Who let you in here?!

Scott Percival

https://moral.net.au - @moralrecordings

Aims of reverse engineering

  • Gain an understanding of a system's inner workings
  • Extract information
  • Create or improve a new design
  • Make changes or extensions!

Poisonous myths to be stamped out

  • Reverse engineering is a competition
  • In order to start out...
    • you have to know everything about the target!
    • you have to know C!
    • you have to know assembly language!
    • you have to be a genius!
  • It only counts as true reverse engineering if...
    • no-one has ever researched this before
    • it looks sufficiently painful and complex

Categories of technique

  • Black box analysis: probe just the inputs and outputs of a system
  • Dynamic analysis: examine the internals and state of a system while executing
  • Static analysis: examine and annotate the internals of a system at rest

Have at least two of these approaches handy!

Reading mystery data


Hex editor

Shameless plug


Magic numbers

Lookup tables

Raw graphics

Raw audio

Histogram dump

Compression and encryption

Troubleshooting any problem


You only need 4 features!

  • Stepping (step over, step into, continue)
  • Breakpoints (add and remove)
  • View state (e.g. variables)
  • View current stack trace

The investigation formula

  • Reproduce the behaviour in a test environment
  • Establish the boundaries of the system
  • Observe for points of interest
  • Find an entry point close to a point of interest
  • Trace through to the exact moment it happens

Understanding any program



Second-last slide

  • Every reverse engineering skill has a progression
  • It is normal to start off knowing barely anything
  • Find an area of research that interests you
  • Write up your findings!


https://moral.net.au - @moralrecordings


Reverse Engineering is Good and also For Everyone