SlideShare a Scribd company logo

Reverse Engineering: Protecting and Breaking the Software (Workshop)

Download as PPTX, PDF
Satria Ady Pradana
Satria Ady Pradana

Workshop on Let's Secure Your Code Universitas Muhammadiyah Surakarta Surakarta, 2017-05-02 This workshop is a small introductory to Reverse Engineering, with C# and CIL as focus. The crackme: https://pastebin.com/AS8NEtLc The challenge: https://pastebin.com/Tb0MutfK

Technology
1 of 26
Reverse Engineering Protecting and Breaking the Software WORKSHOP Satria Ady Pradana https://xathrya.id Reversing.ID Revealing the Truth through Breaking Things
# Whoami?  Cyber Security Consultant at Mitra Integrasi Informatika (MII)  Researcher at dracOs Dev Team  Coordinator of Reversing.ID  Member of Indonesia Honeynet Project
Overview  Engage in practical basic reverse engineering activity  Three basic reverse engineering principle.  Common reversing technique
Review the Reversing What, Why, and How?
The Term  Originally used in the context of mechanical engineering  Breaks down an existing object or system to its construction and then rebuild it based on new demand.  Extracting knowledge or design information from anything man- mad and reproducing it or reproduce anything based on the extracted information.
Fundamental Principle  Comprehension  Gain knowledge of basic principle or mechanics of object, the behavior, and knowledge that might related to subject.  Decomposition  Breaking down the system into its structure and gain insight about inherent structure and properties of the component that make the system.  Reconstruction  Reform or reconstruct the components based on need.
Common Practice  Resource Modification (Modding)  Modify the application resource.  Control Flow Bypass  Alter program flow, force the execution to takes or jump over the intended action.  Code Caving  Writing code to specific region of process.
The Language  Various programming language exists with unique and distinctive characteristic.  Typically, divided into two classes of programming language: native, interpreted.  Native: C, C++, Pascal, Rust, Assembly.  Interpreted: Python, Ruby, Java, .NET
The Executable Format  Application has a format.  Identify by magic number.  Structured and has some sections for data, code, resource, etc.  Function might be provided by foreign module (ex: DLL), list of imported function is maintained.
Common Tools  Hex Editor  Disassembler  Debugger  Resource Editor
Our Tools  Radare2  Mono
Our Target  CrackMe.cs  Challenge.cs  Compile them  mcs CrackMe.cs
Dwelling to the New Language  Learning one programming language might speed up learning curve for learning other programming language.  The basic programming syntax you need to know:  Basic type declaration  Control Flow:  Decision (if, switch, etc)  Loop (for, while, etc)  Function  The rest is about language charactestic.
C#  Managed code, interpreted  Run on top of .NET framework  Translated into “bytecode” or some kind of “assembly”  The language is called Common Interpreted Language (CIL)  The interpreter is called Common Language Runtime (CLR)  Very similar to its high level code.
Operations to Know in “Assembly”  Assignment  Load/Store data  Branching (Jump & Call)  Arithmetic  Logical  Language specific feature
Hands On: CrackMe in C#
Task 1: Get Binary Information  $ file CrackMe.exe  $ rabin2 –I CrackMe.exe
Task 2: Disassembler and Assembler the Code  $ monodis CrackMe.exe --output=CrackMe.cil  $ ilasm /exe /output:CrackMe2.exe CrackMe.cil
Task 3: Modify Resource (String)  Disassemble the file  Search for header string, such as “Personalize Crackme for Satria”  Change to exclusive for you, such as “Personalize Crackme for Ady”  Assemble the file
Task 4: Get the Right Password  We are asked for password.  Grab it.  It is hardcoded so you may need to scroll the code.
Task 5: Bypass the Jump  Something happen, our code is stopped. Jump to the next stage, please.  There is a mechanism that checking the condition. See the return value of stage1() and see the required value.
Task 6: Change Target Function  We got the wrong destination, let see if we are able to change it.  Currently we are calling a function stage3() while the function we want is stage3_true()  Change the code to the respective intention.
Task 7: Inject Custom Code  Mayday!  We need code!  Write it by yourself.  The last stage require specific value assigned to access the function. We can create a function to change this value and call it before calling the function.
Challenge

Recommended

Reverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareReverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the Software
Satria Ady Pradana
 
(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the Software(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
Reverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the SoftwareReverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
Malware for Red Team
Malware for Red TeamMalware for Red Team
Malware for Red Team
Satria Ady Pradana
 
Silabus Training Reverse Engineering
Silabus Training Reverse EngineeringSilabus Training Reverse Engineering
Silabus Training Reverse Engineering
Satria Ady Pradana
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
Satria Ady Pradana
 
Go Hack Yourself - 10 Pen Test Tactics for Blue Teamers
Go Hack Yourself - 10 Pen Test Tactics for Blue TeamersGo Hack Yourself - 10 Pen Test Tactics for Blue Teamers
Go Hack Yourself - 10 Pen Test Tactics for Blue Teamers
jasonjfrank
 
Student Spring 2021
Student Spring 2021Student Spring 2021
Student Spring 2021
Denis Zakharov
 

Recommended

Reverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the SoftwareReverse Engineering: Protecting and Breaking the Software
Reverse Engineering: Protecting and Breaking the Software
Satria Ady Pradana
 
(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the Software(Workshop) Reverse Engineering - Protecting and Breaking the Software
(Workshop) Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
Reverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the SoftwareReverse Engineering - Protecting and Breaking the Software
Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
Malware for Red Team
Malware for Red TeamMalware for Red Team
Malware for Red Team
Satria Ady Pradana
 
Silabus Training Reverse Engineering
Silabus Training Reverse EngineeringSilabus Training Reverse Engineering
Silabus Training Reverse Engineering
Satria Ady Pradana
 
(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code(Training) Malware - To the Realm of Malicious Code
(Training) Malware - To the Realm of Malicious Code
Satria Ady Pradana
 
Go Hack Yourself - 10 Pen Test Tactics for Blue Teamers
Go Hack Yourself - 10 Pen Test Tactics for Blue TeamersGo Hack Yourself - 10 Pen Test Tactics for Blue Teamers
Go Hack Yourself - 10 Pen Test Tactics for Blue Teamers
jasonjfrank
 
Student Spring 2021
Student Spring 2021Student Spring 2021
Student Spring 2021
Denis Zakharov
 
Firmware Reverse Engineering
Firmware Reverse EngineeringFirmware Reverse Engineering
Firmware Reverse Engineering
Satria Ady Pradana
 
Introduction to Memory Analysis
Introduction to Memory AnalysisIntroduction to Memory Analysis
Introduction to Memory Analysis
Emil Tan
 
L27
L27L27
L27
NathannyabvureMapisa
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
GIBIN JOHN
 
Real World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleReal World Application Threat Modelling By Example
Real World Application Threat Modelling By Example
NCC Group
 
Secure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongSecure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrong
bryns
 
Automating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device FirmwareAutomating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device Firmware
Malachi Jones
 
Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of Logs
Jack Crook
 
Finacle - Secure Coding Practices
Finacle - Secure Coding PracticesFinacle - Secure Coding Practices
Finacle - Secure Coding Practices
Infosys Finacle
 
Server Side Template Injection by Mandeep Jadon
Server Side Template Injection by Mandeep JadonServer Side Template Injection by Mandeep Jadon
Server Side Template Injection by Mandeep Jadon
Mandeep Jadon
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_Exploitation
Malachi Jones
 
Dissecting Android APK
Dissecting Android APKDissecting Android APK
Dissecting Android APK
Cysinfo Cyber Security Community
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
Christian Martorella
 
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Priyanka Aash
 
Investigating Malware using Memory Forensics
Investigating Malware using Memory ForensicsInvestigating Malware using Memory Forensics
Investigating Malware using Memory Forensics
Cysinfo Cyber Security Community
 
Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015
Malachi Jones
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault
 
Persistence in windows
Persistence in windowsPersistence in windows
Persistence in windows
Arpan Raval
 
Understand How Machine Learning Defends Against Zero-Day Threats
Understand How Machine Learning Defends Against Zero-Day ThreatsUnderstand How Machine Learning Defends Against Zero-Day Threats
Understand How Machine Learning Defends Against Zero-Day Threats
Rahul Mohandas
 
Dracos forensic flavor
Dracos forensic flavorDracos forensic flavor
Dracos forensic flavor
Satria Ady Pradana
 
Reverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseReverse Engineering: The Crash Course
Reverse Engineering: The Crash Course
Satria Ady Pradana
 
Nt1310 Unit 3 Language Analysis
Nt1310 Unit 3 Language AnalysisNt1310 Unit 3 Language Analysis
Nt1310 Unit 3 Language Analysis
Nicole Gomez
 

More Related Content

What's hot

Secure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongSecure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrong
bryns
 
Automating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device FirmwareAutomating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device Firmware
Malachi Jones
 
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Priyanka Aash
 
Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015
Malachi Jones
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault
 

What's hot (20)

Firmware Reverse Engineering
Firmware Reverse EngineeringFirmware Reverse Engineering
Firmware Reverse Engineering
 
Introduction to Memory Analysis
Introduction to Memory AnalysisIntroduction to Memory Analysis
Introduction to Memory Analysis
 
L27
L27L27
L27
 
Windows Threat Hunting
Windows Threat HuntingWindows Threat Hunting
Windows Threat Hunting
 
Real World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleReal World Application Threat Modelling By Example
Real World Application Threat Modelling By Example
 
Secure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrongSecure Coding - Are we doing it wrong
Secure Coding - Are we doing it wrong
 
Automating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device FirmwareAutomating Analysis and Exploitation of Embedded Device Firmware
Automating Analysis and Exploitation of Embedded Device Firmware
 
Billions & Billions of Logs
Billions & Billions of LogsBillions & Billions of Logs
Billions & Billions of Logs
 
Finacle - Secure Coding Practices
Finacle - Secure Coding PracticesFinacle - Secure Coding Practices
Finacle - Secure Coding Practices
 
Server Side Template Injection by Mandeep Jadon
Server Side Template Injection by Mandeep JadonServer Side Template Injection by Mandeep Jadon
Server Side Template Injection by Mandeep Jadon
 
SmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_ExploitationSmartphoneHacking_Android_Exploitation
SmartphoneHacking_Android_Exploitation
 
Dissecting Android APK
Dissecting Android APKDissecting Android APK
Dissecting Android APK
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
 
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
Over-the-Air: How we Remotely Compromised the Gateway, BCM, and Autopilot ECU...
 
Investigating Malware using Memory Forensics
Investigating Malware using Memory ForensicsInvestigating Malware using Memory Forensics
Investigating Malware using Memory Forensics
 
Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015Cyber_Attack_Forecasting_Jones_2015
Cyber_Attack_Forecasting_Jones_2015
 
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
AlienVault Brute Force Attacks- Keeping the Bots at Bay with AlienVault USM +...
 
Persistence in windows
Persistence in windowsPersistence in windows
Persistence in windows
 
Understand How Machine Learning Defends Against Zero-Day Threats
Understand How Machine Learning Defends Against Zero-Day ThreatsUnderstand How Machine Learning Defends Against Zero-Day Threats
Understand How Machine Learning Defends Against Zero-Day Threats
 
Dracos forensic flavor
Dracos forensic flavorDracos forensic flavor
Dracos forensic flavor
 

Similar to Reverse Engineering: Protecting and Breaking the Software (Workshop)

Nt1310 Unit 3 Language Analysis
Nt1310 Unit 3 Language AnalysisNt1310 Unit 3 Language Analysis
Nt1310 Unit 3 Language Analysis
Nicole Gomez
 
Agile_goa_2013_clean_code_tdd
Agile_goa_2013_clean_code_tddAgile_goa_2013_clean_code_tdd
Agile_goa_2013_clean_code_tdd
Srinivasa GV
 

Similar to Reverse Engineering: Protecting and Breaking the Software (Workshop) (20)

Reverse Engineering: The Crash Course
Reverse Engineering: The Crash CourseReverse Engineering: The Crash Course
Reverse Engineering: The Crash Course
 
Nt1310 Unit 3 Language Analysis
Nt1310 Unit 3 Language AnalysisNt1310 Unit 3 Language Analysis
Nt1310 Unit 3 Language Analysis
 
MobSecCon 2015 - Dynamic Analysis of Android Apps
MobSecCon 2015 - Dynamic Analysis of Android AppsMobSecCon 2015 - Dynamic Analysis of Android Apps
MobSecCon 2015 - Dynamic Analysis of Android Apps
 
Framework engineering JCO 2011
Framework engineering JCO 2011Framework engineering JCO 2011
Framework engineering JCO 2011
 
Presentation5
Presentation5Presentation5
Presentation5
 
C++ classes tutorials
C++ classes tutorialsC++ classes tutorials
C++ classes tutorials
 
Lotusphere 2007 AD507 Leveraging the Power of Object Oriented Programming in ...
Lotusphere 2007 AD507 Leveraging the Power of Object Oriented Programming in ...Lotusphere 2007 AD507 Leveraging the Power of Object Oriented Programming in ...
Lotusphere 2007 AD507 Leveraging the Power of Object Oriented Programming in ...
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat DasNull Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
 
Answer ado.net pre-exam2018
Answer ado.net pre-exam2018Answer ado.net pre-exam2018
Answer ado.net pre-exam2018
 
Java interview questions and answers
Java interview questions and answersJava interview questions and answers
Java interview questions and answers
 
Agile_goa_2013_clean_code_tdd
Agile_goa_2013_clean_code_tddAgile_goa_2013_clean_code_tdd
Agile_goa_2013_clean_code_tdd
 
Php oop (1)
Php oop (1)Php oop (1)
Php oop (1)
 
Session 02 - Elements of Java Language
Session 02 - Elements of Java LanguageSession 02 - Elements of Java Language
Session 02 - Elements of Java Language
 
iOS course day 1
iOS course day 1iOS course day 1
iOS course day 1
 
Top 20 Asp.net interview Question and answers
Top 20 Asp.net interview Question and answersTop 20 Asp.net interview Question and answers
Top 20 Asp.net interview Question and answers
 
Java chapter 3 - OOPs concepts
Java chapter 3 - OOPs conceptsJava chapter 3 - OOPs concepts
Java chapter 3 - OOPs concepts
 
Java Basics
Java BasicsJava Basics
Java Basics
 
Oops concepts in php
Oops concepts in phpOops concepts in php
Oops concepts in php
 
IDAPRO
IDAPROIDAPRO
IDAPRO
 
Elements of Java Language
Elements of Java Language Elements of Java Language
Elements of Java Language
 

More from Satria Ady Pradana

More from Satria Ady Pradana (20)

Down The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security ProfessionalDown The Rabbit Hole, From Networker to Security Professional
Down The Rabbit Hole, From Networker to Security Professional
 
MITM: Tales of Trust and Betrayal
MITM: Tales of Trust and BetrayalMITM: Tales of Trust and Betrayal
MITM: Tales of Trust and Betrayal
 
Berkarir di Cyber Security
Berkarir di Cyber SecurityBerkarir di Cyber Security
Berkarir di Cyber Security
 
IOT Security FUN-damental
IOT Security FUN-damentalIOT Security FUN-damental
IOT Security FUN-damental
 
Python-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming OperationPython-Assisted Red-Teaming Operation
Python-Assisted Red-Teaming Operation
 
IoT Security - Preparing for the Worst
IoT Security - Preparing for the WorstIoT Security - Preparing for the Worst
IoT Security - Preparing for the Worst
 
Practical Security - Modern Day Software
Practical Security - Modern Day SoftwarePractical Security - Modern Day Software
Practical Security - Modern Day Software
 
The Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration TestingThe Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration Testing
 
From Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in EssenceFrom Reversing to Exploitation: Android Application Security in Essence
From Reversing to Exploitation: Android Application Security in Essence
 
Android Security: Art of Exploitation
Android Security: Art of ExploitationAndroid Security: Art of Exploitation
Android Security: Art of Exploitation
 
Bypass Security Checking with Frida
Bypass Security Checking with FridaBypass Security Checking with Frida
Bypass Security Checking with Frida
 
Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)Malware: To The Realm of Malicious Code (Training)
Malware: To The Realm of Malicious Code (Training)
 
Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)Memory Forensic: Investigating Memory Artefact (Workshop)
Memory Forensic: Investigating Memory Artefact (Workshop)
 
Memory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory ArtefactMemory Forensic: Investigating Memory Artefact
Memory Forensic: Investigating Memory Artefact
 
Another Side of Hacking
Another Side of HackingAnother Side of Hacking
Another Side of Hacking
 
Automatic Malware Analysis & Repository
Automatic Malware Analysis & RepositoryAutomatic Malware Analysis & Repository
Automatic Malware Analysis & Repository
 
Web Security Jumpstart
Web Security JumpstartWeb Security Jumpstart
Web Security Jumpstart
 
DracOs Forensic Flavor - Workshop
DracOs Forensic Flavor - WorkshopDracOs Forensic Flavor - Workshop
DracOs Forensic Flavor - Workshop
 
DracOs Forensic Flavor
DracOs Forensic FlavorDracOs Forensic Flavor
DracOs Forensic Flavor
 
Path of Cyber Security
Path of Cyber SecurityPath of Cyber Security
Path of Cyber Security
 

Recently uploaded

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
WSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
VictorSzoltysek
 

Recently uploaded (20)

Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
API Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governanceAPI Governance and Monetization - The evolution of API governance
API Governance and Monetization - The evolution of API governance
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Modernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using BallerinaModernizing Legacy Systems Using Ballerina
Modernizing Legacy Systems Using Ballerina
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
ChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps ProductivityChatGPT and Beyond - Elevating DevOps Productivity
ChatGPT and Beyond - Elevating DevOps Productivity
 
Quantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation ComputingQuantum Leap in Next-Generation Computing
Quantum Leap in Next-Generation Computing
 

Reverse Engineering: Protecting and Breaking the Software (Workshop)

  • 1. Reverse Engineering Protecting and Breaking the Software WORKSHOP Satria Ady Pradana https://xathrya.id Reversing.ID Revealing the Truth through Breaking Things
  • 2. # Whoami?  Cyber Security Consultant at Mitra Integrasi Informatika (MII)  Researcher at dracOs Dev Team  Coordinator of Reversing.ID  Member of Indonesia Honeynet Project
  • 3. Overview  Engage in practical basic reverse engineering activity  Three basic reverse engineering principle.  Common reversing technique
  • 5. The Term  Originally used in the context of mechanical engineering  Breaks down an existing object or system to its construction and then rebuild it based on new demand.  Extracting knowledge or design information from anything man- mad and reproducing it or reproduce anything based on the extracted information.
  • 6. Fundamental Principle  Comprehension  Gain knowledge of basic principle or mechanics of object, the behavior, and knowledge that might related to subject.  Decomposition  Breaking down the system into its structure and gain insight about inherent structure and properties of the component that make the system.  Reconstruction  Reform or reconstruct the components based on need.
  • 7. Common Practice  Resource Modification (Modding)  Modify the application resource.  Control Flow Bypass  Alter program flow, force the execution to takes or jump over the intended action.  Code Caving  Writing code to specific region of process.
  • 8. The Language  Various programming language exists with unique and distinctive characteristic.  Typically, divided into two classes of programming language: native, interpreted.  Native: C, C++, Pascal, Rust, Assembly.  Interpreted: Python, Ruby, Java, .NET
  • 9. The Executable Format  Application has a format.  Identify by magic number.  Structured and has some sections for data, code, resource, etc.  Function might be provided by foreign module (ex: DLL), list of imported function is maintained.
  • 10.
  • 11.
  • 12. Common Tools  Hex Editor  Disassembler  Debugger  Resource Editor
  • 14. Our Target  CrackMe.cs  Challenge.cs  Compile them  mcs CrackMe.cs
  • 15. Dwelling to the New Language  Learning one programming language might speed up learning curve for learning other programming language.  The basic programming syntax you need to know:  Basic type declaration  Control Flow:  Decision (if, switch, etc)  Loop (for, while, etc)  Function  The rest is about language charactestic.
  • 16. C#  Managed code, interpreted  Run on top of .NET framework  Translated into “bytecode” or some kind of “assembly”  The language is called Common Interpreted Language (CIL)  The interpreter is called Common Language Runtime (CLR)  Very similar to its high level code.
  • 17. Operations to Know in “Assembly”  Assignment  Load/Store data  Branching (Jump & Call)  Arithmetic  Logical  Language specific feature
  • 19. Task 1: Get Binary Information  $ file CrackMe.exe  $ rabin2 –I CrackMe.exe
  • 20. Task 2: Disassembler and Assembler the Code  $ monodis CrackMe.exe --output=CrackMe.cil  $ ilasm /exe /output:CrackMe2.exe CrackMe.cil
  • 21. Task 3: Modify Resource (String)  Disassemble the file  Search for header string, such as “Personalize Crackme for Satria”  Change to exclusive for you, such as “Personalize Crackme for Ady”  Assemble the file
  • 22. Task 4: Get the Right Password  We are asked for password.  Grab it.  It is hardcoded so you may need to scroll the code.
  • 23. Task 5: Bypass the Jump  Something happen, our code is stopped. Jump to the next stage, please.  There is a mechanism that checking the condition. See the return value of stage1() and see the required value.
  • 24. Task 6: Change Target Function  We got the wrong destination, let see if we are able to change it.  Currently we are calling a function stage3() while the function we want is stage3_true()  Change the code to the respective intention.
  • 25. Task 7: Inject Custom Code  Mayday!  We need code!  Write it by yourself.  The last stage require specific value assigned to access the function. We can create a function to change this value and call it before calling the function.