TransWikia.com

Is this executable packed, encrypted or what?

Reverse Engineering Asked by DADi590 on January 31, 2021

I have an executable that I’d like to patch, but I’m very new to RE. I some have assembly knowledge of x86 as first learned language last year, but not of this one: PowerPC (in this case is PPC32), which I will learn when needed to patch the program.

But I think the main problem on me understanding what’s this is that I’ve never seen a packed or encrypted (well, maybe encrypted). But I have no idea how to know which one is the case – or if it’s another thing. I once asked a person and they told me it might be packed. Another one said it might be encrypted. Is there any way of knowing which one it could be, or if it’s another which I don’t know about?

Image of the beggining of the file in IDA’s Graph view (was vertical, but it would take too much space):
enter image description here

Image of random part of the file, in IDA’s Text view:
enter image description here

Can it be seen from there what’s the problem with it? There’s almost no code. And the developer said it was protected, so the program is not meant to be like this. But I have no idea what all those numbers mean. Never saw anything like that (only patched one program by now and was very easy, but still very cool to do).

Bellow MUCH of that red stuff are strings. Above it’s the first picture. If it helps in any way, the file format is PRX for PS3 (https://www.psdevwiki.com/ps3/PRX) – don’t worry, the program is not official. It’s one of the unofficial programs made for unlocked PS3s by the community. But I’d like to patch something on it, as it’s not working and I may know the problem, but the developer is not available to help anymore.

Thanks in advance for any help!

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP