Can I rely on this github repository files?Which file encryption algorithm is used by Synology's Cloud Sync feature?GitHub pages and same originDoes GitHub have an endpoint for reading a users GPG keys?API credentials visible when creating Github pages website?Why host third party libs instead of relying on CDN, Nuget, GitHub?Making an API repository private vs publicHow does Github preserve versioning integrity?How does Github authentication work (command line, api)?Is it a good idea to upload your gnupg files to github?How could malicious code changes in a GitHub pull request be masked by an attacker?

Are all species of CANNA edible?

Global amount of publications over time

Engineer refusing to file/disclose patents

Using a siddur to Daven from in a seforim store

What does this horizontal bar at the first measure mean?

In Star Trek IV, why did the Bounty go back to a time when whales are already rare?

Melting point of aspirin, contradicting sources

Query about absorption line spectra

Difference between -| and |- in TikZ

Can I sign legal documents with a smiley face?

Is camera lens focus an exact point or a range?

Reply 'no position' while the job posting is still there

Varistor? Purpose and principle

Has Darkwing Duck ever met Scrooge McDuck?

Flux received by a negative charge

We have a love-hate relationship

Drawing ramified coverings with tikz

Is it improper etiquette to ask your opponent what his/her rating is before the game?

My friend sent me a screenshot of a transaction hash, but when I search for it I find divergent data. What happened?

How do ground effect vehicles perform turns?

Greco-Roman egalitarianism

Did arcade monitors have same pixel aspect ratio as TV sets?

Greatest common substring

Why has "pence" been used in this sentence, not "pences"?



Can I rely on this github repository files?


Which file encryption algorithm is used by Synology's Cloud Sync feature?GitHub pages and same originDoes GitHub have an endpoint for reading a users GPG keys?API credentials visible when creating Github pages website?Why host third party libs instead of relying on CDN, Nuget, GitHub?Making an API repository private vs publicHow does Github preserve versioning integrity?How does Github authentication work (command line, api)?Is it a good idea to upload your gnupg files to github?How could malicious code changes in a GitHub pull request be masked by an attacker?













1















I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github







share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    23 mins ago















1















I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github







share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    23 mins ago













1












1








1








I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github







share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I recently found this GitHub repo https://github.com/userEn1gm4/HLuna, but after cloned it I note that the comparison between the file compiled (using g++) from source HLuna.cxx and the binary included in the repo (HLuna) is different: differ: byte 25, line 1. Is the provided binary file secure? I've already analyzed that in VirusTotal without any issues, but I don't have the expertise to decompile and read the output, and I've previously executed the binary provided without thinking about the risks.






reverse-engineering c++ github




reverse-engineering c++ github






share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 5 hours ago









schroeder

77.9k30173209




77.9k30173209






New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 6 hours ago









mcruz2401mcruz2401

61




61




New contributor




mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






mcruz2401 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    23 mins ago

















  • If you're able to compile from source, then just use your computer version.

    – Daisetsu
    23 mins ago
















If you're able to compile from source, then just use your computer version.

– Daisetsu
23 mins ago





If you're able to compile from source, then just use your computer version.

– Daisetsu
23 mins ago










1 Answer
1






active

oldest

votes


















5














Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






share|improve this answer






















    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "162"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    noCode: true, onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );






    mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.









    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206000%2fcan-i-rely-on-this-github-repository-files%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    5














    Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






    share|improve this answer



























      5














      Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






      share|improve this answer

























        5












        5








        5







        Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.






        share|improve this answer













        Compilation is not a directly verifiable deterministic process across compiler versions, library versions, operating systems, or a number of other different variables. The only way to verify is to perform a diff at the assembly level. There are lots of tools that can do this but you still need to put the manual work in.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 6 hours ago









        PolynomialPolynomial

        101k31246339




        101k31246339




















            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.









            draft saved

            draft discarded


















            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.












            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.











            mcruz2401 is a new contributor. Be nice, and check out our Code of Conduct.














            Thanks for contributing an answer to Information Security Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f206000%2fcan-i-rely-on-this-github-repository-files%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            How should I use the fbox command correctly to avoid producing a Bad Box message?How to put a long piece of text in a box?How to specify height and width of fboxIs there an arrayrulecolor-like command to change the rule color of fbox?What is the command to highlight bad boxes in pdf?Why does fbox sometimes place the box *over* the graphic image?how to put the text in the boxHow to create command for a box where text inside the box can automatically adjust?how can I make an fbox like command with certain color, shape and width of border?how to use fbox in align modeFbox increase the spacing between the box and it content (inner margin)how to change the box height of an equationWhat is the use of the hbox in a newcommand command?

            Image
            Is there a problem with hiding "forgot password" until it's needed? Time travel short story where a man arrives in the late 19th century in a time machine and then sends the machine back into the past Go Pregnant or Go Home Why Were Madagascar and New Zealand Discovered So Late? How can my private key be revealed if I use the same nonce while generating the signature? Modify casing of marked letters Trouble understanding overseas colleagues Best way to store options for panels Was Spock the First Vulcan in Starfleet? How do I keep an essay about "feeling flat" from feeling flat? How does a character multiclassing into warlock get a focus? Why does John Bercow say “unlock” after reading out the results of a vote? The Riley Riddle Mine Print name if parameter passed to function How can I replace every global instance of "x[2]" with "x_2" Hide Select Output from T-SQL Can I convert a rim brake wheel to a disc brak
            Read more

            152 Atala Notae | Nexus externi | Tabula navigationis"Discovery Circumstances: Numbered Minor Planets"2000152Small-Body Database

            Image
            L +1Latinitas +1 (bona)Asteroides anno 1875 repertiAsteroides Cinguli PrincipalisAsteroides a rebus ficticiis appellati Atalaasteroidessystematis solarisasteroidibus Cinguli PrincipalisAstronomismagnitudinem absolutam2 Novembris1875Paulo-Petro HenryObservatorio Lutetiaelitteris Francogallicis1801Castrobrientiiepochaeunitatum astronomicarumquam minimequam maximeInclinatio orbitalis°anomalia media [1]Small-Body DatabaseMercuriusVenusTellus (Terra)MarsIuppiterSaturnusUranusNeptunusSatellitesLunaAsteroidesindicesCorpora transneptuniana Vide etiam paginam discretivam: Atala 152 Atala Genus Asteroides Cinguli Principalis Res orbitales epochae 4 Ianuarii 2010 Excentricitas 0.0754396 Axis semimaior perihelion aphelion 3.1399791 UA 2.9031003 UA 3.3768579 UA Inclinatio orbitalis 12.11235° Longitudo nodi ascendentis 40.00824° Argumentum perihelii 58.52961° Anomalia media 348.89681° Periodus orbitalis 5.5641436375086 anni Res physicae Diameter km Massa kg Densitas media g/cm 3 Periodus rotation
            Read more

            Doxepinum Nexus interni Notae | Tabula navigationis3158DB01142WHOa682390"Structural Analysis of the Histamine H1 Receptor""Transdermal and Topical Drug Administration in the Treatment of Pain""Antidepressants as antipruritic agents: A review"

            Image
            Antidepressiva depressionuminsomniareceptorium H 1 agonista inversapruritusdermatitis atopicaelichenis simplicis chronici (neurodermatitis) Cave: notitiae huius paginae nec praescriptiones nec consilia medica sunt. Doxepinum Natura chemica Formula chemica C 19 H 21 NO Massa molaris 279.376 g/mol PubChem 3158 DrugBank DB01142 Natura pharmacologica Codex ATC N06AA12 ( WHO ) Tempus semivitae biologicum 17 (8-24) h Nor-Doxepinum: 31 h Metabolismus iecore (hepaticus): CYP2D6 CYP2C19 Metabolitus Nor-Doxepinum Excretio renibus (ca. 50%), faecibus: minus Ad usum therapeuticum Applicatio per os, i.v., i.m. MedlinePlus a682390 .mw-parser-output .existinglinksgray a,.mw-parser-output .existinglinksgray a:visitedcolor:gray.mw-parser-output .existinglinksgray a.newcolor:#ba0000.mw-parser-output .existinglinksgray a.new:visitedcolor:#a55858 (Anglice) Doxepinum est substantia psychoanaleptica et antidepressiva, ergo medicamentum tractationis depressionum, praesertim cum insomnia praesente, effectu
            Read more