As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 11 years ago.
I've got a C++ app that ships on Windows and OSX. It communicates with our backend using TCP (encrypted with OpenSSL, natch). I'd like to throw up some speed bumps for folks who are trying to reverse engineer the protocol and/or disassemble the executable.
Skype does an excellent job of this, which is why you won't find a lot of apps that speak skype. Here is a really good read about what it does: http://www.secdev.org/conf/skype_BHEU06.handout.pdf
I'd like some ideas about how to accomplish similar stuff our app. Are there commercial products that make code harder to statically analyze? What is the best way to invest my time to accomplish the goals I've listed?
Thanks,
Some simple suggestions for OSX:
Prevent gdb from attaching to your program
http://www.steike.com/code/debugging-itunes-with-gdb/
(this can be worked around, but will keep some casual explorers away)
Have at least some of the code in your product stored outside the text segment of the executable, for example in data, or in an external (encrypted) shared library.
Minimally protect any sensitive string data by not storing it in plain text. Run "strings" against your executable, and if you see anything that might be helpful to someone trying to figure out the protocol, encrypt it.
GCC's -fomit-frame-pointer option can make debugging more painful (but can interact badly with C++ exceptions).
If I remember correctly Skype is using something similar (maybe they pay them to implement it in Skype, who knows) to "Code Guards" described in:
https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2001-49.pdf
Related
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 9 years ago.
Recently I learned Lua, we need it to co-work with existed C code(HTTP server).
From Lua books, we know that there maybe to way to make them co-working:
From Lua, you can wrap C code in share library(xxx.so) that Lua use require to import them.
From C, you can use existed Lua API to operate on lua_state, it's some trick but it works well.
I adopt both of them and everything seems great, by using Lua we can save a lot of time to implement our business logic. But I'm quite nervous about current architecture, although there was no serious problem in it, I always worried about it, if there was some thing happened, for example, serious performance bottleneck, memory related and so on.
Is anyone got rich experience in this, please give some some advice. Thanks.
Lua is designed to work well with both C and C++. The C API is meant for that.
You don't need to create and use shared libraries to extend Lua. It is the easiest way to extend the standard command line interpreter but it should be easy (if not easier) to link static C libraries for Lua in your own application.
If you want to see some examples of C libraries for Lua, see mine. There are many others.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 9 years ago.
Ive been searching around and I couldnt find anything on how to really begin programming for the Odyssey 2. I thought it was be kind of fun to mess around with one, to maybe try and program a simple game. But I wanted to know how I could begin. Like for example what is the console coded with, assembly? C?
Is there any example code online? Are there some tutorials?
I have been trying to find some, but have had no success.
It has only 64-bytes of memory, so yes, you need to use assembly.
There is an open-source, well commented game Kill the attacking aliens which should help you get started. When in doubt, you can also check the source codes of Odyssey² open-source emulators o2em.
There is also a good deal of documentation of the system here (this page in particular).
It has an Intel 8048 CPU, so you're probably pretty much stuck with assembly language -- I don't know of any compilers that target an 8048, and with only a couple hundred bytes of RAM available (only 64 bytes of that for general-purpose use), it doesn't seem like a good target for a compiler either. There are a few 8048 assemblers around, mostly of them freely downloadable. You can also dig up a few Odessey 2 emulators if you do a little looking (again, at least some are free).
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I am asking this question is because I need to modify an open source software and I completely have no idea on how to start the project.
Here is more details.
I usually works in Linux and use GNU compiler (g++, gfortran, etc) and Intel compiler (icc and ifort). I can write fortran and c/c++ programs. So far, the project that I wrote is less than 10 files (with vim, no IDE so far). I usually compile them separately and put them together as a single executable file.
Now I need to modify an open source software (A software for scientific calculation. No GUI. And it reads an input file with all calculation parameters.). The source of it contains hundreds of files which is too much for me. It does come with a configure script and some makefiles. And it use both c and fortran codes (I suspect the c code calls some fortran subroutines.). But I haven't try to use fortran subroutines in c/c++.
I need to understand it, make a small modification and add some functions or subroutines in the software as new features.
Could you tell me where to start? Is there an IDE which can “import” the software as a project? Or some handy tool to draw the connections between different files? (It is horrible to read the configure script and makefile first, then start to work.)
Thanks.
You could try speaking to the maintainer of the project, or asking for guidance on their discussion forum if one exists. Don't expect them to just tell you want to edit, however. You're more likely to get help if you've at least tried to understand what the source code is doing and how it hangs together, particularly since, in my opinion at least, you really ought to understand what it currently does before you change it.
Having said that, if the change you need to make would be useful to other people, the maintainers may accept your proposed changes as a feature request.
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
I am on the look out for a good software for browsing kernel level code written in C. I am currently using source navigator. Are there any better suggestions?
EDIT: I work on systems with both Windows and Linux (Ubuntu), so it should run on at least one of them, but Linux software is preferable.
This might not be what you're shooting for; it's less interactive than a dedicated tool, but I've found LXR to be very useful for providing a web interface front-end for browsing large source repositories. In each file, every symbol is linked to its original definition, so it's easy to dial down to exactly what you're looking for.
It was originally designed for indexing the Linux kernel source, and still does so here, (though I must say I'm not jazzed about the new AJAX interface...)
It can be run on any code base, though; not limited to the Linux kernel. And the web interface makes it easy to access from anywhere and from any system.
Visual Slick Edit does the trick for me.
Good tagging for big code bases, building, macros,light ui and support for many languages.
Unfortunately costs some $.
The reason I mostly wanted to switch from source navigator was that the project had closed down and the new project (Source navigator NG)seemed to be defunct(because the website etc. were down). But today, I checked and they had releases upto 2010. So they are probably still up and running.
Check it out, it has a good GUI and searching is easier than in cscope.
I use doxygen when I receive a big lump of code that I need to do a quick review on. You can use a special syntax in your source to make the doxygen output nice, but it does a decent job without.
netbeans works perfect for me
ctrl+click on any symbol will take you to the definition
then alt+left
very convenient for source code navigation
it's also cross platform
As it currently stands, this question is not a good fit for our Q&A format. We expect answers to be supported by facts, references, or expertise, but this question will likely solicit debate, arguments, polling, or extended discussion. If you feel that this question can be improved and possibly reopened, visit the help center for guidance.
Closed 10 years ago.
Is there a good guide or tutorial for people who need to programmatically interact with dynamic websites? There's been a rash of Perl questions about that lately, and I haven't found a good resource to point people toward. I'm asking not because I need one but because I don't want to waste my time writing it if it already exists. Although I'm most interested in Perl, the extra tools and techniques are mostly the same.
Typically, I see see these problems in people's questions:
Handling, setting, and saving cookies
Finding and interacting with forms
Handling JavaScript inside your user-agent
especially things like onLoad, onSumbit, and Ajax
Using HTTP sniffer tools
Using Web developer plugins in interactive browsers
Interacting with DOM, screen scraping, etc.
If there's no good tutorial, I'll add it to my list of things to do (unless someone else wants to do it). Along the way, if you don't have a suggestion for an existing tutorial, please suggest the things that you think should be in a new one, including links, your favorite tools, and your own user-agent development experiences. I don't care about the particular language you use.
The best I've seen is a Defcon presentation video.
Look at perl library of libraries. Some html parsing libraries should be made for talking to dynamic websites.
Like:
http://metacpan.org/pod/HTML::DOM
But do you want to use web-browser enhanced by perl. Or perl stand alone app?