Reverse engineering : Hooking(Message Hooking, API Hooking)


Reverse engineering : Hooking(Message Hooking, API Hooking)

• Reverse engineering
 - Opposition to "Forward Engineering"
 - Techniques to Backtrack about the deployed system
- part of the software maintenance process

• purpose
- to understand the structure and operation principle of the program(using the disassembler / debugger )
- to fix bugs or improve functionality
- freely manipulating executable files and process memory

• uses
- Debugging and patching (Hotfix)
- Modify an application without code
- hacking


#C #C++ #Linux #Embedded #Hooking Example #Hooking #Message Hooking #Reverse engineering
By - No comments:
Labels:

PCANBasic api : PCAN_RECEIVE_EVENT


PCAN_RECEIVE_EVENT를 설정하면 PCAN 데이터를 받을 때에만 동작한다.

CAN_SetValue (class-method : SetValue) 함수를 호출 -> Win32 동기화 함수 ( : WaitForSingleObject 하나를 사용하여 이벤트 신호를 받을 때까지 대기 ->  CAN_Read (클래스 메소드 : 읽기) 함수로 읽을 수 있으며 CAN 메시지를 처리

SetValue로 이벤트를 설정하고 Win32 동기화 함수를 통해 대기 할 시, 프로세스 로드가 증가 없이 데이터 읽기가 가능하다.



원문 번역.
이벤트를 사용하려면 클라이언트 응용 프로그램이 CAN_SetValue (class-method : SetValue) 함수를 호출하여 매개 변수 PCAN_RECEIVE_EVENT를 설정해야합니다. 이 매개 변수는 이벤트 객체의 핸들을 설정합니다. 메시지를 받으면 드라이버는이 이벤트를 "Signaled"상태로 설정합니다.
다른 스레드는 프로세스 로드를 증가시키지 않고 Win32 동기화 함수 ( : WaitForSingleObject) 하나를 사용하여 이벤트 신호를 받을 때까지 대기하는 클라이언트 어플리케이션에서 시작해야함.
 이벤트가 신호되고 나면 클라이언트의 수신 버퍼를 CAN_Read (클래스 메소드 : 읽기) 함수로 읽을 수 있으며 CAN 메시지를 처리 ​​할 수 ​​있습니다.


ref: http://www.peak-system.com/‎


sample code :

can.h
classA {
....
DWORD readthread(); 
HANDLE m_hEvent; // 이벤트 핸들
....
}
---------------------------------------
can.cpp

DWORD classA::readthread() {
      ....
    LOADAPI.SetValue(m_PcanHandle, PCAN_RECEIVE_EVENT, &m_hEvent, sizeof(m_hEvent));
    if (m_hEvent == NULL) {
        return RETURN::FAIL;
    }
    
    while (1) {
    //Wait for CAN Data...
        result = WaitForSingleObject(m_hEvent, 10000);
        if (result == WAIT_OBJECT_0)
              LOADAPI.Read(m_PcanHandle, &CANMsg, &CANTimeStamp); 

    } 


By - No comments:
Labels:

Error: Virtualbox guest additions: modprobe vboxsf failed


shared folder Error: Virtualbox guest additions: modprobe vboxsf failed

$ sudo apt-get install virtualbox-guest-dkms
$ sudo apt-get install linux-headers-virtual


#Example #Error #Virtualbox #linux
By - No comments:
Labels:

linux "ps" command example


"ps" command example
: If i use "ps" command, I can check working process.

$ ps [-option]
-a : enumerates all processes (total user)
-u : each process of user and usage time
-x: enumerates all processes without a controlling terminal
-l : enumerates the detailed information
-e: Display all processes statuses

Example)
 ps -aux


PID : process id
%CPU : cpu usage
%MEM : memory usage
VSZ : virtual memory usage
RSS : real memory usage
Stat : process status ( S : sleep, I : idle, T : stop, …)

By - No comments:
Labels:

Linux : search content (in file) / and search file or folder example


search content
$ grep -r "content" ./*
  ex) grep -r "LD_PRELOAD" ./*

search file or folder
$ find ./* -name "file or folder"
  ex) find ./* -name "library" or find ./* -name "*lib*"

By - No comments:
Labels:

android pdk make error : Android can only be built by versions 3.81 and 3.82.


This error is caused by an incorrect "make" version.

root@kiwon-VirtualBox:~/pdk/android-4.4.2_r1# make
build/core/main.mk:45: ********************************************************************************
build/core/main.mk:46: *  You are using version 4.1 of make.
build/core/main.mk:47: *  Android can only be built by versions 3.81 and 3.82.
build/core/main.mk:48: *  see https://source.android.com/source/download.html
build/core/main.mk:49: ********************************************************************************
build/core/main.mk:50: *** stopping.  Stop.

This error is caused by an incorrect "make" version.
So, Please add "make" version.

$make -v
GNU Make 4.1
.…

Please add "make" version 4.1 .
$ vi ./build/core/main.mk

 40 # Check for broken versions of make.


 41 # (Allow any version under Cygwin since we don't actually build the platform there.)

 42 ifeq (,$(findstring CYGWIN,$(shell uname -sm)))

 43 ifeq (0,$(shell expr $$(echo $(MAKE_VERSION) | sed "s/[^0-9\.].*//") = 3.81))

 44 ifeq (0,$(shell expr $$(echo $(MAKE_VERSION) | sed "s/[^0-9\.].*//") = 3.82))

 45 ifeq (0,$(shell expr $$(echo $(MAKE_VERSION) | sed "s/[^0-9\.].*//") = 4.1))

 46 $(warning ********************************************************************************)

 47 $(warning *  You are using version $(MAKE_VERSION) of make.)

 48 $(warning *  Android can only be built by versions 3.81 and 3.82.)

 49 $(warning *  see https://source.android.com/source/download.html)

 50 $(warning ********************************************************************************)

 51 $(error stopping)

 52 endif

 53 endif

 54 endif

 55 endif



Okay .
By - No comments:
Labels:

QT set background image example(QLable_setstylesheet, QPixmap)

QT set background image example(QLable_setstylesheet, QPixmap)
I had a problem about applying image.

This is problem :
My app is working on an embedded system. I have migrated the app from Qt 5.6 to Qt 5.9.3 and it became very slow. I have checked the output of the top command and realized that my app is causing a CPU utilization of 100%.
So, I have check my app and I have found a problem in this part of the code:
MainWidget::MainWidget(QWidget *parent)
    : QWidget(parent)
{
...

    QPixmap bg(BACK_IMG_PATH);
    bg.fill(Qt::transparent);
    QPalette p(palette());
    p.setBrush(QPalette::Background, bg);
    setAutoFillBackground(true);
    setPalette(p);
...
}
The problem is, that if I add the code for the background, my app becomes extremely slow. However, if I remove this code, my app is working as expected. This cannot be a solution though, cause I need the background.
This problem did not exist before the migration.
I have tried to solve this by reimplementing the paintEvent and using QPainter like this:
void MainWidget::paintEvent(QPaintEvent *event)
{
    QPainter painter(this);
    painter.drawImage(QRectF(this->x(), this->y(), this->width(), this->height()), QImage("img/bg_1280_720.png"));
}
This result is slightly faster, but still not satisfactory (the cpu utilization is 50%).


How to solve this problem?

before:
#define BACK_IMG_PATH           "/img/bg_1280_720.png"
    QPixmap bg(BACK_IMG_PATH);
    bg.fill(Qt::transparent);
    QPalette p(palette());
    p.setBrush(QPalette::Background, bg);
    setAutoFillBackground(true);
    setPalette(p);


after:
#define BACK_IMG_PATH           "background-image:url(/img/bg_1280_720.png)"
    QLabel *labelBg = new QLabel(this);
    labelBg->setStyleSheet(BACK_IMG_PATH);
    labelBg->setGeometry(this->geometry());














By



-





No comments:
  


















Labels:

















        

      









Subscribe to:
Posts (Atom)









Apartment Buying Guide 2025: Shocking Red Flags You Should NEVER Ignore!



 🏙️ Apartment Buying Guide 2025: Shocking Red Flags You Should NEVER Ignore! 🚨 Are you thinking about buying an apartment in 2025? 🏢  It’...