Introduction to Reverse Engineering
Date: 2024-12-03
Difficulty: Beginner to Advanced
Delivered By: Harry Winchester
Overview
Getting programs to misbehave is the basis of offensive security (and malicious threats). Unfortunately, we don't typically have access to the source code of said programs. Thus: reverse engineering. This is the act of looking at a compiled program, and attempting to understand how it functions, as well as attempting to recreate something close to the original source code.
Once we know how a program functions, we move on to binary exploitation. This is the act of using carefully crafted inputs to cause a program to do something it wasn't intended to; the most basic of such attacks being a buffer overflow. We will be covering tools and techniques for both, as well as how to spot vulnerable code.
Prerequisites
Ideally install Ghidra before the session because most of the session will be using this software.
You can opt to use a Kali VM, in which case. The following script will install the necessary tools for this session, it can also be found at https://go.sucss.org/binexptools.
To install the tools, run the following commands in your terminal:
curl -sSL https://go.sucss.org/binexptoolsraw | tr -d "\r" | tee "install.sh" | sh
source ~/.zsh/path
Challenges
There are 2 sets of challenges for this session: