Reverse Engineering
Reverse Engineering
Reverse engineering is the process of analyzing a piece of software or hardware in an attempt to gain a higher-level understanding of the system.
Reverse engineering of binary software can be accomplished in 3 manners:
Analysis through observation of information exchange (network analysis)
Automated decompilation using a decompiler (Hopper/Binary Ninja Medium Level IL)
Analysis through disassembled, machine-language mnemonics
For our purpose, we will be covering the latter - disassembling ELF binaries using GDB, Objdump, and Binary Ninja, and reading through each instruction in order to better understand the functionality of our target.
Static Analysis
Static analysis is the practice of analyzing a program (whether source code or raw machine-language) without executing the program. This section will be focused on walking you through several reverse engineering challenges solely using static analysis.
It is highly recommended that you attempt each level first. The best way to learn this material is by doing it yourself. Reading will only get you so far.
Level 1
Basic strings level.
Level 2
For loop to read in numbers
Either 1, 2, 3, 4 5, or 1, 2, 3, 5, 8
Level 3
Switch statement
Level 4
A loop with a function call that acts on a buffer.
Dynamic Analysis
Dynamic analysis is the practice of analyzing a program by executing the program and monitoring its run-time behavior.
Static vs. Dynamic Analysis
Static analysis and dynamic analysis are both useful in their own regard.
Run-time String Comparison
Simple exercise where the user analyzes an obfuscated string that is built during runtime and they are required to provide the result.
Last updated