reverse engineering basics
play

Reverse engineering basics @KirilsSolovjovs on twitter Mg.sc.comp. - PowerPoint PPT Presentation

Oct 09, 2023 •284 likes •536 views

Reverse engineering basics @KirilsSolovjovs on twitter Mg.sc.comp. Kirils Solovjovs http://kirils.org for more Possible Security Reverse engineering? www.indiamart.com Contents Hardware architecture Processors and machine language

  1. Reverse engineering basics @KirilsSolovjovs on twitter Mg.sc.comp. Kirils Solovjovs http://kirils.org for more Possible Security

  2. Reverse engineering? www.indiamart.com

  3. Contents ● Hardware architecture ● Processors and machine language ● Engineering: Creating a program binary ● Reverse engeineering: – Static analysis – Binary debugging Kirils Solovjovs, 10/07/2018 Reverse engineering basics 3/25 possiblesecurity.com

  4. Hardware architecture Kirils Solovjovs, 10/07/2018 Reverse engineering basics 4/25 possiblesecurity.com

  5. Theory. Turing machine Kirils Solovjovs, 10/07/2018 Reverse engineering basics 5/25 possiblesecurity.com

  6. ENIAC, 1945 ● Turing complete ● General purpose ● “Reprogrammable” – Physical rewiring required – Takes weeks Kirils Solovjovs, 10/07/2018 Reverse engineering basics 6/25 possiblesecurity.com

  7. The two common hardware architectures Kirils Solovjovs, 10/07/2018 Reverse engineering basics 7/25 possiblesecurity.com

  8. Von Neumann arch ● “Stored program” concept ● CPU = CU + ALU ● Joint MU ● I/O ● Most modern systems Kirils Solovjovs, 10/07/2018 Reverse engineering basics 8/25 possiblesecurity.com

  9. Harvard arch ● Separate CU and ALU ● Separate memories ALU Data – Instructions – Instruction Data Control ● Allows memories to have memory memory unit different attributes ● Improved speed I/O ● DSPs, some microcontrollers Kirils Solovjovs, 10/07/2018 Reverse engineering basics 9/25 possiblesecurity.com

  10. Machine code ● A list of machine language instructions to be directly executed by a CPU. ● Each instruction is a small specifjc task: – Data operations – Arithmetic and logic operations – Control fmow operations ● Different ISAs (Instruction set architectures): – 8086, ARM, MIPS, VAX, ... Kirils Solovjovs, 10/07/2018 Reverse engineering basics 10/25 possiblesecurity.com

  11. Instruction MIPS32 Add Immediate Instruction 001000 00001 00010 0000000101011110 OP Code Addr 1 Addr 2 Immediate value addi $r1 , $r2 , 350 Equivalent mnemonic: Kirils Solovjovs, 10/07/2018 Reverse engineering basics 11/25 possiblesecurity.com

  12. x86 opcodes Kirils Solovjovs, 10/07/2018 Reverse engineering basics 12/25 possiblesecurity.com

  13. Note: virtual address space Virtual address space Physical address space ● Each 32bit program “sees” 0x00000000 0x00010000 4GiB of virtual address text 0x00000000 space available to them. 0x10000000 ● Virtual addresses are the data same for every instance of a process * before ASLR 0x00ffffff stack page belonging to process 0x7fffffff page not belonging to process Kirils Solovjovs, 10/07/2018 Reverse engineering basics 13/25 possiblesecurity.com

  14. Stack and heap ● Where are variables stored then? – Stack and heap ● Heap: for dynamic allocation, random access ● Stack: for static memory allocation Kirils Solovjovs, 10/07/2018 Reverse engineering basics 14/25 possiblesecurity.com

  15. Creating a program binary Kirils Solovjovs, 10/07/2018 Reverse engineering basics 15/25 possiblesecurity.com

  16. Overview: gcc example ● .c, .h – human readable C ● .s – human readable assembly ● .o – binary object code (relocatable object code) ● a.out – directly executable machine code Kirils Solovjovs, 10/07/2018 Reverse engineering basics 16/25 possiblesecurity.com

  17. DEMO: gcc example ● Compile: gcc -S fjle.c -o fjle.s – ● Assemble (&optimize): gcc -c fjle.s -o fjle.o – ● Link: gcc fjle.o -o fjle – Kirils Solovjovs, 10/07/2018 Reverse engineering basics 17/25 possiblesecurity.com

  18. Reverse engineering Kirils Solovjovs, 10/07/2018 Reverse engineering basics 18/25 possiblesecurity.com

  19. Full cycle Kirils Solovjovs, 10/07/2018 Reverse engineering basics 19/25 possiblesecurity.com

  20. DEMO: Static analysis of password ● strings r2 ● r2 password – pdf @ main Kirils Solovjovs, 10/07/2018 Reverse engineering basics 20/25 possiblesecurity.com

  21. DEMO: Static analysis of Android APK ● binwalk ● dex2jar + jd-gui Kirils Solovjovs, 10/07/2018 Reverse engineering basics 21/25 possiblesecurity.com

  22. DEMO: Binary debugging of test42 ● gdb test42 – info fjles – b *main if not stripped ● – start – info registers – x/i $pc Kirils Solovjovs, 10/07/2018 Reverse engineering basics 22/25 possiblesecurity.com

  23. DEMO: Firmware reverse engineering ● Real life example – mt Kirils Solovjovs, 10/07/2018 Reverse engineering basics 23/25 possiblesecurity.com

  24. Overview of tools ● gdb ● otool ● Capstone ● PE Explorer ● radare2 ● binwalk ● IDA-Pro & Hex-Rays ● dex2jar & JD-GUI ● Binary Ninja ● Resource Hacker ● OllyDbg Kirils Solovjovs, 10/07/2018 Reverse engineering basics 24/25 possiblesecurity.com

  25. Thanks! Slides are available on http://kirils.org Find me on twitter: @KirilsSolovjovs Kirils Solovjovs, 10/07/2018 Reverse engineering basics 25/25 possiblesecurity.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Meeting 104 // Reverse Engineering Basics // If Youre New! Join our Slack:

Meeting 104 // Reverse Engineering Basics // If Youre New! Join our Slack:

Meeting 104 // Reverse Engineering Basics // If Youre New! Join our Slack: cyberatuc.slack.com SIGN IN! (Slackbot will post the link in slack) Feel free to get involved with one of our committees: Content Finance Public Affairs

634 views • 17 slides
Reverse Engineering CS 166 Armen Boursalian 30 Apr 2018 Reverse Engineering Take a

Reverse Engineering CS 166 Armen Boursalian 30 Apr 2018 Reverse Engineering Take a

Reverse Engineering CS 166 Armen Boursalian 30 Apr 2018 Reverse Engineering Take a product, understand how it works Usually limited to certain aspects, not full systems Need to know a little bit about a lot of topics to gain

636 views • 11 slides
Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work

Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work

Reverse Engineering TCP/ IP Reverse Engineering TCP/ IP Steven Low EAS, Caltech Joint work with: Li J W Li, J. Wang, Pongsajapan, Tan, Tang, M. Wang P j T T M W Outline Background Layering as optimization decomposition L

932 views • 47 slides
Next-Generation Debuggers For Reverse Engineering For Reverse Engineering The ERESI team

Next-Generation Debuggers For Reverse Engineering For Reverse Engineering The ERESI team

Next-Generation Debuggers For Reverse Engineering For Reverse Engineering The ERESI team eresi@asgardlabs.org This presentation is about .. The Embedded ERESI debugger : e2dbg The Embedded ERESI tracer : etrace The ERESI reverse

849 views • 47 slides
CS 166: Information Security Reverse Engineering & Digital Rights Management Prof. Tom

CS 166: Information Security Reverse Engineering & Digital Rights Management Prof. Tom

CS 166: Information Security Reverse Engineering & Digital Rights Management Prof. Tom Austin San Jos State University SRE Software Reverse Engineering Also known as Reverse Code Engineering (RCE) Or simply reversing

1.04k views • 80 slides
Reverse Engineering MAC: A Non-Cooperative Game Model Jianwei Huang Information Engineering The

Reverse Engineering MAC: A Non-Cooperative Game Model Jianwei Huang Information Engineering The

Reverse Engineering MAC: A Non-Cooperative Game Model Jianwei Huang Information Engineering The Chinese University of Hong Kong Joint work with J.-W. Lee, A. Tang, M. Chiang and A. R. Canderbank J. Huang (CUHK) Reverse Engineering MAC Nov.

605 views • 38 slides
Reverse Engineering Closed, heterogeneous platforms and the defenders dilemma Looking back at

Reverse Engineering Closed, heterogeneous platforms and the defenders dilemma Looking back at

Reverse Engineering Closed, heterogeneous platforms and the defenders dilemma Looking back at the last 20 years of RE and looking ahead at the next few SSTIC 2018 -- Thomas Dullien (Halvar Flake) Progress in Reverse Engineering 2010

941 views • 64 slides
Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Lo Perrin

Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Lo Perrin

Cryptanalysis, Reverse-Engineering and Design of Symmetric Cryptographic Algorithms Lo Perrin SnT, University of Luxembourg April 25, 2017 PhD Defence Introduction On S-Box Reverse-Engineering On Lightweight Cryptography Conclusion

1.76k views • 137 slides
Understanding human speech recognition: Reverse-engineering the engineering solution using

Understanding human speech recognition: Reverse-engineering the engineering solution using

Cai Wingfield CSLB, Department of Psychology Workshop on Neurocomputation: From Brains to Machines University of Cambridge 25 November 2015 Understanding human speech recognition: Reverse-engineering the engineering solution using EMEG

196 views • 18 slides
Reverse Engineering CAPTCHAs Abram Hindle, Micheal W. Godfrey, Richard C. Holt Software

Reverse Engineering CAPTCHAs Abram Hindle, Micheal W. Godfrey, Richard C. Holt Software

Reverse Engineering CAPTCHAs WCRE 2008 Reverse Engineering CAPTCHAs Abram Hindle, Micheal W. Godfrey, Richard C. Holt Software Architecture Group David R. Cheriton School of Computer Science University of Waterloo Canada

726 views • 57 slides
Reverse engineering AT32UC3As JTAG Introduction Overview LSE Summer Week 2014 TAP

Reverse engineering AT32UC3As JTAG Introduction Overview LSE Summer Week 2014 TAP

Reverse engineering AT32UC3As JTAG Pierre Surply Reverse engineering AT32UC3As JTAG Introduction Overview LSE Summer Week 2014 TAP Controller Scan Chain Pierre Surply Boundary Scan UC3 JTAG EPITA 2016 Reverse engineering Jul

968 views • 72 slides
Reverse Engineering Dr. Vadim Zaytsev aka @grammarware UvA, MSc SE, 9 November 2015 Roadmap

Reverse Engineering Dr. Vadim Zaytsev aka @grammarware UvA, MSc SE, 9 November 2015 Roadmap

Reverse Engineering Dr. Vadim Zaytsev aka @grammarware UvA, MSc SE, 9 November 2015 Roadmap W44 Introduction V.Zaytsev W45 Metaprogramming J.Vinju W46 Reverse Engineering V.Zaytsev W47 Software Analytics M.Bruntink W48 Clone

751 views • 31 slides
Reverse Engineering DSP Code GameCube DSP Analyzing GCN DSP code Pierre Bourdon Conclusion

Reverse Engineering DSP Code GameCube DSP Analyzing GCN DSP code Pierre Bourdon Conclusion

Reverse Engineering DSP Code Pierre Bourdon Introduction DSP Reverse Engineering DSP Code GameCube DSP Analyzing GCN DSP code Pierre Bourdon Conclusion delroth@lse.epita.fr http://lse.epita.fr February 12, 2013 Context Reverse

856 views • 18 slides
Introduction .NET Reverse Engineering Eric DePree Introduction to .NET Programs written for

Introduction .NET Reverse Engineering Eric DePree Introduction to .NET Programs written for

Introduction .NET Reverse Engineering Eric DePree Introduction to .NET Programs written for .NET are easy to reverse engineer. This is not in any way a fault in the design of .NET; it is simply a reality of modern, intermediate-compiled

132 views • 10 slides
Explaining the Boom-Bust Cycle in the U.S. Housing Market: A Reverse-Engineering Approach

Explaining the Boom-Bust Cycle in the U.S. Housing Market: A Reverse-Engineering Approach

Overview Evidence Model Calibration Quantitative Results Reverse Engineered Shocks Conclusion Extras Explaining the Boom-Bust Cycle in the U.S. Housing Market: A Reverse-Engineering Approach Paolo Gelain Kevin J. Lansing Gisle J.

717 views • 50 slides
Reverse engineering using computational algebra Elena Dimitrova School of Mathematical and

Reverse engineering using computational algebra Elena Dimitrova School of Mathematical and

Reverse engineering using computational algebra Elena Dimitrova School of Mathematical and Statistical Sciences Clemson University http://edimit.people.clemson.edu/ Algebraic Biology E. Dimitrova (Clemson) Reverse engineering using

864 views • 57 slides
spin Static instrumentation for binary reverse-engineering David Guillen Fandos Tarragona

spin Static instrumentation for binary reverse-engineering David Guillen Fandos Tarragona

spin Static instrumentation for binary reverse-engineering David Guillen Fandos Tarragona Spain david@davidgf.net davidgf.net github.com/davidgfnet Reverse-engineering What are we talking about? Discover how a software program

261 views • 23 slides
Budget 20/21 and corporate priorities (2020 -2024) Adults and Wellbeing Scrutiny committee 13 th

Budget 20/21 and corporate priorities (2020 -2024) Adults and Wellbeing Scrutiny committee 13 th

Budget 20/21 and corporate priorities (2020 -2024) Adults and Wellbeing Scrutiny committee 13 th January 2020 Appendix 3 Corporate plan set out the ambitions of the council and the principle ways of working Key ambitions remain as stated in

486 views • 9 slides
2016/17 Local Government Finance Settlement Nicola Morton, Head of Local Government Finance

2016/17 Local Government Finance Settlement Nicola Morton, Head of Local Government Finance

2016/17 Local Government Finance Settlement Nicola Morton, Head of Local Government Finance South East of England Councils, 22 March 2016 www.local.gov.uk 2016/17 Local Government Finance Settlement - Headlines Core Spending Power will

332 views • 9 slides
ESSA School Level Reporting: What's Happening, What's Next, and Why You Should Care Federal

ESSA School Level Reporting: What's Happening, What's Next, and Why You Should Care Federal

ESSA School Level Reporting: What's Happening, What's Next, and Why You Should Care Federal Funding Conference March 2020 Every Student Succeeds Ev ery Student Succeeds Act Act Your our resp responsibil onsibility ity : Report

609 views • 41 slides
Reverse Engineering Feature Models. . . S. She, R. Lotufo, T. Berger, A. Wasowski, K. Czarnecki

Reverse Engineering Feature Models. . . S. She, R. Lotufo, T. Berger, A. Wasowski, K. Czarnecki

Reverse Engineering Feature Models. . . S. She, R. Lotufo, T. Berger, A. Wasowski, K. Czarnecki Generative Software Development Lab University of Waterloo . . International Conference on Software Engineering, Honolulu, Hawaii, USA.

330 views • 31 slides
SMT in reverse engineering, for dummies Carl Svensson September 4, 2016 SEC-T 2016 About me

SMT in reverse engineering, for dummies Carl Svensson September 4, 2016 SEC-T 2016 About me

SMT in reverse engineering, for dummies Carl Svensson September 4, 2016 SEC-T 2016 About me Carl Svensson, 25 MSc in Computer Science, KTH IT Security consultant, Bitsec AB CTF-player, HackingForSoju

487 views • 24 slides
Obfuscation Source: www.constructionknowledge.net Stealthy Opaque Predicates in Hardware | CHES

Obfuscation Source: www.constructionknowledge.net Stealthy Opaque Predicates in Hardware | CHES

Stealthy Opaque Predicates in Hardware - Obfuscating Constant Expressions at Negligible Overhead Max Hoffmann, Christof Paar Ruhr University Bochum, Horst-Grtz Institute for IT-Security, Germany CHES 2018 | Amsterdam 10.09.2018 Obfuscation

1.02k views • 53 slides
Reverse engineering: obfuscation Srdjan Matic < srdjan@security.di.unimi.it > Aristide

Reverse engineering: obfuscation Srdjan Matic < srdjan@security.di.unimi.it > Aristide

Universit` a degli Studi di Milano Facolt` a di Scienze e Tecnologie Dipartimento di Informatica Reverse engineering: obfuscation Srdjan Matic < srdjan@security.di.unimi.it > Aristide Fattori < joystick@security.di.unimi.it > A.A.

413 views • 9 slides

More recommend