Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reverse Engineering for CTFs

Published byEdith Laurent Modified over 5 years ago

Similar presentations

Presentation on theme: "Reverse Engineering for CTFs"— Presentation transcript:

1 Reverse Engineering for CTFs
Unit 2

2 Last lecture Went over basics of RE Touched on x86
Static analysis with Radare2

3 This lecture Homework Recap Emulation and virtualization with QEMU
Dynamic analysis with gdb and pwndbg Demo Homework

4 QEMU QEMU is a generic and open source machine emulator and virtualizer. Has full system emulation and virtualization technology, but for this class/homework we are interested in user-mode emulation. User-mode emulation: Run programs for another Linux/BSD target, on any supported architecture General Plan: Identify the correct architecture for the file. Google/man page/read the docs to find the correct qemu command to run your file. Install: (This will take a while!) git clone git://git.qemu.org/qemu.git cd qemu git submodule init git submodule update --recursive ./configure (May also need to run sudo apt install libpixman-1-dev) make

5 QEMU Example

6 pwndbg pwndbg is a GDB plug-in to improve debugging with GDB. Install:
git clone cd pwndbg ./setup.sh

7 pwndbg Commands: gdb fileToAnalysis - Start pwndbg
start - Sets a breakpoint at main and executes. c - continue execution b *Address - set a breakpoint at Address s n - Step n instructions n - next instruction. (Avoid stepping into interesting functions) set $reg = value - Set the register $reg equal to value. r2 - Opens Radare2

Download ppt "Reverse Engineering for CTFs"

Similar presentations

GDB/KGDB HARISH CHETTY. WHAT IS GDB/KGDB  GNU Project Debugger  Supports Windows & Linux  USES  Pass anything to the program  Break anywhere within.

GDB/KGDB HARISH CHETTY. WHAT IS GDB/KGDB  GNU Project Debugger  Supports Windows & Linux  USES  Pass anything to the program  Break anywhere within.
Presenter : Chien-Hung Chen Tsung-Cheng Lin Kuan-Fu Kuo 20090331 EICE team Open On-Chip Debugger Ch6. Design and Architecture.

Presenter : Chien-Hung Chen Tsung-Cheng Lin Kuan-Fu Kuo EICE team Open On-Chip Debugger Ch6. Design and Architecture.
DDD tutorial A GDB Graphical User Interface. DDD Introduction If you find GDB difficult to use, try DDD DDD s GDB but with a Graphical User Interface.

DDD tutorial A GDB Graphical User Interface. DDD Introduction If you find GDB difficult to use, try DDD DDD s GDB but with a Graphical User Interface.
KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor Fall 2014 Presented By: Probir Roy.

KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor Fall 2014 Presented By: Probir Roy.
Memory & Storage Architecture Seoul National University Computer Architecture “ Bomb Lab Hints” 2nd semester, 2014 Modified version : The original.

Memory & Storage Architecture Seoul National University Computer Architecture “ Bomb Lab Hints” 2nd semester, 2014 Modified version : The original.
Introduction Purpose Objectives Content Learning Time

Introduction Purpose Objectives Content Learning Time
Tanenbaum 8.3 See references

Tanenbaum 8.3 See references
Embedded Systems Principle of Debugger. Reference Materials kl.de/avr_projects/arm_projects/#winarmhttp://www.siwawi.arubi.uni-

Embedded Systems Principle of Debugger. Reference Materials kl.de/avr_projects/arm_projects/#winarmhttp://
Computer System Laboratory

Computer System Laboratory
Memory & Storage Architecture Seoul National University GDB commands Hyeon-gyu School of Computer Science and Engineering.

Memory & Storage Architecture Seoul National University GDB commands Hyeon-gyu School of Computer Science and Engineering.
CSN08101 Digital Forensics Lecture 1B: Essential Linux and Caine Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak.

CSN08101 Digital Forensics Lecture 1B: Essential Linux and Caine Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak.
SharePoint 2010 Development Environment A Guide to Setup SharePoint 2010 Development Environment on Windows 7 Machine.

SharePoint 2010 Development Environment A Guide to Setup SharePoint 2010 Development Environment on Windows 7 Machine.
LING 408/508: Programming for Linguists Lecture 3 August 31 st.

LING 408/508: Programming for Linguists Lecture 3 August 31 st.
Compiling & Debugging Quick tutorial. What is gcc? Gcc is the GNU Project C compiler A command-line program Gcc takes C source files as input Outputs.

Compiling & Debugging Quick tutorial. What is gcc? Gcc is the GNU Project C compiler A command-line program Gcc takes C source files as input Outputs.
Developing C/C++ applications with the Eclipse CDT David Gallardo.

Developing C/C++ applications with the Eclipse CDT David Gallardo.
VSPERF – Test and Performance Subgroup Demo 26/08/2015 Maryam Tahhan.

VSPERF – Test and Performance Subgroup Demo 26/08/2015 Maryam Tahhan.
QEMU Binary Translation Ashish Kaila (akaila) Maneet Singh (maneets) 1.

QEMU Binary Translation Ashish Kaila (akaila) Maneet Singh (maneets) 1.
Cygwin/GNU Tools. The GNU Development Tools … run in a UNIX shell emulation called Cygwin / home tuttle usr local x-arm x-m68k … opt NetOS Cygwin bash.

Cygwin/GNU Tools. The GNU Development Tools … run in a UNIX shell emulation called Cygwin / home tuttle usr local x-arm x-m68k … opt NetOS Cygwin bash.
Windows ® 2000 Debugging André Vachon Development Lead Windows Debuggers Microsoft Corporation.

Windows ® 2000 Debugging André Vachon Development Lead Windows Debuggers Microsoft Corporation.
Windows Azure Fundamentals Services Storage. Table of contents Overview Cloud service basics Managing cloud services Cloud storage basics Table storage.

Windows Azure Fundamentals Services Storage. Table of contents Overview Cloud service basics Managing cloud services Cloud storage basics Table storage.

Similar presentations

Ads by Google