Self-Learning Reverse Engineering in 2022
Vložit
- čas přidán 31. 05. 2024
- There exist some awesome tools nowadays to accelerate your self-education for reverse engineering. godbolt and dogbolt are amazing to quickly learn basic assembly and reversing.
Compiler Explorer: godbolt.org/
Decompiler Explorer: dogbolt.org/
C code example: github.com/LiveOverflow/liveo...
Introducing Decompiler Explorer - binary.ninja/2022/07/13/intro...
00:00 - Intro
00:23 - Motivation
01:00 - How to c?
02:11 - godbolt Basic Usage
03:40 - Function Call on x64
04:30 - Intel vs ARM assembly
05:22 - godbolt Compiler Options
05:50 - Enable gcc O3 Compiler Optimization
06:35 - Decompiler Explorer dogbolt
07:16 - Comparing Decompiled main()
08:25 - Outro
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
Sometimes I'm streaming on Twitch: www.twitch.tv/liveoverflow
What kit do I need to purchase to practice Side Channel attacks if I don't want to spend hefty money on xilinx FPGAs?
Step 1: pick a target that is not written in C++ with Boost and Qt and built with O3+LTO...otherwise you will spend months reversing the
Lol we've all been there.
@@InfiniteQuest86 no we havent, noob
@@c0smo709 Lol! Nice one!
@@InfiniteQuest86 thanks bro appreciate it
@@c0smo709 what a nice and friendly interaction
C and especially C++ developers are actually using compiler explorer for _forward_ engineering. I.e. during development they try optimizations there and see what the compiler makes of it, before putting the best version in their code. It's an amazing tool Matt Godbolt brought into the world.
Oh absolutely
I hope he gets rich out of it, somehow.
@@SamirPatnaik well, not rich no. It's more of a hobby project that has grown out of bounds. But he's become pretty famous in the C++ community.
i mean you don't need that tool, you can do the same locally
Ew c++
The one thing to remember while learning reverse engineering is that there are a lot of things that you won't get when you try the first time and it's fine. You also have to have a lot of patience since the process of learning reverse engineering can be extremely frustrating and it can make you give up on 5 out of your 10 projects.
Always remember that theory will beat practice.
Have a goal in mind why you want to learn reverse engineering as that will give you a clear idea of the platform on which you will be working.
For example, I want to be a Vulnerbility Researcher and find 0 days on Windows so I would learn all the basics of reverse engineering simple programs on Windows, how to debug them, the tools necessary and I would read through ctf writeups and try stuff on my own. After clearing this up, I would try to increase my level and try malware analysis as it would give me clear understanding of software protections, debugging and understanding a program when almost nothing about the program is known. Then I can proceed to learn about different kinds of vulnerabilities and how they are found and so on.
This is me right now. I’m into malware dev. and most times i need to reverse Engineer the binary I’m writing to see how it’s been executed in memory but just can’t seem to wrap my head around the assembly codes
@@flirtyemy042 How you learn malware dev. it means what is your resources to learn this.
@@flirtyemy042 the best way to learn assembly is to write own programs and see what assembly code is generated in disassemblers or you might just try making a small project in assembly.
You can sort of cheat by just learning about the most commonly used assembly instructions.
@@Jonathan-ng4vw Check out Sektor7’s malware dev course for a start. It’s really good. You can then follow it up with the intermediate and then evasion courses
@@coder_rc I think I’ll check out the tools in the video. At least they’ll help highlight each instruction in assembly. Thanks
If one is interested in Reverse engineering themselves, I would highly recommend the book "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software". It can be found online using a bit of googling. I just finished a course with the name Reverse Engineering and Malware Analysis and there we used this book. This course was obviously heavily focused on how windows malware works and can be detected through different means, but reverse engineering was a big part of it.
A more abstract book would be Practical Reverse Engineering by Alexander Gazet and Bruce Dang. Especially if you don't want to go into malware analysis specifically.
Leaving comment for ref. Thanks to you both
Thx
Any link for the course?
Thanks.
Bookmark
Thanks for the great shout out! This is a great introduction to Compiler Explorer in general!
Your videos (in particular the binary exploitation playlist) have been a huge help in my cybersecurity career. Thank you very much ❤
I started learning assembly code and disassemblers a couple months ago, with the help of the book "Hacking The Art of Exploitation", really good book but the assembly part was really hard of me. I tried to follow on my computer but had many many issues, got frustrated and just let it go. A couple weeks ago I took it upon myself to read it again, and now I got it a little bit better. For some reason assembly is still challenging for me, but no matter how frustrated you get, take some time, breath, stop for a couple hours maybe days and then try to resume. Would have loved to have this video before. Amazing, thank you so much.
The best intro to assembly is from the book Practical Malware Analysis. Check out the Assembly crash course section
Maybe it's worth mentioning that the intermingled output of source code and assembly can also be achieved (and in fact this is for sure what happens in the background on that website) with objdump -S , if the binary was compiled with debugging enabled. So, even if you are somewhere without internet or don't want to share the code you are working on with whoever is running that website, you can still conveniently self-learn reverse engineering in 2022.
Perfect timing. I've been working my way through Practical Malware Analysis, this will be of great help! Thank you.
Thanks for the info about the decompiler collection. What a gift to the community!
Thank you so much. This simple overview was what i needed to look into reverse engineering. Assembly code doesn´t look that scary anymore!
+rep godbolt love, didnt know asm like 2 weeks ago, watched a few vids to briefly get a hang of what it does (alot easier than what i wouldve thought actually), then used godbolt to more understand what my code does at a lower level, its really nice being able to look at asm and be able to tell what it does, especially when u can hover over parts of asm and it highlights the code responsible for it! its been a real help. documentation helps alot to for checking out odd looking functions that ive never really seen before :D 10/10
This video is actually really, really good. Thank you!
I love you! Thank you so much, this helps a lot in learning how to get sharper and started! :)
Nice video, it helped me a lot.
Every hacking inquiry I have leads to a video made by you ❤. Keep up the great work.
Reversing is a way of life, and it takes time, but is very rewarding once you get the hang of it. Great video as always, sir.👌
Can you explain the rewards you have experienced
what do you learn this for? Bug bounty?
@@JoseAndCode being able to fully understand software at the lowest level. That enables you to come up with clever ways of using (or exploiting) the software. I'm explaining in the context of software, but, really, this applies to any system that you manage to reverse-engineer :)
@@TienNguyen-ky4dx There are a whole host of reasons why one might learn reversing. It might be for compatibility or interfacing purposes, for vulnerability research and/or exploit development, for software development (finding out how someone else implemented some or the other component or system and try to do it yourself while inferring from what they did), malware analysis, etc.
What are some good ways for a total beginner to get started? Ive seen some beginner videos but they all seem to intermediate levels and theres only a handful of them out there it seems
I am currently following along the binary exploitation series and these tools will really help me out, thanks for the video.
Loved background and editing
IT'S REALLY USEFULL... thankyou Febian...
Thanks a lot for providing this 💖
Thanks Liveoverflow!
We practiced reverse engineering by rewriting the simple basic utils like cat and tee from their asm dumps. That and also writing some assembly code is helpful
Great video man. Love the way u pronounce array.
I swear I asked myself this question today Morning & here you are with this video
Started with your binary exploitation playlist and now working in cyber security. Thank you LiveOverflow!
Same here, so greetful for the awesome content
whats your roadmap sir?
Subbed, this was very useful. :)
Nice video I was searching for that
OMG! godbolt and dogbolt are so beautiful and helpful! 🤯
Very nice! Thank you ❤️
Thanks for the video it was exciting.
Love your videos watching stream
this was interesting, didn't thought I would watch the whole thing through
15secs in and I'm already in agreement with your view of an abstract concept.
This is what i need for past couple of weeks 😂❤️
Thanks, really helped
Good content. Reverse engineering is how I got started; after taking classes on a language or doing YT tuorials of a certain framework, I'd clone a large GitHub repo to my desktop and toy around with it. See what I could add, see what made it break, read the errors after each save. That method was just as valuable, if not more so, than the classes themselves.
I was confused about the "language"
wow, thank you, it's amazing
Weird. Just what I was looking for and you posted it 🤔
weird. Same case here 🤔
Much love from the H1Emu team. (Reverse engineering H1Z1)
stumbled on this vid expecting wires n bits n even tho i hate assembly this is so cool
Exactly the video I needed
Great resource
Literally could not have come at a better time. I've been itching to dive into contributing to Metaforce (reverse engineering of Metroid Prime) and have been scratching my head not knowing how to get started
any forums or discord groups for such projects?
@@drygordspellweaver8761 nintendo 😮
I dont understand the functions calls on x86. In your printf it gets assembled to call printf but in mine it gets assembled to call puts. I use the same gcc version to compile so how can that happen?
Your videos are just amazing. It encourages me to learn more and more.
And you look a little like Christian Slater from Mr. Robot 😅
thank you so muuch
Compiler explorer is actually a really good tool. like if you get cursor to stuff you dont know what it means it will show description of what it is like cmp, rbp and so on. thanks btw didnt knew about this tol.
Thanks a lot.
Thank you for your efforts. Your channel is one of the best on CZcams.
Was
@@linuxinside6188 I am new in reverse engineering and for me, this channel gives a lot of information in a very basic way.
Thanks mahn
Thanks!
Thanks alot
Crazy channel I came across
Excellent
Awesome man
That's what heroes do
Can you please answer, how to get right tools for reversing. Because, i am newbie in this stuff. I found so many variants of gdb, i found radare2, that is a powerful framework but not without cons, i found ghidra and ida, and both of this gui tools great, and many more tools, including time travel deugging. It's blowing my mind, i can't choose between all of this, and have already spent so many time on googling all this programs. My goals is reverse engineering and binary exploitation, which stack of programs to choose ? Or how do i do it ? Help please..
amazing 👀
Very nice 👍 thanks ^_^
I don’t even know how to get started
Godbolt is great for just learning programing in general
OllyDbg and IDA is waving
Useful
I don't....feel like this helped. I mean maybe i'm getting something wrong here but i thought the goal was to be able to read and identify code and i learned how to read the assembly but i wouldn't understand what it could represent in the high-level code without the source-code anyways. Especially when the programm is more complex with many more functions calling each other... I don't know where to go from here. How do i interpret the stuff i see?
the title so dope
i love your videos specially the binary exploitation serie so can you do some videos about int overflow and int overlow to RCE
Checkout the PwnAdventure series. I believe it was the fire and ice challenge
Can I reverse engineer SASL DRM with this tutorial? I want to crack some add ons that has DRM built inside the content instead of outside of it..
Must say, the cover of your computer would make a great album cover.
Wow I did not know about dogbolt
purchases I made was soft soft. I knew it was my passion but I was just stuck because of trauma I couldn't deal with. Now that I'm at a
Hey! I know you're generally focusing on Reverse Engineering programming code, but I was wondering if you have any experience and or helpful tools on learning how to reverse engineer a file format? I've been working on somehting in my past-time but my best approach was just trying to write parsers for the files in question in Haskell (using Megaparsec), which doesn't lead to a quick analysis cycle having to rebuild the program, running it and either handling a huge print output or navigating bit by bit into the data structures to figure out what came out.
You can reverse the format by reversing part of software that reads/writes said format
Wait, so now we can use the HexRays decomplier without IDA pro?
Good
now my mind is blow up
My man looking more and more like Mr. Robot
I gotta throw my University-Assighment reference Implementation in there, to compare it to my solution, to prove mine is better xD
1st view 🤞Was waiting for this a long time…
I want to add that Chat GPT can also be an extremely useful resource for learning reverse engineering.
learning yourself is one of the best tools in the world of hacking
Cool
Great tech explain.
minor thing but there are some strikethroughs in the description
one of your chapters has a error it says "Enable gdb -O3 Compiler Optimization" i think you meant gcc
I know this is not a very informative comment but... this video is really good and unlike my comment, very informative.
Godbolt is cool unless you want to reverse Swift code into ARM64, then you're hooped. Got to do it using the Swift compiler
It's the Eckhart Tolle of RE
I was wondering how software cracking works. Could you do a video on the basic idea?
It's basically taking the binary itself and finding some opcode bytes to replace in order to make the software work without having a license for example. He has made a video on that topic if you want to see how it works czcams.com/video/LyNyf3UM9Yc/video.html
Nice fast video my friend hhhh
The dog one hurts my eyes 👀
I’m moving to Sweden
To be honest i am learning reverse engineering currently (self) and worried that i cannot become one. But this single video give me a boost . Lets see what will happen in future
Learn to code in C or similar
then move onto reversing. It's a process
@@nomms Thanks buddy
And do you have any supporting materials that i am unaware off. If so plz reply me I will be waiting for it
The motivation will be on and off. Give yourself time. Fundamentals like C, asm, os architecture are important... RE skills is a self learning subject.. you need to keep on practice, research and repeat.
@@fareedfauzi7915 Thanks pal
Can one learn c++ and then learn assembly for reverse engineering without having to learn c? I want to reverse engineer c++ apps
Ahhh memories... I used to just read the numbers, and I did know what was happening... No translation necessary.
What is the Music name?
reverse engineering looks kinda fun :)
Would still recommend Cheat Engine and, since it exists nowadays, Ghidra.
Expect to see Denuvo games as playground..
Push!
uncle, how to get started into cybersec?
I might be nitpicking, but at 2:04 you said a (local) variable, isn't it technically a const(ant) here? It's not a variable type where it can be changed by the program unless it's self modifying code ofcourse. Just learning the basics of C and was wondering if I got it right, so it threw me a bit off :D
I'm not exactly sure what you're getting at, but what makes you think this is a constant, as we don't really see the rest of the code? One way of thinking about constants in the context of C code might be a "const" variable, where the compiler /might/ optimize it so that the variable is essentially inlined (as in, for example a function call with the const value gets compiled without the variable on the stack, but rather compiled in as a constant to the function call). I'm not entierly sure how the C compiler handles it, but depending on the optimizations used non-const variables can also be optimized out (possibly not much differently than const variables). The volatile keyword in the example essentially prevents the compiler to apply such optimizations and (in this case) ensures the variable gets placed on the stack.
I don't see anywhere they're declared as 'const', only 'volatile' which actually tells the compiler that the value of this variable may change at any time, esp. without any action from any visible code, and as such it shouldn't attempt to apply optimizations.
@@StevenHay3 But the assembly doesn't show it as a variable tho 🤔
@@snoopiiii I think you're misinterpreting the assembly code. The line you're seeing is simply initializing the local variable with a constant value. You can also clearly see in the original C code that there isn't any constant, only variables with the "volatile" modifier applied in order to suppress compiler optimizations.
@@snoopiiii I'm going to be honest, I don't know nearly enough about assembly to answer :( I hope you figure it out, though!