savefile is stored in a Steam Cloud directory called <code>C:\Program Files (x86)\Steam\userdata\«some numbers»\«more numbers»\remote</code></li><li>the secret information is definitely not stored in this directory (I made the whole thing into a git repo and used that to “rewind time” to make 100% sure)</li><li>the secret information is also not stored in the game’s directory (<code>C:\Program Files (x86)\Steam\steamapps\common\TeleglitchDME</code>) (same thing - I made it into a git repo)</li><li>I’ve checked every registry operation and every file I/O operation using Process Monitor but I’m 90% sure that Process Monitor is missing certain important things that Teleglitch is doing - maybe because it’s delegating tasks to {another process / a subprocess}? but Process Monitor can’t even see Teleglitch write to the Steam Cloud save directory mentioned above</li><li>I tried looking through the executable in Ghidra and the savefile code is definitely in there somewhere, and I’ve been able to kinda make sense of some of it, but I’m not very good with disassembly / decompilation. I’d love some help with this if anyone is interested. it looks like it was probably written in C++ and I’ve found some very good places in the executable to start looking for savefile behavior but I’m baffled by a lot of what I’m seeing - I think a lot of it was automatically added by the C++ compiler</li></ul>anyway I would love some advice on what to try next. I’ve tried to summarize just the most important parts of what I know about Teleglitch’s behavior, but I can explain more if anyone is interested!

pancake :radare2:I added support for bpf decompilation to r2dec and pdc which fits perfectly for decai. In case you do some <a href="https://infosec.exchange/tags/Solana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Solana</a> reversing give it a try building r2 and r2dec from git. <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a>

:radare2: radare :verified:r2ghidra 6.0.2 is out! <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a>

IT NewsHosting a Website on a Disposable Vape - For the past years people have been collecting disposable vapes primarily for thei... - <a href="https://hackaday.com/2025/09/15/hosting-a-website-on-a-disposable-vape/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/09/15/hosting-a-website-on-a-disposable-vape/</a> <a href="https://schleuss.online/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://schleuss.online/tags/microcontrollers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcontrollers</a> <a href="https://schleuss.online/tags/disposablevape" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#disposablevape</a> <a href="https://schleuss.online/tags/upcycling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#upcycling</a> <a href="https://schleuss.online/tags/webserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#webserver</a> <a href="https://schleuss.online/tags/ewaste" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ewaste</a>

IT NewsReverse-Engineering Aleratec CD Changers for Archival Use - Handling large volumes of physical media can be a bit of a chore, whether it’s abo... - <a href="https://hackaday.com/2025/09/14/reverse-engineering-aleratec-cd-changers-for-archival-use/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/09/14/reverse-engineering-aleratec-cd-changers-for-archival-use/</a> <a href="https://schleuss.online/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://schleuss.online/tags/opticalmedia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opticalmedia</a> <a href="https://schleuss.online/tags/techhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#techhacks</a> <a href="https://schleuss.online/tags/cdchanger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cdchanger</a> <a href="https://schleuss.online/tags/archival" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#archival</a>

IT NewsReverse-Engineering the Milwaukee M18 Diagnostics Protocol - As is regrettably typical in the cordless tool world, Milwaukee’s M18 batteries ar... - <a href="https://hackaday.com/2025/09/14/reverse-engineering-the-milwaukee-m18-diagnostics-protocol/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/09/14/reverse-engineering-the-milwaukee-m18-diagnostics-protocol/</a> <a href="https://schleuss.online/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://schleuss.online/tags/batteryhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#batteryhacks</a> <a href="https://schleuss.online/tags/cordlesstool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cordlesstool</a> <a href="https://schleuss.online/tags/milwaukeem18" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#milwaukeem18</a> <a href="https://schleuss.online/tags/batterypack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#batterypack</a> <a href="https://schleuss.online/tags/toolhacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#toolhacks</a>

IT NewsRunning Code On a PAX Credit Card Payment Machine - The PAX D177 PoS terminal helpfully tells you which tamper points got triggered. (... - <a href="https://hackaday.com/2025/09/12/running-code-on-a-pax-credit-card-payment-machine/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/09/12/running-code-on-a-pax-credit-card-payment-machine/</a> <a href="https://schleuss.online/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://schleuss.online/tags/paymentterminal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#paymentterminal</a> <a href="https://schleuss.online/tags/pointofsale" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pointofsale</a>

demorayAre you interested in searching for unknown malicious software? Our team in Microsoft Research continues to grow. This position can be fully remote.<a href="https://jobs.careers.microsoft.com/global/en/share/1874222/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://jobs.careers.microsoft.com/global/en/share/1874222/</a><a href="https://infosec.exchange/tags/hiring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hiring</a> <a href="https://infosec.exchange/tags/rustlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rustlang</a> <a href="https://infosec.exchange/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#python</a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://infosec.exchange/tags/azure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#azure</a>

Tarnkappe.info📬 Spotify zielt mit DMCA-Takedown auf neuen ReVanced-Patch <a href="https://social.tchncs.de/tags/Entertainment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Entertainment</a> <a href="https://social.tchncs.de/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReverseEngineering</a> <a href="https://social.tchncs.de/tags/APK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#APK</a> <a href="https://social.tchncs.de/tags/Copyright" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Copyright</a> <a href="https://social.tchncs.de/tags/DMCA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DMCA</a> <a href="https://social.tchncs.de/tags/Freemium" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Freemium</a> <a href="https://social.tchncs.de/tags/ReVanced" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReVanced</a> <a href="https://social.tchncs.de/tags/Spotify" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spotify</a> <a href="https://social.tchncs.de/tags/SpotifyPremium" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SpotifyPremium</a> <a href="https://social.tchncs.de/tags/Vanced" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vanced</a> <a href="https://sc.tarnkappe.info/0993ec" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://sc.tarnkappe.info/0993ec</a>

:radare2: radare :verified:The CTF-centric MCP for radare2 has been renamed to r2copilot to avoid conflicting with the official r2mcp. <a href="https://github.com/darallium/r2-copilot" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/darallium/r2-copilot</a> <a href="https://infosec.exchange/tags/llm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#llm</a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://infosec.exchange/tags/radare2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#radare2</a>

Laurent CheylusIntroducing GoStringExtractor: a Tool for IDA Pro and Ghidra to help collect strings from a Go binary - Blog post by <a href="https://infosec.exchange/@volexity" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@volexity</a> <a href="https://bsd.network/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infosec</a> <a href="https://bsd.network/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReverseEngineering</a> <a href="https://www.volexity.com/blog/2025/08/11/go-get-em-updates-to-volexity-golang-tooling/" rel="nofollow noopener noreferrer" target="_blank">https://www.volexity.com/blog/2025/08/11/go-get-em-updates-to-volexity-golang-tooling/</a>

IT NewsUsing an MCU’s Own Debug Peripheral to Defeat Bootrom Protection - The patient hooked up for some reverse-engineering. (Credit: Caralynx, Twitter) Re... - <a href="https://hackaday.com/2025/09/10/using-an-mcus-own-debug-peripheral-to-defeat-bootrom-protection/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackaday.com/2025/09/10/using-an-mcus-own-debug-peripheral-to-defeat-bootrom-protection/</a> <a href="https://schleuss.online/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://schleuss.online/tags/armmicrocontroller" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#armmicrocontroller</a> <a href="https://schleuss.online/tags/microcontrollers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcontrollers</a> <a href="https://schleuss.online/tags/microcontroller" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microcontroller</a>

pancake :radare2:💥We had 18 years to solve the IOLI crackmes!Today Pau Oliva (pof) released their source code! Those simple crackmes to learn the basics of reverse engineering can now be recompiled for new targets and update all the tutorials from the r2book \o/ <a href="https://infosec.exchange/tags/radare2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#radare2</a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://infosec.exchange/tags/crackmes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#crackmes</a> <a href="https://github.com/poliva/IOLI-crackmes" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/poliva/IOLI-crackmes</a>

jiska 🦄:fairydust:Want to learn reverse engineering? There'll be a free, women*-only, 4-day BlackHoodie workshop from October 6th to 9th in Paris!Topics: • Linux memory forensics 🕵️‍♀️ (by Sonia) • Web app and mobile app pentesting 🕸️📱 (by Paula) • iOS reversing 🍎 (by me)Places usually go quickly! Use this link to register - you can even select only the days with the topics that interest you and skip others. <a href="https://blackhoodie.re/Hexacon2025/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blackhoodie.re/Hexacon2025/</a><a href="https://chaos.social/tags/ios" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ios</a> <a href="https://chaos.social/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://chaos.social/tags/blackhoodie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blackhoodie</a>

BLE Voice🧠 Demystifying the JieLi Bluetooth Chip "Key" File! Many engineers find this concept confusing. Our latest blog provides a clear analysis:Understanding the Key is key to secure development! <a href="https://mastodon.social/tags/JieLi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#JieLi</a> <a href="https://mastodon.social/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Bluetooth</a> <a href="https://mastodon.social/tags/ChipSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ChipSecurity</a> <a href="https://mastodon.social/tags/EmbeddedSystems" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EmbeddedSystems</a> <a href="https://mastodon.social/tags/IoT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IoT</a> <a href="https://mastodon.social/tags/HardwareDesign" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HardwareDesign</a> <a href="https://mastodon.social/tags/Engineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Engineering</a> <a href="https://mastodon.social/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReverseEngineering</a><a href="https://www.linkedin.com/pulse/analysis-jieli-bluetooth-chips-key-principle-addition-junluan-tsui-jtihc" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.linkedin.com/pulse/analysis-jieli-bluetooth-chips-key-principle-addition-junluan-tsui-jtihc</a>

Paul LalondeTrying to find where a deceased synth software enthusiast checked for hashed-against-your-serial-number keys before allowing use of the revised software. So of course I now have an interactive m68k disassembler/labeler/exploration tool. If only I could figure out the load address. It isn't zero. Maintenance manual hardware diagrams at least give me ROM and device address ranges. Now I need automatic basic block extraction. <a href="https://wandering.shop/tags/synthrepair" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#synthrepair</a> <a href="https://wandering.shop/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a>

**ftg** @ftg@mastodon.radio · Sep 10

Sep 10

ftg @ftg@mastodon.radio

New toy.

#radio #reverseengineering

**Jimmy Wylie** @mayahustle@infosec.exchange · Sep 9

Sep 9

Jimmy Wylie @mayahustle@infosec.exchange

Oh hey, @HexRaysSA released IDA 9.2. I'm excited to try out the new Golang features. The decompiler now supports multiple return values, so you can annotate golang function calls correctly. Jump Anywhere is a nice usability improvement supplanting the need to remember 4(5?) keyboard shortcuts.

https://hex-rays.com/blog/ida-9.2-release

hex-rays.comIDA 9.2 Release: Golang Improvements, New UI Widgets, Types Parsing and MoreIDA 9.2: Smarter Go decompilation, new UI widgets, Xref Graph/Tree, LLVM-based type parser, debugger upgrades, and expanded processor support.

#idapro #reverseengineering

**DjangoCon US** @djangocon@fosstodon.org · Sep 9

Sep 9

DjangoCon US @djangocon@fosstodon.org

QR Code Track:
Track 1 starting now!

"Reverse engineering the QR code generator and URL forwarder service"
Time to decode the mystery! Learn how to dissect and understand QR code services from the inside out

#DjangoConUS #QRCode #ReverseEngineering

**Habr 25+** @habr25@zhub.link · Sep 9

Sep 9

Habr 25+ @habr25@zhub.link

MAX без оболочки: Что мы нашли в его APK

Недавно появившейся в мессенджер «Макс», наделал много шума. Он является достаточно спорным приложением и мне пришла в голову мысль изучить приложение и посмотреть, а настолько ли опасно оно, как о нем говорят. Как можно познакомиться с приложением ближе, чем через его код? Тем более, что для исследования android-приложений нам не понадобятся сложные инструменты на подобии IDA или Ghidra, как это бывает с анализом исполняемых файлов. Для анализа я использовал стандартный, для подобной задачи, набор инструментов: JADX, APKtool, VSCode ну и конечно же Android Studio, куда без него в анализе APK файлов. Но, прежде чем лезть под капот «Макса» я установил его на эмулятор устройства и посмотрел его функционал и требуемые им разрешения. После того, как я ввел номер телефона и подтвердил его, «Макс» попросил доступ к моим контактам (Рисунок 1). Достаточно стандартное поведение для мессенджера, позволяет находить контакты из списка, зарегистрированных в «Максе»

https://habr.com/ru/articles/945306/

ХабрMAX без оболочки: Что мы нашли в его APKНедавно появившейся в мессенджер «Макс», наделал много шума. Он является достаточно спорным приложением и мне пришла в голову мысль изучить приложение и посмотреть, а настолько ли опасно оно, как о...

#max #android #reverseengineering

Recent searches

Search options

Administered by:

Server stats:

#reverseengineering