Reverse engineering tools on Ubuntu

[malef!c]

Many moons ago, I used to be into reverse engineering using a multitude of Windows based tools which, alas, don't work on Linux.

I now have a bit of spare time and would like to have a play again but after switching from Windows to Linux a few months ago I have hit a wall in finding apps to use.

I have had a Google and have come up with a few apps here and there but wondered if anyone had any recommendations on anything I can look at?

Cheers

 

[tntcoder]

I'm assuming you want to reverse engineer Linux apps on Ubuntu right? If you want to do windows apps, then use a VM and use the windows tools.

Linux tool set:

Debuggers: GNU Debugger (GDB) or Immunity Debugger (IDA Pro)
Disassemblers: objdump or LIDA
Hex Editors: GHex or wxHexEditor
Misc tools: Valgrind for memory analysis

There's lots of choice for tools, but the above are perfectly adequate for working with ELF binaries, shared libraries etc

 

[malef!c]

Thanks for that - I have been playing with ghex2 so at least I was in the right ball park!
Will go and have a look at the tools you mention, see if I can blow the dust off what little I can remember!

 

[tntcoder]

Thanks for that - I have been playing with ghex2 so at least I was in the right ball park!
Will go and have a look at the tools you mention, see if I can blow the dust off what little I can remember!

Yer GHex2 is very handy for the common tasks, some of the other tools may take a bit of practice to get the hang of as it's quite a change from the Windows methods but the underlying theory is obviously the same so it should click eventually.

Some other stuff that may be useful to you:

- Book segment on Linux Reversing, very good and worth a read.

- Crackmes - Search under unix/linux platform. These are great reverse engineering challenges and often have tutorials accompanying them.

- One very detailed walk-through of a Linux reverse engineer / crack me.

- The ELF File Format