1
Reverse engineering
By : Yacine Hebbal
2
What is reverse engineering ?
Reverse engineering is the process of extracting the
knowledge or design blueprints from anything man-made.
3
What is reverse engineering ?
Reverse engineering can be practiced on: mechanical
devices, electronic components, or software programs, and we
will focus on reversing software programs
Reversing applications can be seen as "going backwards
through the development cycle.”
4
What is reverse engineering ?
compiling
decompiling
5
Where do we need it?It is used for
1-Evaluating the level of security that the application
provides
2-Analyzing and eventually defeat various copy protection
schemes (cracking)
3-Locating vulnerabilities in operating systems and other
software
4-Reversing Cryptographic Algorithms
5-Infecting application by viruses or to healing them from
the infection
6
Is it legal ?
It depends on why you are reversing software, it is legal for
education purposes and illegal for stealing password and
private information
7
Terminology
Patching : A technique of modification of a program.
Serial fishing : Finding the correct password for an
application.
Keygenning : Finding the algorithm that generate the
password of an application.
8
So how to do it ?
Software reverse engineering requires a combination of
skills & tools
So to do it we need:
- Tools
- Knowledge
- A working mind , curiosity & the desire to learn
9
So how to do it ?
Tools
1-disassemblers: are programs that let us get the
assembly code from any application such as
10
IDA PRO DISASSEMBLER
11
OLLY
12
So how to do it ?
Tools
2- Debuggers: they are programs that let us execute
assembly code and see the results of any instruction
IDA & Olly are also debuggers
13
So how to do it ?
Tools
3-Hex editors: they show the content of any file
(programs) in hexadecimal format, they allow us
to modify instructions or to get some information
(header information for ex)
Ex: hex workshop
14
HEX WORK SHOP
15
So how to do it ?
Tools
4- Other tools : We need also some other tools like :
- Peid
- ImpRec
- metasploit
- …
16
Let’s make hands dirty !!!!
17
1- Patching applications
Bypassing Authentication
18
2 - Password fishing
Static passwords
19
3 - Password fishing
Dynamic passwords
20
4 - Keygenning
Create keygen
21
Some defense methodes
To protect your application there is many defense methods such as:
Packers
Protectors
Encryption algoritms
…
22
Packers
they compress the application so the constant like text for
example will be changed, and they will be restored after the
execution of the application so we can’t see theme before the
execution
Ex : UPX , Morphine , Aspack , FSG …
23
Protectors
they are small programs fused with the application that
can detect the debugger or the disassembler so they won’t let
us reverse the application
Sometimes we can find a packer and protector in the same
time
EX : YodaEncrypt , ARMprotect …
24
Encryption
Also there are some other techniques like encrypting the
password by using hash functions like MD5, SHA-1 …
25
Buffer overflow vulnerability
Overview ….
26
Buffer overflow vulnerability
Exploitation
27
Links:
http://www.kromcrack.com/
http://tuts4you.com/
http://www.newbiecontest.org
28
Thank you
For you attention
Top Related