Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
I haven't heard of this tool before, but I don't think it would work for obfuscated code. Check out the graph image on my wiki [1]. While this image doesn't show the exact scenario, imagine that the first instruction is a `JUMP_ABSOLUTE 100` and the rest of the instructions between offset [3,100) are just garbage or invalid.
A naive disassembler (like the `dis` module in python) interprets the bytecode linearly -- i.e. one instruction after another. Rizin's diassembler [2] seems to take the same approach. The way I do disassembly is to only disassemble code paths that are potentially executed by queueing non-conditional jumps, both targets of a conditional jump, and the next instruction when the current instruction is non-jumping instruction.
[1] https://github.com/landaire/unfuck/wiki/Obfuscation-Tricks
The Fuck[1] is a handy tool that I use daily in the office.
Is fsck something you'd avoid because of its name, or is the single letter change enough to make it safe?
Related posts
- Control Linux based distros using hand gestures using OpenCV, GTK, Mediapipe
- Thefuck: Correct errors in previous console commands
-
thefuck VS oh-crab - a user suggested alternative
2 projects | 5 Jan 2024
- Ask HN: How do you bootstrap your software projects?
- Show HN: Scaffolder, CLI tool to generate project structure, taken from YAML