Best of Reverse Engineering2025

  1. 1
    Article
    Avatar of lobstersLobsters·42w

    Writing a basic Linux device driver when you know nothing about Linux drivers or USB

    A detailed walkthrough of creating a Linux device driver for a Nanoleaf RGB LED device from scratch. The author explores USB fundamentals, explains HID devices, demonstrates using libusb with Rust to communicate with hardware, and covers practical aspects like udev rules and interrupt handling. The tutorial progresses from basic device enumeration to implementing a working userspace driver that can control LED colors and handle device responses.

  2. 2
    Article
    Avatar of hnHacker News·52w

    Hacking a Smart Home Device

    James Warner details his process of reverse-engineering an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant. He discusses network protocol interception, firmware analysis, and how to interpret and modify the device's firmware. His journey includes studying the mobile app, inspecting network traffic, physically disassembling the device, and using various tools for analysis. He successfully decrypts network packets, performs an MITM attack, and logs data to recreate the device’s control logic locally.

  3. 3
    Article
    Avatar of hnHacker News·45w

    Root Shell on Credit Card Terminal

    A security researcher reverse engineered a Worldline Yomani XR payment terminal and discovered an exposed root shell accessible via serial console without authentication. Despite sophisticated tamper detection mechanisms using pressure-sensitive connectors and copper traces, the debug interface remained accessible through an external hatch. The researcher extracted unencrypted firmware using chip-off techniques, revealing an outdated Linux system (kernel 3.6 from 2023). However, the security impact is limited because the Linux system only handles networking and updates, while sensitive payment operations run on a separate, encrypted secure processor.

  4. 4
    Article
    Avatar of lobstersLobsters·27w

    I'm Building a Browser for Reverse Engineers

    A developer chronicles building a specialized browser for reverse engineering by forking Chromium and Electron. Starting with JavaScript function hooking via Chrome DevTools Protocol, they progressed to creating custom CDP domains at the Blink layer to stealthily intercept canvas fingerprinting and other anti-bot techniques. The project evolved from a weekend prototype into a comprehensive tool featuring automatic deobfuscation, function overrides, and fingerprint payload decryption, demonstrating deep browser internals manipulation to analyze web security mechanisms.

  5. 5
    Video
    Avatar of lauriewiredLaurieWired·31w

    This C code should be ILLEGAL. It's also fantastic.

    A reverse engineer analyzes obfuscated C code submissions from the International Obfuscated C Code Contest (IOCCC) using Ghidra decompiler. The analysis reveals surprising implementations including a Rick Roll animation, a complete Doom game running in a virtual machine, a 3D renderer, an LLM chatbot with multiple personalities, a Vim clone, and other creative programs. The experiment demonstrates both the effectiveness of reverse engineering tools and the ingenuity of obfuscated code techniques.

  6. 6
    Article
    Avatar of 80lv80 LEVEL·23w

    Programmer Discovers His Smart Vacuum Was Spying on Him

    A programmer discovered his ILIFE A11 smart vacuum was sending unencrypted data including Wi-Fi credentials and home maps to manufacturer servers. When he blocked the data transmission, the device was remotely bricked by the manufacturer. After disassembling it and accessing its unprotected Android Debug Bridge, he found the manufacturer had root access via pre-installed software. The same hardware powers devices from multiple brands including Xiaomi and Wyze, suggesting widespread vulnerability. He successfully restored the device with full local control by removing manufacturer access.

  7. 7
    Article
    Avatar of hnHacker News·31w

    sam henri gold on X: "Did you know your MacBook has a sensor that knows the exact angle of the screen hinge? It’s not exposed as a public API, but I figured out a way to read it and make it sound like

    A developer discovered how to access MacBook's hidden screen hinge angle sensor through undocumented methods and created a creative audio application that makes the laptop sound like an old wooden door when opening and closing.

  8. 8
    Article
    Avatar of hnHacker News·26w

    The Day My Smart Vacuum Turned Against Me

    An engineer discovers their smart vacuum was remotely disabled by the manufacturer after blocking its telemetry servers. Through reverse engineering, they gained root access via an open ADB port, found the device running Google Cartographer SLAM software on Linux, and uncovered evidence of remote kill commands. The investigation revealed the vacuum transmitted unencrypted data including WiFi credentials, had pre-installed remote access software (rtty), and could be controlled by the manufacturer without user consent. The engineer successfully restored offline functionality and documented the findings, highlighting broader IoT security and privacy concerns affecting multiple brands using the same hardware platform.

  9. 9
    Video
    Avatar of lauriewiredLaurieWired·1y

    ghidraMCP: Now AI Can Reverse Malware

    The post introduces mCP (model context protocol), which enables Large Language Models (LLMs) to interact directly with applications such as Ghidra, an open-source disassembler and decompiler. By creating an mCP server for Ghidra, the author automates common reverse engineering tasks, saving time and effort. This integration allows LLMs to operate autonomously, using standardized functions to perform actions within the applications. The versatility of mCP means it can work with various LLMs and applications, offering a scalable and efficient tool for developers.

  10. 10
    Article
    Avatar of sknexusSK NEXUS·48w

    Should You Learn Assembly?

    Learning to read assembly language can enhance your understanding of how high-level code translates into machine instructions. It provides insights into memory management, function calls, and compiler processes, which are essential for reverse engineering, malware analysis, and low-level security roles. A background in C and concepts like memory and call stacks is recommended before diving into assembly.

  11. 11
    Article
    Avatar of hnHacker News·1y

    Reverse Engineering Call Of Duty Anti-Cheat

    The post provides an in-depth analysis of the user-mode anti-cheat system—specifically Treyarch Anti-Cheat (TAC)—used in Call of Duty: Black Ops Cold War. It covers various anti-cheat mechanisms including Arxan protection, runtime executable decryption, API hook detection, debug register checks, and the TAC's methods for detecting external cheats and cheat logging. It also elaborates on TAC's encrypted custom syscalls, which help prevent common cheating methods.

  12. 12
    Article
    Avatar of hnHacker News·23w

    Manufacturer issues remote kill command to disable smart vacuum after engineer blocks it from collecting data — user revives it with custom hardware and Python scripts to run offline

    An engineer discovered his iLife A11 smart vacuum was sending telemetry data without consent. After blocking the manufacturer's servers, the device was remotely disabled via a kill command. Through reverse engineering, he found the vacuum had unsecured root access and was transmitting 3D maps of his home. He successfully revived the device using custom hardware, Python scripts, and a Raspberry Pi, enabling it to run completely offline. The incident highlights serious privacy and ownership concerns with IoT devices that rely on cloud processing.

See all Reverse Engineering archives