Reverse Engineering II

FA2021 Week 06

rev
symbolic execution
side channels
instruction counting
self-modifying code
vm obfuscation
pin
valgrind
angr

Meeting Summary

  • Reverse engineering is the process of understanding a program’s functionality and behavior
  • Symbolic analysis tools such as angr help determine what codepath is desired and how to reach that point
  • Self-modifying code exists as additional protections against reverse engineering
  • Side channel attacks, such as instruction counting, can be used to leak information or determine the current state of a program
  • Virtual machine obfuscation is a technique used to make reverse engineering more difficult by creating another layer of execution