Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 03-17-2021, 20:56
jonwil jonwil is offline
VIP
 
Join Date: Feb 2004
Posts: 387
Rept. Given: 2
Rept. Rcvd 21 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 65 Times in 34 Posts
jonwil Reputation: 21
Reverse engineering QT apps?

Are there any tutorials or tools or IDA plugins/etc to help with reverse engineering QT apps?
Reply With Quote
  #2  
Old 03-17-2021, 21:59
DominicCummings DominicCummings is offline
Friend
 
Join Date: Mar 2021
Posts: 14
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 28
Thanks Rcvd at 17 Times in 8 Posts
DominicCummings Reputation: 0
Post

My experience is that it produces quite clean code -- gdb (or lldb) alone has been relatively forthcoming with "clean" QT apps. You can also get most of the libraries for free from their website, which helps.

Here are a few random links to some further reading:

https://www.codeproject.com/articles/31330/qt-internals-reversing
(mirror: http://www.ntcore.com/files/qtrev.htm)

http://picturoku.blogspot.com/2011/08/qt-4-you.html

https://web.archive.org/web/20140828085019/https://hackeverything.wordpress.com/2008/03/30/qt-reversing/
Reply With Quote
The Following User Says Thank You to DominicCummings For This Useful Post:
nimaarek (03-26-2021)
  #3  
Old 03-18-2021, 04:37
jonwil jonwil is offline
VIP
 
Join Date: Feb 2004
Posts: 387
Rept. Given: 2
Rept. Rcvd 21 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 65 Times in 34 Posts
jonwil Reputation: 21
That Python script looks great (if only I could get it to work in IDA 7.5 it would be perfect)
Reply With Quote
  #4  
Old 03-20-2021, 00:37
niculaita's Avatar
niculaita niculaita is online now
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,342
Rept. Given: 947
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,299
Thanks Rcvd at 479 Times in 338 Posts
niculaita Reputation: 89
mirror for this zip from https://www.codeproject.com/articles/31330/qt-internals-reversing please
__________________
Decode and Conquer
Reply With Quote
  #5  
Old 03-23-2021, 20:43
tonyweb tonyweb is offline
Family
 
Join Date: Jan 2009
Posts: 190
Rept. Given: 190
Rept. Rcvd 95 Times in 36 Posts
Thanks Given: 1,901
Thanks Rcvd at 299 Times in 122 Posts
tonyweb Reputation: 95
@niculaita
Code:
https://ntcore.com/files/qtrev.htm
https://ntcore.com/files/qtrev/qtida.zip
Regards,
Tony

P.S. DominicCummings already posted the first link
__________________
Want to learn unpacking ... but I'm too stupid
Reply With Quote
  #6  
Old 03-23-2021, 22:06
Rasmus Rasmus is offline
Friend
 
Join Date: Jul 2019
Posts: 174
Rept. Given: 0
Rept. Rcvd 8 Times in 7 Posts
Thanks Given: 106
Thanks Rcvd at 102 Times in 60 Posts
Rasmus Reputation: 8
Quote:
Originally Posted by jonwil View Post
Are there any tutorials or tools or IDA plugins/etc to help with reverse engineering QT apps?
Find out the exact version of the Qt used by the author you app. Get the source code files for the core and other components of that version of the Qt from the QT site, compile them as debug.
Use the associated pdb files from the compiled files and use them in your IDA to generate more meaningful decompilations for your target. You will find your job just made 10-100 times easier

Of course, the above is a 10,000 feet summary view of the process. Anyway, this is the way professionals proceed with complex Qt targets. I used to have an article which gives details of this technique but I cannot find it right now.
Reply With Quote
The Following User Says Thank You to Rasmus For This Useful Post:
DominicCummings (03-24-2021)
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Material to reverse/patch electron apps on windows? Artic General Discussion 9 08-26-2021 01:24
iOS Reverse Engineering sope General Discussion 0 05-13-2016 13:09


All times are GMT +8. The time now is 15:45.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )