Reverse Engineering the Constants in the Pentium FPU
(righto.com)
Intel released the powerful Pentium processor in 1993, establishing a long-running brand of high-performance processors.1 The Pentium includes a floating-point unit that can rapidly compute functions such as sines, cosines, logarithms, and exponentials. But how does the Pentium compute these functions? Earlier Intel chips used binary algorithms called CORDIC, but the Pentium switched to polynomials to approximate these transcendental functions much faster. The polynomials have carefully-optimized coefficients that are stored in a special ROM inside the chip's floating-point unit.
Intel released the powerful Pentium processor in 1993, establishing a long-running brand of high-performance processors.1 The Pentium includes a floating-point unit that can rapidly compute functions such as sines, cosines, logarithms, and exponentials. But how does the Pentium compute these functions? Earlier Intel chips used binary algorithms called CORDIC, but the Pentium switched to polynomials to approximate these transcendental functions much faster. The polynomials have carefully-optimized coefficients that are stored in a special ROM inside the chip's floating-point unit.
Extracting AI models from mobile apps
(altayakkus.substack.com)
If you are drinking the Kool-Aid, Artificial Intelligence is everywhere.
If you are drinking the Kool-Aid, Artificial Intelligence is everywhere.
Remote code execution via MIDI messages
(psi3.ru)
I gained remote code execution via MIDI messages to trick my synth into playing Bad Apple on its LCD. This blog post is about my journey with this reverse engineering project.
I gained remote code execution via MIDI messages to trick my synth into playing Bad Apple on its LCD. This blog post is about my journey with this reverse engineering project.
Ask HN: How are you using LLMs for traversing decompiler output?
(ycombinator.com)
I need to reverse a binary made years ago, and I have zero experience with cpp, so I think it would be a good experiment to get an LLM to help me in any way
I need to reverse a binary made years ago, and I have zero experience with cpp, so I think it would be a good experiment to get an LLM to help me in any way
MitmProxy2Swagger: Automagically reverse-engineer REST APIs
(github.com/alufers)
A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic.
A tool for automatically converting mitmproxy captures to OpenAPI 3.0 specifications. This means that you can automatically reverse-engineer REST APIs by just running the apps and capturing the traffic.
Show HN: API Parrot – Automatically Reverse Engineer HTTP APIs
(apiparrot.com)
API Parrot is the tool specifically designed to reverese engineer the HTTP APIs of any website. Making life easier for developers looking to automate, integrate or scrape websites without public APIs.
API Parrot is the tool specifically designed to reverese engineer the HTTP APIs of any website. Making life easier for developers looking to automate, integrate or scrape websites without public APIs.
Beyond BLE: Cracking Open the Black-Box of RF Microcontrollers [video]
(media.ccc.de)
Despite the recent popularity and breadth of offerings of low-cost RF microcontrollers, there is a shared absence of documentation for the internal workings of their RF hardware.
Despite the recent popularity and breadth of offerings of low-cost RF microcontrollers, there is a shared absence of documentation for the internal workings of their RF hardware.
Proprietary silicon ICs and dubious marketing claims? Let's fight those [video]
(media.ccc.de)
Custom silicon chips are black boxes that hold many secrets, like internal ROMs, security features and audio DSP algorithms. How does one start reverse engineer them? Let's look at the basics of silicon reverse engineering, what gate array chips are, and how some tooling can generate Verilog code automatically from a die shot.
Custom silicon chips are black boxes that hold many secrets, like internal ROMs, security features and audio DSP algorithms. How does one start reverse engineer them? Let's look at the basics of silicon reverse engineering, what gate array chips are, and how some tooling can generate Verilog code automatically from a die shot.
I Reversed a Drone and Landed It with My PC
(hardbreak.wiki)
In this example, we demonstrate how we reverse-engineered the communication between the Parrot Anafi consumer drone and its controller, which connect via Wi-Fi. The Parrot Anafi hosts its own Wi-Fi network, allowing either the controller or a phone running the Freeflight app to connect. Our goal was to understand the signals sent to the Anafi for initiating takeoff and landing sequences.
In this example, we demonstrate how we reverse-engineered the communication between the Parrot Anafi consumer drone and its controller, which connect via Wi-Fi. The Parrot Anafi hosts its own Wi-Fi network, allowing either the controller or a phone running the Freeflight app to connect. Our goal was to understand the signals sent to the Anafi for initiating takeoff and landing sequences.
Liberating Wi-Fi on the ESP32 [video]
(media.ccc.de)
Reverse engineering the Wi-Fi peripheral of the ESP32 to build an open source Wi-Fi stack.
Reverse engineering the Wi-Fi peripheral of the ESP32 to build an open source Wi-Fi stack.
Reverse Engineering the Duco Connectivity Board
(github.com/kokx)
My newly built house came with a promising feature: a DucoBox Energy Comfort D325 ventilation system with heat recovery. While the system efficiently preheats incoming air using outgoing air’s heat, its control options were limited to four basic modes through a simple button interface. I wanted more - specifically, integration with Home Assistant. The official solution? A Duco Connectivity Board. But when I noticed it was just an ESP32 in disguise, I knew there had to be a better way.
My newly built house came with a promising feature: a DucoBox Energy Comfort D325 ventilation system with heat recovery. While the system efficiently preheats incoming air using outgoing air’s heat, its control options were limited to four basic modes through a simple button interface. I wanted more - specifically, integration with Home Assistant. The official solution? A Duco Connectivity Board. But when I noticed it was just an ESP32 in disguise, I knew there had to be a better way.
Reverse Engineering the Stream Deck+
(den.dev)
Close to 4 years ago I talked about reverse engineering the Stream Deck to gain full control of the device and remove the dependence on the Stream Deck software. Well, I still really enjoy the hardware, but the software has gotten worse - it now goes as far as to requiring users for an account to download extensions.
Close to 4 years ago I talked about reverse engineering the Stream Deck to gain full control of the device and remove the dependence on the Stream Deck software. Well, I still really enjoy the hardware, but the software has gotten worse - it now goes as far as to requiring users for an account to download extensions.
Show HN: Complete decompilation of Lego Island
(github.com/isledecomp)
This is a functionally complete decompilation of LEGO Island (Version 1.1, English). It aims to be as accurate as possible, matching the recompiled instructions to the original machine code as much as possible. The goal is to provide a workable codebase that can be modified, improved, and ported to other platforms later on.
This is a functionally complete decompilation of LEGO Island (Version 1.1, English). It aims to be as accurate as possible, matching the recompiled instructions to the original machine code as much as possible. The goal is to provide a workable codebase that can be modified, improved, and ported to other platforms later on.
Hardware Security Exploit Research – Xbox 360
(github.com/kooscode)
I'm fairly well versed with original XBOX and writing home-brew code for it 20 years ago, but I have since not spent much time on the XBOX 360 or XBOX One platforms beyond tons of gaming and I have always been interrested in how exactly the XBOX 360 security was defeated.
I'm fairly well versed with original XBOX and writing home-brew code for it 20 years ago, but I have since not spent much time on the XBOX 360 or XBOX One platforms beyond tons of gaming and I have always been interrested in how exactly the XBOX 360 security was defeated.
Ken Shirriff Tracks Down Intel's Infamous Pentium FDIV Bug in the Silicon Itself
(hackster.io)
Noted reverse engineer and vintage electronics enthusiast Ken Shirriff has turned his attention to one of the darkest days in Intel's storied history: the discovery of, and subsequent impact of, the infamous FDIV bug in its Pentium processor range.
Noted reverse engineer and vintage electronics enthusiast Ken Shirriff has turned his attention to one of the darkest days in Intel's storied history: the discovery of, and subsequent impact of, the infamous FDIV bug in its Pentium processor range.
How to Reverse Engineer a 12 EUR Intel PCIe FPGA Card IBM 98Y2610
(circuitvalley.com)
This Post is showing how to Reverse Engineer a Unknown FPGA Board which I got off Ebay.
This Post is showing how to Reverse Engineer a Unknown FPGA Board which I got off Ebay.
0x01 – Killing Windows Kernel Mitigations
(wetw0rk.github.io)
This post was made possible through hard work and determination. Do not feel frustrated if this stuff does not click immediately and remember, the source of truth will always be the source code. For us, our source code is raw assembly. That said it’s important you understand these techniques in detail because when Microsoft releases new mitigations your foundation is what will allow you to develop bypasses.
This post was made possible through hard work and determination. Do not feel frustrated if this stuff does not click immediately and remember, the source of truth will always be the source code. For us, our source code is raw assembly. That said it’s important you understand these techniques in detail because when Microsoft releases new mitigations your foundation is what will allow you to develop bypasses.
Reverse engineering the Ravensburger TipToi pen
(github.com/entropia)
The goal of this project is to understand the file and paper format for the Ravensburger TipToi pen. The ultimate goal is that everyone can create their own books, with their own sounds.
The goal of this project is to understand the file and paper format for the Ravensburger TipToi pen. The ultimate goal is that everyone can create their own books, with their own sounds.
Antenna Diodes in the Pentium Processor
(righto.com)
I was studying the silicon die of the Pentium processor and noticed some puzzling structures where signal lines were connected to the silicon substrate for no apparent reason.
I was studying the silicon die of the Pentium processor and noticed some puzzling structures where signal lines were connected to the silicon substrate for no apparent reason.
Reverse Engineering iOS 18 Inactivity Reboot
(blogspot.com)
iOS 18 introduced a new inactivity reboot security feature. What does it protect from and how does it work? This blog post covers all the details down to a kernel extension and the Secure Enclave Processor.
iOS 18 introduced a new inactivity reboot security feature. What does it protect from and how does it work? This blog post covers all the details down to a kernel extension and the Secure Enclave Processor.
AI Models for Decompiling Assembly Code
(reveng.ai)
The challenge of converting low-level assembly code back into human-readable source code is a cornerstone problem in reverse engineering.
The challenge of converting low-level assembly code back into human-readable source code is a cornerstone problem in reverse engineering.
Everyday Ghidra: Ghidra Data Types– When to Create Custom GDTs – Part 1
(medium.com)
In this 2-part “Everyday Ghidra” series post, we’ll walk through creating custom Ghidra data types by parsing C header files.
In this 2-part “Everyday Ghidra” series post, we’ll walk through creating custom Ghidra data types by parsing C header files.
Tamagotchi Hacking, in Depth
(hackaday.com)
In this strangely fascinating talk, you can follow along as [Natalie Silvanovich] reverse engineers some Tamagotchi. Even if you have no interest whatsoever in digital pets, you’ll probably pick up a trick or two by listening to how she went about taking over the toy. She can now push her own images to the screen, and evolve her Tamagotchi at will.
In this strangely fascinating talk, you can follow along as [Natalie Silvanovich] reverse engineers some Tamagotchi. Even if you have no interest whatsoever in digital pets, you’ll probably pick up a trick or two by listening to how she went about taking over the toy. She can now push her own images to the screen, and evolve her Tamagotchi at will.