Function ID databases are the equivalent of IDA Pro’s FLIRT (Fast Library Identification and Recognition Technology). They allow analysts to build databases of function signatures that can later be applied to other binaries. But what does this actually mean?

During software reverse engineering, we often encounter binaries that lack symbol information. Without symbols, reverse engineering becomes significantly harder. Identifying function implementations based solely on assembly and generic labels (which are often just numbers or offsets) can be extremely time-consuming. While it's possible to go through each function manually, analyse its logic and rename it accordingly, this process takes a significant amount of time — something we’re usually short on.

In most cases, software uses libraries. These might be SOs (Shared Objects) on Unix-like systems or DLLs (Dynamic-Link Libraries) on Windows. Such libraries typically contain symbol names, making reverse engineering easier since you don't need to analyse what each function does. However, in some cases, libraries are statically linked and compiled directly into the binary. In those situations, the symbol information is often stripped out, and we’re left having to identify everything manually.

If the libraries are open source (FOSS FTW!), we can compare the source code with the decompiled or disassembled binary and match function implementations that way. Unfortunately, this can still be time-consuming and error-prone, especially if the compiler used aggressive optimization or reordered the code.

Our consultants at Mantra identified a critical flaw in a European Deposit Return System (DRS), which could allow a malicious actor to exploit the system for unlimited monetary gain. This article outlines our investigative process and offers a practical recommendation for addressing this vulnerability. The proposed solution should be technically feasible within the existing framework, enhancing the security and reliability of the DRS.

Disclaimer: The title of this post reflects a common style of naming in the tech community. No fraudulent activity was conducted in this research. Not by us, at least!
Our aim is to highlight potential areas for improvement in this particular collection/recycling environment, with no intent to disrupt or block the existing system. After careful consideration and responsible disclosure to the relevant company, we’re sharing our findings to promote awareness and refinement in barcode-based recycling methods.

The European Union created the Directive 2019/904 that deals with the reduction of certain plastic items including single use plastic (SUP). It demands that the member countries collect the 90% of SUP that are sold for recycling. Sounds great, although PET recycling seems to be a lie (glass and aluminium is not) anyways, but institutionalised collection is definitely the right step forward.

Many EU countries have implemented deposit return systems, where customers pay a small deposit on plastic bottles (and cans) that’s refunded when they return the empty bottles at collection points. This system has existed for years in some regions, while others have adopted it only recently. One particular country introduced the system this year, where our consultants had the chance to collect some experience with the process.