Reverse Engineering

Haydz

Haydz

Haydz

Associate
Joined
14 Jan 2009
Posts
679
Location
Manchester
I've had a look around the forums and there doesn't seem to be any issue's regarding discussion of such a topic.

I'm just wondering if any of you people here have any knowledge on the subject, or any particular interest. I find it quite fascinating to be honest, not really on the whole idea of cracking/reversing/making key generators, just the whole idea of understanding what's going on at such a low level (in terms of the CPU).

I suppose my fascination is more with assembly itself than actually reversing and I suppose if you know/are advanced in assembly, your half way there, considering you can understand exactly what is going on and manipulate the instructions to do what you wish.

Basically, does anyone have a particular found interest in this and/or any knowledge? I've found quite a lot of handy resources and I'm just wondering if the benefit of learning assembly and then applying that to reverse engineering, is substantial enough to prevent me jumping right in with reversing?
 
Every so often I dabble in a bit of reversing. I only really understand the basics of assembly but it's pretty good fun.

IDA Pro is well recommended. Being able to graph functions and rename sub-routines/variables to English makes life much easier to work out what's going on :).
 
:) I've done quite a bit in the past, as you say it's very interesting (purely for educational purposes...) and also very challenging.

The site crackmes.de is very good, basically people make sample programs and you have to reverse the key generation algorithm (it's all legit) and submit solutions. Very good way of learning.

I think it's good idea to at least have a good grasp of assembly before you get heavily involved, but either way you will soon pick it up and be constantly learning during the process. Give it a shot, and see how you get on. If you get stuck hit the assembly books for a bit before returning.

Reversing: Secrets of Reverse Engineering by Eldad Eilam is also a very good book worth checking out, as is Assembly Language for Intel-Based Computers (International Edition) by Kip R. Irvine.

Just stay on the right side of the legal system :)
 
Yeah, I've gathered a list of websites that are heavy influenced by reverse engineering (tuts4you.com) for example, also features things like Crack & Reverse Me like programs to aid the community in learning.

Also gathering some "base" knowledge, by just briefly reading pages on Wikipedia. A friend linked me to what he believes are the "best" publicly available reverse engineering tutorials to date. The way they are delivered is rather annoying though - Lena's Reversing For Newbies. Website seems to be down unfortunately.

Will register at crackmes.de and unleash my godly knowledge upon them - (Yeah, Right), I will sign up though :p
I intend to find out what exactly constitutes as being illegal/legal, I know the concept of it is frowned upon yet I can't find anything that concludes it to be illegal in itself.
 
Last edited:
Reverse engineering is more breach of contract rather than illegal in a criminal sense. Usually the EULA has a clause about not attempting to reverse engineer the application.
I've done my fair share of reverse engineering - legally - usually at the source code level when someone couldn't be bothered to document the design.. I used to be able to read binary hex for the 65C02 and ARM series of CPUs as if I was reading english.

The process is simple because every computer starts with the first instruction.. Even runtime interpreters start at a first instruction. Usually the design of application is pretty linear (as a human designed it) and compilers 'optimisation' often leaves the structure of the original program very much in tact - a bit like reading german (assembler) instead of english (source code)..
 
tntcoder said:
Reversing: Secrets of Reverse Engineering by Eldad Eilam is also a very good book worth checking out,
Click to expand...

If you're serious about getting started then this book is definitely worth purchasing.

As has been said IDA Pro is IMHO the best tool out there. But you can get started with just gdb. Try something basic like this C program


Code: 
#include<stdio.h>

int main(){
printf("Hello World\n");
}

Save it as helloworld.c then compile it with:

gcc -g helloworld.c

that'll generate a.out which the executable, run it with ./a.out

To get started with gdb do:
gdb a.out

That'll start you in the debugger. To see the machine code for the main function it's as easy as doing
disass main

You should get something like this:

(gdb) disass main
Dump of assembler code for function main:
0x080483e4 <main+0>: push %ebp
0x080483e5 <main+1>: mov %esp,%ebp
0x080483e7 <main+3>: and $0xfffffff0,%esp
0x080483ea <main+6>: sub $0x10,%esp
0x080483ed <main+9>: movl $0x80484c0,(%esp)
0x080483f4 <main+16>: call 0x8048318 <puts@plt>
0x080483f9 <main+21>: leave
0x080483fa <main+22>: ret
End of assembler dump.

So you can start to see what's going on here. And it's where tntcoder's advise of getting to grips with Assembly comes into it. This is all pretty standard stuff, so you can see the base pointer being pushed to the stack and later the call function that will print hello world to the standard out (the call line). Obviously this is a pretty trivial example and it gets A LOT more complex with real world applications.
 
Yeah, I do know bits of C# and C++, and I am currently going through a tutorial which fills the "gap" of knowledge needed in assembly before considering reversing.

I also have used IDA Pro + Hex-Rays plugin previously, the one that allows you to dump out Assembly into rather, choppy c++ code, it does help me understand it more though but I want to be able to understand the actual Assembly itself. I will definitely take a look at the Secrets of reversing book as mentioned previously.

Side note: Reversed/Cracked my first piece of software earlier :D, WorldTV 7.1. Wasn't exactly hard. But a website had it listed as easy software to crack for beginners, so I thought, why not :p
 
You must log in or register to reply here.
Back
Top Bottom