A Deep Dive into Code ( An Intro to Reverse Engineering)
Submitted by Siddharth Muralee (@tr3x) on Sunday, 27 November 2016
Reverse Engineering is the process of taking a program’s binary, analyzing its functions and information flow to figure out what the program is meant to do. The usual reasons to reverse engineer a piece of software are to recreate the program, to build something similar to it, to exploit its vulnerabilities and strengthen its defenses.
Learning how to reverse engineer a software is a skill that would benefit a programmer in a variety of ways. Being able to understand how a software works, by peeling down its layers to understand in a better manner what makes it tick. We will be reaching deep down into the code to figure out its mysteries. This session will also include an introduction to Capture the Flag competitions(CTFs), Assembly language, Memory management and The GNU Debugger.
Why Reverse Engineering is important for a programmer(Is it Relevant for a FOSS enthusiast)?
Reverse Engineering is definitely a great skill for a programmer as it gives a proper understanding of the inner workings of a software. This helps in debugging the code, finding bugs and optimize the code in a better manner. The ability to look into the code of any Software at any point of time is definitely a plus point for a programmer, especially a FOSS enthusiast.
Who all use the skill of reverse engineering?
Reverse engineering can be used to find weak points of a program also called vulnerabilities which they can exploit. Computer security experts of an organization use reverse engineering to locate vulnerabilities with the intention to strengthen the defenses there. Software companies with competing products reverse engineer their competitors’ programs to find out where and how improvements can be made on their own products. Some companies use reverse engineering when they don’t have similar products yet, to create products of their own. Those who intend to build their own products based on an existing one often prefer reverse engineering, over creating from scratch because once the parts and the dependencies are identified, the process of reconstructing tends to be much easier.
Why would anyone waste time understanding Assembly language and Debugging is that really necessary?
Albeit it being the toughest and the a very basic language, it can be used to understand the source code of softwares with an additional advantage of being able to find out bugs and errors in the programs that a person writes. The GNU debugger can be used to set breakpoints while a program execution is done, meaning you can really stop a program while running, view what all is happening and resume it whenever you want. And hence it will be very useful for the newbies when they start contributing to a project.
What are Capture the Flag competitions?
Capture the Flag competitions or CTFs as they are better known is a special kind of information security competition which has attracted huge attention world wide. Security is known to be a field with 0% unemployment and its importance increasing day by day as more of the world becomes digitalized.
The Session will be in four parts
1. A basic introduction about Assembly Language,GNU Debugger and CTFs. 2. Debugging and finding errors in small C and C++ programs. 3. Live demo of reversing a small password protected 32-bit Linux executable. 4. Participants can try their hand at reversing a simple math based 32-bit Linux executable.
Participants should bring their laptops with any Linux Os installed.
I am currently pursuing a B.Tech in Computer Science at Amrita School of Engineering , Amritapuri.
I am a Foss and Security Enthusiast, mainly into Reverse Engineering, Binary Exploitation and Cryptography.
I am a member of team Bi0s. We are currently the top CTF team in India ahead of IITs, NITs and BITS. Currently ranked 65th in the world by ratings given by CTFtime.org.