Meher Anand

VNIT-ACM Student Chapter

No pre-requisite knowledge is expected

Hardware Digital circuits are binary, they can understand

only 0 and 1 Modern day processors are made from transistors,

millions of them Work in time of the order of 10-9 seconds

Evolution of Prog. Lang. Machine language – consists of 0s and 1s only Very hard to read and debug Time consuming Low level language Platform dependent

Evolution of Prog. Lang. (contd) Assembly language – consists of mnemonics and

opcodes Ex:- MOV A,B Better readability but not sufficient Hard to debug but better than machine code Low level language Platform dependent

Evolution of Prog. Lang. (contd) High level languages – English-like constructs,

definitions, declarations. Easier to read, debug and maintain Ex- C++, C#, Basic, Java etc. Platform independent

Process of compilationPreprocessed

codePreprocessorSource Code

ParserParse Tree

Translator

Assembly AssemblerObject Code

LinkerExecutable

Code

Where does reversing fit in??? Executable files are in the form of binary machine code Machine code and assembly code are interchangeable as they

bear a one-to-one relationship Dis-assemblers are used to convert machine code into

assembly language

Our approach Take a disassembler – we will be using Olly Debugger Debug the code – process of executing instructions one by

one, following the line of flow (as the program would have done normally) while watching the values of the variables

Figure out ways to overcome the problem

A word of caution Legality issues Never reverse-engineer any software product which restricts

it in the End User License Agreement (EULA)

Resources Olly debugger, tutorials on reversing and other essential

tools available for download on http://acm.vnit.ac.in/ Register on V-Live for updates

DEMO