Who let you in here?!
https://moral.net.au - @moralrecordings
Aims of reverse engineering
- Gain an understanding of a system's inner workings
- Extract information
- Create or improve a new design
- Make changes or extensions!
Poisonous myths to be stamped out
- Reverse engineering is a competition
- In order to start out...
- you have to know everything about the target!
- you have to know C!
- you have to know assembly language!
- you have to be a genius!
- It only counts as true reverse engineering if...
- no-one has ever researched this before
- it looks sufficiently painful and complex
Categories of technique
- Black box analysis: probe just the inputs and outputs of a system
- Dynamic analysis: examine the internals and state of a system while executing
- Static analysis: examine and annotate the internals of a system at rest
Have at least two of these approaches handy!
Reading mystery data
Compression and encryption
Troubleshooting any problem
You only need 4 features!
- Stepping (step over, step into, continue)
- Breakpoints (add and remove)
- View state (e.g. variables)
- View current stack trace
The investigation formula
- Reproduce the behaviour in a test environment
- Establish the boundaries of the system
- Observe for points of interest
- Find an entry point close to a point of interest
- Trace through to the exact moment it happens
Understanding any program
- Every reverse engineering skill has a progression
- It is normal to start off knowing barely anything
- Find an area of research that interests you
- Write up your findings!
Reverse Engineering is Good and also For Everyone