Presentation is loading. Please wait.

Presentation is loading. Please wait.

Reversing an Executable

Published byShinta Hartanto Modified over 5 years ago

Similar presentations

Presentation on theme: "Reversing an Executable"— Presentation transcript:

1 Reversing an Executable
Ones and Zeros are hard to read, right? (… Actually, yes)

2 What even is a Binary? Technically, it’s a bunch of bits (ones and zeros) BUT EVERYTHING ON COMPUTERS IS BINARY?!?!1!ONE?!? For us: a compiled program.

3 Disassembly? Machine language
Tools: radare2, GDB, IDApro (super fancy) I am not an expert with these tools.

4 Wait, there has to be an Easier way…
Strings! Strings <filename> will print out all strings in the passed file. Can use on binaries too! Hardcoded passwords == BAD This is a good starting point

5 Reverse Engineering a Binary
Analyzing machine language to interpret what the program does. Commands for radare2: r2 <Executable name> aa – Analyze all symbols afl – List all functions <function name> - Print Disassembled Function

6 Commands: Continued Useful gdb commands:
gdb <executable> - Opens gdb on the specified file. break <function name/ *address> - sets a breakpoint info registers – displays the contents of the registers set $addr val – sets the value at $addr to val disassemble <function name> For more fun things, see instructions.txt!

7 Can you Solve ‘em? Go to our Dawgden page. Go to Documents
Intro_To_Reversing c1.txt and c2.txt are both binary executables. Try breaking them! Hint for c1: It’s a good starting point Hint for c2: You don’t even need to guess a password. . .

Download ppt "Reversing an Executable"

Similar presentations

Utilizing the GDB debugger to analyze programs Background and application.

Utilizing the GDB debugger to analyze programs Background and application.
Assembly 01. Outline Binary vs. Text Files Compiler vs. Assembler Mnemonic Assembly Process Development Process Debugging Example 1 this analogy will.

Assembly 01. Outline Binary vs. Text Files Compiler vs. Assembler Mnemonic Assembly Process Development Process Debugging Example 1 this analogy will.
Debugging What can debuggers do? Run programs Make the program stops on specified places or on specified conditions Give information about current variables’

Debugging What can debuggers do? Run programs Make the program stops on specified places or on specified conditions Give information about current variables’
Creating a Program In today’s lesson we will look at: what programming is different types of programs how we create a program installing an IDE to get.

Creating a Program In today’s lesson we will look at: what programming is different types of programs how we create a program installing an IDE to get.
COE 205 - 3 Computer Organization & Assembly Language Introduction HLL vs. Assembly Programming Languages.

COE Computer Organization & Assembly Language Introduction HLL vs. Assembly Programming Languages.
Computing Components 01/26/11. Announcements & Reminders Programs 1 due Friday, 9/2/11 What is my late policy? Proxy Codes for Labs  You should be able.

Computing Components 01/26/11. Announcements & Reminders Programs 1 due Friday, 9/2/11 What is my late policy? Proxy Codes for Labs  You should be able.
Memory & Storage Architecture Seoul National University Computer Architecture “ Bomb Lab Hints” 2nd semester, 2014 Modified version : The original.

Memory & Storage Architecture Seoul National University Computer Architecture “ Bomb Lab Hints” 2nd semester, 2014 Modified version : The original.
Homework Reading –Finish K&R Chapter 1 (if not done yet) –Start K&R Chapter 2 for next time. Programming Assignments –DON’T USE and string library functions,

Homework Reading –Finish K&R Chapter 1 (if not done yet) –Start K&R Chapter 2 for next time. Programming Assignments –DON’T USE and string library functions,
PYTHON: LESSON 1 Catherine and Annie. WHAT IS PYTHON ANYWAY?  Python is a programming language.  But what’s a programming language?  It’s a language.

PYTHON: LESSON 1 Catherine and Annie. WHAT IS PYTHON ANYWAY?  Python is a programming language.  But what’s a programming language?  It’s a language.
Computer Science 210 Computer Organization The Instruction Execution Cycle.

Computer Science 210 Computer Organization The Instruction Execution Cycle.
Homework Reading Programming Assignments

Homework Reading Programming Assignments
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
Memory & Storage Architecture Seoul National University GDB commands Hyeon-gyu School of Computer Science and Engineering.

Memory & Storage Architecture Seoul National University GDB commands Hyeon-gyu School of Computer Science and Engineering.
CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.

CAP6135: Malware and Software Vulnerability Analysis Buffer Overflow : Example of Using GDB to Check Stack Memory Cliff Zou Spring 2011.
Compiling & Debugging Quick tutorial. What is gcc? Gcc is the GNU Project C compiler A command-line program Gcc takes C source files as input Outputs.

Compiling & Debugging Quick tutorial. What is gcc? Gcc is the GNU Project C compiler A command-line program Gcc takes C source files as input Outputs.
Goals: To gain an understanding of assembly To get your hands dirty in GDB.

Goals: To gain an understanding of assembly To get your hands dirty in GDB.
EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.

EECS 354 Network Security Reverse Engineering. Introduction Preventing Reverse Engineering Reversing High Level Languages Reversing an ELF Executable.
Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Introduction to InfoSec – Recitation 2 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)
CSE 351 GDB Introduction. Lab 1 Status? How is Lab 1 going? I’ll be available at the end of class to answer questions There are office hours later today.

CSE 351 GDB Introduction. Lab 1 Status? How is Lab 1 going? I’ll be available at the end of class to answer questions There are office hours later today.
Debugging 15-441 Computer Networks Sep. 26, 2007 Seunghwan Hong.

Debugging Computer Networks Sep. 26, 2007 Seunghwan Hong.

Similar presentations

Ads by Google