an introduction to reverse engineering
TRANSCRIPT
Meher Anand
VNIT-ACM Student Chapter
No pre-requisite knowledge is expected
Hardware Digital circuits are binary, they can understand
only 0 and 1 Modern day processors are made from transistors,
millions of them Work in time of the order of 10-9 seconds
Evolution of Prog. Lang. Machine language – consists of 0s and 1s only Very hard to read and debug Time consuming Low level language Platform dependent
Evolution of Prog. Lang. (contd) Assembly language – consists of mnemonics and
opcodes Ex:- MOV A,B Better readability but not sufficient Hard to debug but better than machine code Low level language Platform dependent
Evolution of Prog. Lang. (contd) High level languages – English-like constructs,
definitions, declarations. Easier to read, debug and maintain Ex- C++, C#, Basic, Java etc. Platform independent
Process of compilationPreprocessed
codePreprocessorSource Code
ParserParse Tree
Translator
Assembly AssemblerObject Code
LinkerExecutable
Code
Where does reversing fit in??? Executable files are in the form of binary machine code Machine code and assembly code are interchangeable as they
bear a one-to-one relationship Dis-assemblers are used to convert machine code into
assembly language
Our approach Take a disassembler – we will be using Olly Debugger Debug the code – process of executing instructions one by
one, following the line of flow (as the program would have done normally) while watching the values of the variables
Figure out ways to overcome the problem
A word of caution Legality issues Never reverse-engineer any software product which restricts
it in the End User License Agreement (EULA)
Resources Olly debugger, tutorials on reversing and other essential
tools available for download on http://acm.vnit.ac.in/ Register on V-Live for updates
DEMO