Can I rely on this github repository files?Which file encryption algorithm is used by Synology's Cloud Sync feature?GitHub pages and same originDoes GitHub have an endpoint for reading a users GPG keys?API credentials visible when creating Github pages website?Why host third party libs instead of relying on CDN, Nuget, GitHub?Making an API repository private vs publicHow does Github preserve versioning integrity?How does Github authentication work (command line, api)?Is it a good idea to upload your gnupg files to github?How could malicious code changes in a GitHub pull request be masked by an attacker?

Why has "pence" been used in this sentence, not "pences"?

Engineer refusing to file/disclose patents

Should I install hardwood flooring or cabinets first?

Does the Mind Blank spell prevent the target from being frightened?

Could solar power be utilized and substitute coal in the 19th Century

Melting point of aspirin, contradicting sources

Journal losing indexing services

What linear sensor for a keyboard?

Using a siddur to Daven from in a seforim store

Why is Arduino resetting while driving motors?

Why does Async/Await work properly when the loop is inside the async function and not the other way around?

How can "mimic phobia" be cured or prevented?

How do ground effect vehicles perform turns?

Proof of Lemma: Every nonzero integer can be written as a product of primes

Transformation of random variables and joint distributions

Is XSS in canonical link possible?

Is possible to search in vim history?

What is this type of notehead called?

Proving a function is onto where f(x)=|x|.

Can I use my Chinese passport to enter China after I acquired another citizenship?

Should I stop contributing to retirement accounts?

How to color a curve

Why in book's example is used 言葉(ことば) instead of 言語(げんご)?

Greatest common substring



Can I rely on this github repository files?


Which file encryption algorithm is used by Synology's Cloud Sync feature?GitHub pages and same originDoes GitHub have an endpoint for reading a users GPG keys?API credentials visible when creating Github pages website?Why host third party libs instead of relying on CDN, Nuget, GitHub?Making an API repository private vs publicHow does Github preserve versioning integrity?How does Github authentication work (command line, api)?Is it a good idea to upload your gnupg files to github?How could malicious code changes in a GitHub pull request be masked by an attacker?













1















I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github







share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    33 mins ago















1















I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github







share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    33 mins ago













1












1








1








I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github







share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github




reverse-engineering c++ github






share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 5 hours ago









schroeder

77.9k30173209




77.9k30173209






New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 6 hours ago









mcruz2401mcruz2401

61




61




New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    33 mins ago

















  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    33 mins ago
















If you're able to compile from source, then just use your computer version.

– Daisetsu
33 mins ago





If you're able to compile from source, then just use your computer version.

– Daisetsu
33 mins ago










1 Answer
1






active

oldest

votes


















6














Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






share|improve this answer






















    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "162"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    noCode: true, onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );






    mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.









    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206000%2fcan-i-rely-on-this-github-repository-files%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    6














    Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






    share|improve this answer



























      6














      Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






      share|improve this answer

























        6












        6








        6







        Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






        share|improve this answer













        Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 6 hours ago









        PolynomialPolynomial

        101k31246339




        101k31246339




















            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.









            draft saved

            draft discarded


















            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.












            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.











            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.














            Thanks for contributing an answer to Information Security Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206000%2fcan-i-rely-on-this-github-repository-files%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Möglingen Índice Localización Historia Demografía Referencias Enlaces externos Menú de navegación48°53′18″N 9°07′45″E / 48.888333333333, 9.129166666666748°53′18″N 9°07′45″E / 48.888333333333, 9.1291666666667Sitio web oficial Mapa de Möglingen«Gemeinden in Deutschland nach Fläche, Bevölkerung und Postleitzahl am 30.09.2016»Möglingen

            Image
            Localidades de Baden-Wurtemberg municipioalemándistrito de LuisburgoBaden-WurtembergLuisburgoCasa de WurtembergGuerra de los Treinta AñosGuerra de los Nueve Años Möglingen Municipio Iglesia gótica de San Pancracio. Escudo Möglingen Localización de Möglingen en Alemania Ubicación de Möglingen Coordenadas 48°53′18″N 9°07′45″E  /  48.888333333333, 9.1291666666667 Coordenadas: 48°53′18″N 9°07′45″E  /  48.888333333333, 9.1291666666667 Entidad Municipio  • País   Alemania  • Estado Baden-Wurtemberg  • Distrito Luisburgo Superficie    • Total 9,93 km², 9,95 km² y 9,93 km² Altitud    • Media 297 m s. n. m. Población (2014)    • Total 10 983 hab.  • Densidad Expresión errónea: carácter de puntuación « » desconocido, hab/km² Huso horario UTC+01:00 y UTC+02:00 Código postal 71696 Prefijo telefónico 07141 Matrícula LB Número oficial de comunidad 08118051 Sitio web oficial [editar datos en Wikidata] Möglingen es un municipio alemán perteneciente al distrito de Luisburgo de Baden-Wurtember
            Read more

            Virtualbox - Configuration error: Querying “UUID” failed (VERR_CFGM_VALUE_NOT_FOUND)“VERR_SUPLIB_WORLD_WRITABLE” error when trying to installing OS in virtualboxVirtual Box Kernel errorFailed to open a seesion for the virtual machineFailed to open a session for the virtual machineUbuntu 14.04 LTS Virtualbox errorcan't use VM VirtualBoxusing virtualboxI can't run Linux-64 Bit on VirtualBoxUnable to insert the virtual optical disk (VBoxguestaddition) in virtual machine for ubuntu server in win 10VirtuaBox in Ubuntu 18.04 Issues with Win10.ISO Installation

            Image
            Fear of getting stuck on one programming language / technology that is not used in my country Do the primes contain an infinite almost arithmetic progression? Biological Blimps: Propulsion Are Captain Marvel's powers affected by Thanos' actions in Infinity War Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size? Can a College of Swords bard use a Blade Flourish option on an opportunity attack provoked by their own Dissonant Whispers spell? Can disgust be a key component of horror? Can I say "fingers" when referring to toes? What is Cash Advance APR? Why Shazam when there is already Superman? What does "Scientists rise up against statistical significance" mean? (Comment in Nature) What does chmod -u do? What should you do when eye contact makes your subordinate uncomfortable? Issue while creating Apex class using API How much character growth crosses the line into breaking the charac
            Read more

            Antonio De Lisio Carrera Referencias Menú de navegación«Caracas: evolución relacional multipleja»«Cuando los gobiernos subestiman a las localidades: L a Iniciativa para la Integración de la Infraestructura Regional Suramericana (IIRSA) en la frontera Colombo-Venezolana»«Maestría en Planificación Integral del Ambiente»«La Metrópoli Caraqueña: Expansión Simplificadora o Articulación Diversificante»«La Metrópoli Caraqueña: Expansión Simplificadora o Articulación Diversificante»«Conózcanos»«Caracas: evolución relacional multipleja»«La Metrópoli Caraqueña: Expansión Simplificadora o Articulación Diversificante»

            Profesores de VenezuelaNacidos en 1956Geógrafos de Venezuela PlanificaciónEcologíaAmbientedesarrollo sustentableUniversidad Central de VenezuelaUniversidad Central de VenezuelaAsamblea Nacional de VenezuelaUniversidad Central de VenezuelaUniversidad de París VIIUniversidad Central de Venezuela Antonio De Lisio (nacido en 1956), es un geógrafo y profesor universitario italiano/venezolano. Se destaca como investigador en las áreas de Planificación,Ecología, Ambiente y desarrollo sustentable. [ 1 ] ​ Fue director del Centro de Estudios Integrales del Ambiente (CENAMB) de la Universidad Central de Venezuela (1992-2009). [ 2 ] ​ Carrera De Lisio es profesor titular de la Facultad de Arquitectura y Urbanismo y del CENAMB de la Universidad Central de Venezuela. Impartiendo las cátedras de “Teoría de la Arquitectura” en la Escuela Arquitectura Carlos Raúl Villanueva, y a nivel de postgrado “Perspectiva Ambiental del Desarrollo” en la maestría de Planificación Integral del Ambiente. [ 3 ] ​
            Read more