Week 6: Reverse Engineering 1

Author: Nathan Farlow

Slides Required Files


Goal:

Learn about Reverse Engineering and tools used in this process


Topics Covered:

  • Reverse Engineering is the process of understanding a program's functionality and behavior
  • Disassemblers are programs that translate machine language into assembly language
  • Debuggers like gdb detect errors in computer programs
  • Binutils are programming tools for managing binary programs
  • Hardware reversing is the process of physically taking apart an engineered product

How to Run this meeting:

  • Send an email instructing people to install Ghidra or radare2 or Binary Ninja
  • Run through the slides
  • Give an example on how these tools are used as well as how binutils like strings, ltrace and strace are used
  • Instruct and help people to complete the first_re ctf challenge: (http://ctf.sigpwny.com/challenges#how2re)
  • Solve the challenge at the end of the meeting (on the projector)

Description:

Reverse Engineering is essential in understanding, debugging and cracking software as well as analyzing malware. To understand the process of reverse engineering, it is important to learn how to use tools like disassemblers, debuggers as well as some basic Unix commands and Misc Binutils like strings, ltrace and strace. This meeting will briefly introduce these tools.

It’s worth noting that all RE challenges are basically simple password checkers.

  • Hint for the ctf challenge: Try running the strings command to gain a better understanding of what the file is. Ltrace will also be useful in this challenge.