@FritzAdalis @eickmeyer @cdp1337 @vkc That's more or less what I had planned. Reverse engineering tools were what I hoped to use for investigating how things changed from the original source code, if they changed.
Top-level
@FritzAdalis @eickmeyer @cdp1337 @vkc That's more or less what I had planned. Reverse engineering tools were what I hoped to use for investigating how things changed from the original source code, if they changed. 3 comments
@arraybolt3 @FritzAdalis @eickmeyer @cdp1337 @vkc I don't have time to do this myself, but I'd run all of the binary blobs I might want to compare through ssdeep. That way I would get a quick first feel for which are similar/alike, and which are different, and to what extend. https://ssdeep-project.github.io/ssdeep/index.html Doing something like `vimdiff <(xxd binary1) <(xxd binary2) also helps me for quick checks. https://cutter.re/ is a free gui for reversing. @arraybolt3 @FritzAdalis @eickmeyer @cdp1337 @vkc diffoscope is an excellent tool for analysing differences in binaries. It will dive down i into any format it knows (including ELF) to extract meaningful diffs. |
@arraybolt3 @FritzAdalis @eickmeyer @cdp1337 @vkc
Look for strings contained in the blob first—sometimes you can learn a lot that way.