What is Reverse Engineering?
It’s a decompilation of an application so we learn how it work, find the bug or modify it.
Software developer use it for exploit their software weaknesses and strengthen its defenses.
Hackers use it to expose security holes and take advantages of it.
Breaking something down and putting it back together is a process that helps people understand how things were made. Reverse engineering is a way for us to understand how things were designed, how it works, and what its purpose is. In effect, the information is used to redesign and improve for better performance and cost. It can even help fix defects.
In order to understand how it work, at least you have to know a basic knowledge in Assembly Language and Debugging Tools. Regardless what programming language that was used to make the application, at the end it has to be compiled into a machine code before it can run on the computer. Because computer only know machine code.
And to understand the machine code, once again you need to know Assembly Language.
If you want to learn more about reverse engineering, I suggest you to start with small program in c, debug it and observe how it work. Why c? Because c is close to Assembly. If you are not familiar with Assembly and Gdb, I wrote some articles about it also, so you can read it as reference.
One more thing, since in this tutorial I use Vim as hexadecimal editor, you have to know basic knowledge about Vim also. Vim is a text editor but it has a capability to convert a program to hexadecimal and edit the content.
Let’s start.
In this tutorial, I use:
-Xubuntu 18.04
-GNU gdb 8.1.1
-gcc version 7.5.0
-vim version 8.0.1453
Below, is the simple code that we will use for the practice. It’s written in c language. We will use gcc as the compiler.
The program is very simple, the process are:
-Display message ‘Enter your password’
-Check the input password.
-If it is equal, display ‘Access Granted’.
-If it is not equal, display ‘Wrong passwod’.
-then exit
#include<stdio.h>
#include<string.h>
void granted();
int main()
{
char password[16];
printf("Enter your password: ");
gets(password);
if (strcmp(password,"passwordkey"))
{
printf("\nWrong password!\n");
}
else
{
granted();
}
}
void granted()
{
printf("\nAccess granted!\n");
return;
}
What we will do to the program is we change the sequence.
→ Any input for password that is not equal, display ‘Access Granted’.
Taufan Lubis - Ubuntu Linux 