Learning Reverse Engineering

TheBoostedBrain writes "Mike Perry and Nasko Oskov have written a very complete article about reverse engineering. It provides an introduction to reverse engineering software under both Linux and Windows."

really dumb question...

[Anonymous Coward]

do the authors of the book linked have the text available as a single PS or PDF file?

Wow, that is a long article...any ideas for POS?

[skogs]

Kudos go out to the guy that found this and submited it. Hopefully you knew the guys involved, and didn't just accidently find this information while searching the internet for self worth.

Very Good article, and I admit that I did not understand all of it, nor did I read all of it. However I did forward it along to a couple of friends who do not regularly /.

Here is a reverse engineering feat for you all...POS(Point of Sale) terminal equipment. Specifically to replace NSC(National Systems Corporation) and similar diamond touch gear. If you can reverse engineer a system for taking customer's orders(think pizza/food), showing it on multiple screens around the store, and keeping track of inventory, sales numbers and statistics, customer tracking and history...wow you would be great. Nobody wants to spend $15-30,000 for a new POS system. Nobody.

Biggest problem is that these small operators spend that much money on the system, that they are obligated and forced into using it for 10+ years, well after the hardware(monitors/keyboards) wear out. Then get stuck purchasing proprietary stuff at the same cost it was at the original purchase price...several hundred dollars for a custom keyboard...get real.

Somebody please show me where there is a project to reverse engineer this with an X window under RedHat/Slack. Even terminal would be fine. The current system runs text only...over 1 pair of copper in a phone plug(rj11).

Also has a nice 404 :)

[arcanumas]

The part i had time to read before the *you know what* was really good. But there is something else. This server probably has the best 404 page i have seen. Some people spend some time to make a really nice 404 page?
Ooo.. now i see. it's ".edu"
:)

Learn from the masters.

[JohnwheeleR]

For an excellent source of reverse engineering material, you really should check out the old Fravia pages [anticrack.de]. This is the original stuff right here.

Along with reversing tutorials and materials, there is a rich history behind this stuff. A man named +ORC published a tutorial on how to reverse engineer a Windows program called pooldemo.exe. From this text, an era was born. The Fravia website was created and was home to the +HCU. Many people sought after the true identity of +ORC, and he left a strainer (riddle) behind that would take you to a URL where he would be unmasked supposedly. Just look up "ORC riddle" on google for details. Neat stuff!

No it's not -- that's just a TOC entry

[multipartmixed]

But now I know why, due to the authors' comments. Thanks for the pointer to the TOC entry though, don't how I missed that.

For the readership out there, I'm sure those will be covered in the future; in the meantime, read your strace/ktrace/truss man pages. Run them on the application you're trying to RE before doing *anything* else. Sometimes, those dumps can provide *amazing* insight into the behaviour and structure of the program (particularly if you're good with 'grep'), especially if you're trussing and using the program interactively.

Very useful...

[Realistic_Dragon]

Given some of the code I get to deal with (19(7/8)0s vintage C, much of which is older than I am) it's probably easier to reverse engineer the binary and look at it there...

Play "Black Box" for a while.

[Speare]

There was a slick plastic game called Black Box back when thinking games like Mastermind were raking in the dough. There are Java and PalmOS varieties of the game. It's a nice three-minute game to while away a bus stop wait, and it helps you get in the mindset of what reverse engineering really means.

The inside of the Black Box is an 8x8 square. There are 8 ports on each side of the square. One player sets some marbles inside the covered square, and the other player tries to deduce their locations by the behavior of "rays" entering and exiting the box ports. Some rays go all the way through, some reflect off the balls inside, and some glance off the balls and go out some other side of the box.

Re:DMCA i.r.t. Reverse Engineering

[cyril3]

First I thought black box testing was testing specifically without knowledge of the internals of the system ie. you provide input after independently calculating the answer and then see if the output is the same as your expected answer. If you do it enough times and the answers are the same as your calcs then you can rely on the black box.

Second, you may have missed the bit in the standard warranty and EULA that says the vendor accepts no responsibility if the software doesn't do what they say it will do let alone what you expect. Whether they stand up in court or not the vendor probably sees more l;oss in pirates than in claims for faulty software.

Using Sniffer to Reverse Engineer

[Radical Rad]

Are there any lawyers here that can say whether packet sniffing is indeed a form of Reverse Engineering and could then be prohibited by an EULA? Common sense would tell me that it can not because it would be analogous to having a reasonable expectation of privacy when talking with someone inside your home but not when shouting to your neighbor through an open window.

Re:This book falls short

[stephanruby]

"TO SLASHDOT READERS: Yes, this book is incomplete. Yes it has mistakes. Yes, we are working as hard as we can to fix them. Please email the authors directly rather than simply ranting/flaming on slashdot. We will take your comments into consideration, and will list you in the credits. We've already built up a large queue of fixes thanks to helpful emails."

Looks like they're trying to have Slashdot readers write their book for them. It's not a bad idea, but it would be easier if they added editing/commenting capablities directly onto their site. Otherwise, it's just too much of a hassle.

It also would be better if they promised the contributors to keep the book online and free of charge even after it gets picked up by a publisher.

device drivers?

[Quickening]

What we need most are methods to reverse engineer device drivers.

Let's say for example, a certain manufacturer of popular media cards actually has linux drivers for their hardware, running on an ARM in a setup box, but refuses to release these drivers, open or closed, to pc users. If I had said drivers in hand, could I port them to i386?

Wow. Good luck.

[skogs]

Seldom is somebody actually willing to begin and create a project.

As far as specifications go with hardware...the simpler it is the better. Honestly, do you want to code to something that is unfamiliar? No. You want to run x11 on a Plain old P4 or something with 5 pci video cards in it. vga monitors. Not monochrome monitors running off two wires that make ugly text displays. Something simple to program, and even simpler to replace.

Seriously, you could sell this commercially if you found a backer. Give them the software for free, and sell them the system. One computer, 6 keyboards and 6 monitors. Thats all you need to supply, and you can charge them US$5000 for it. Sell upwards of fifty of these darn things to little mom and pop pizza places and they would be happy, and you would clear $1500 a piece...then start selling to Pizza Hut, Domino's, Papa John's...and make a shitload as they begin replacing their equipment and buying yours.

Be sure to offer them support with certain little things for a specified ammount of time, and charge them like $2000 for a one year service contract.

Modify your code with a couple different modules, and begin handling burgers and fries instead of just pizza sizes, toppings, and cokes...and then you open your market up to smaller chains like A&W, White Castle, and eventually anybody.

there is a need for this type of software and hardware solution, and all businesses feel it roughly every 8 years or so. Thats a pretty good market. Get your hands on some old equipment and see how the inventories worked, the numbers added up, and displayed. Wow. Make yourself a living in 30 long and difficult steps.

Re:Ollydbg

[IamTheRealMike]

Other useful tools are logger from the Windows Debugging Toolkit, which records every API call made, with details of the structures used and so on. Another good technique is to run the app in Wine, which gives you a very high level of debug output which is a rich source of data.