DOCSLIB.ORG

Lecture 1: Introduction to Reverse Engineering

Lecture 1: Introduction to Reverse Engineering

Boston, 2001 Table of Contents Table of Contents Table of Contents............................................................................................. 2 1. Introduction................................................................................................. 5 1.1 About the Course and Notes ............................................................................ 5 1.2 Definitions...................................................................................................... 5 1.3 Typical Examples ............................................................................................ 6 1.3.1 Hacking ................................................................................................... 7 1.3.2 Hiding Information from Public .................................................................. 7 1.3.3 Cell Phones ............................................................................................ 10 1.3.4 Computer Applications ............................................................................ 10 1.4 Requirements............................................................................................... 12 1.5 Scope .......................................................................................................... 13 1.6 Ethics .......................................................................................................... 13 1.7 Miscellaneous Information ............................................................................. 14 2. Programming Processors ........................................................................... 16 2.1 Programming Languages............................................................................... 16 2.2 Processor Arithmetic ..................................................................................... 18 2.3 Memory Structure ......................................................................................... 22 2.3.1 Variables................................................................................................ 23 2.3.2 Unicode Strings ...................................................................................... 24 2.3.3 Pointers ................................................................................................. 24 3. Windows Anatomy ..................................................................................... 26 3.1 Windows API................................................................................................ 26 3.2 File System .................................................................................................. 27 3.3 File Anatomy ................................................................................................ 28 3.3.1 File Header............................................................................................. 29 3.3.2 Into PE Format ....................................................................................... 31 3.3.3 The PE Header ....................................................................................... 34 3.3.4 Section Table ......................................................................................... 43 3.3.5 Commonly Encountered Sections ............................................................. 51 3.3.6 PE File Imports....................................................................................... 59 2 Table of Contents 3.3.7 PE File Exports ....................................................................................... 62 4. Basic Concepts of Assembly....................................................................... 67 4.1 Registers...................................................................................................... 67 4.2 Flag............................................................................................................. 70 4.3 Memory ....................................................................................................... 71 4.4 Stacks.......................................................................................................... 73 4.5 Interrupts .................................................................................................... 74 5. Assembly Commands ................................................................................. 76 5.1 CMP: Compare Two Operands ....................................................................... 76 5.1.1 Description............................................................................................. 76 5.1.2 Operation............................................................................................... 76 5.1.3 Opcode Instruction Description ................................................................ 77 5.2 J cc: Jump if Condition Is Met ........................................................................ 77 5.2.1 Description............................................................................................. 77 5.2.2 Operation............................................................................................... 79 5.2.3 Opcode Instruction Description ................................................................ 79 5.3 PUSH: Push Word or Doubleword Onto the Stack ............................................ 81 5.3.1 Description............................................................................................. 81 5.3.2 Operation............................................................................................... 82 5.3.3 Opcode Instruction Description ................................................................ 83 5.4 POP: Pop a Value from the Stack ................................................................... 84 5.4.1 Description............................................................................................. 84 5.4.2 Operation............................................................................................... 85 5.4.3 Opcode Instruction Description ................................................................ 88 5.5 AND: Logical AND......................................................................................... 88 5.5.1 Description............................................................................................. 88 5.5.2 Operation and Example ........................................................................... 88 5.5.3 Opcode Instruction Description ................................................................ 89 5.6 NOT: One's Complement Negation ................................................................. 90 5.6.1 Description............................................................................................. 90 5.6.2 Operation and Example ........................................................................... 90 5.6.3 Opcode Instruction Description ................................................................ 90 3 Table of Contents 5.7 OR: Logical Inclusive OR ............................................................................... 91 5.7.1 Description............................................................................................. 91 5.7.2 Operation and Example ........................................................................... 91 5.7.3 Opcode Instruction Description ................................................................ 92 5.8 XOR: Logical Exclusive OR ............................................................................. 92 5.8.1 Description............................................................................................. 92 5.8.2 Operation and Example ........................................................................... 92 5.8.3 Opcode Instruction Description ................................................................ 93 5.9 Other instructions ......................................................................................... 94 5.9.1 CALL: Call Procedure............................................................................... 94 5.9.2 ADD: Add............................................................................................... 99 5.9.3 SUB: Subtract......................................................................................... 99 5.9.4 MUL: Unsigned Multiply........................................................................... 99 5.9.5 DIV: Unsigned Divide ............................................................................ 100 5.9.6 MOV: Move .......................................................................................... 100 6. SoftIce for Windows ................................................................................ 103 6.1 Installing SoftIce ........................................................................................ 103 6.2 Configuring SoftIce ..................................................................................... 105 6.2.1 Resizing Panels..................................................................................... 105 6.2.2 Panels.................................................................................................. 106 6.2.3 Other Useful Settings ............................................................................ 107 6.2.4 SoftIce Window .................................................................................... 107 6.2.5 Symbols............................................................................................... 108 6.3 Breakpoints...............................................................................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    119 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us