C and especially C++ developers are actually using compiler explorer for _forward_ engineering. I.e. during development they try optimizations there and see what the compiler makes of it, before putting the best version in their code. It's an amazing tool Matt Godbolt brought into the world.
I started learning assembly code and disassemblers a couple months ago, with the help of the book "Hacking The Art of Exploitation", really good book but the assembly part was really hard of me. I tried to follow on my computer but had many many issues, got frustrated and just let it go. A couple weeks ago I took it upon myself to read it again, and now I got it a little bit better. For some reason assembly is still challenging for me, but no matter how frustrated you get, take some time, breath, stop for a couple hours maybe days and then try to resume. Would have loved to have this video before. Amazing, thank you so much.
If one is interested in Reverse engineering themselves, I would highly recommend the book "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software". It can be found online using a bit of googling. I just finished a course with the name Reverse Engineering and Malware Analysis and there we used this book. This course was obviously heavily focused on how windows malware works and can be detected through different means, but reverse engineering was a big part of it.
A more abstract book would be Practical Reverse Engineering by Alexander Gazet and Bruce Dang. Especially if you don't want to go into malware analysis specifically.
Maybe it's worth mentioning that the intermingled output of source code and assembly can also be achieved (and in fact this is for sure what happens in the background on that website) with objdump -S , if the binary was compiled with debugging enabled. So, even if you are somewhere without internet or don't want to share the code you are working on with whoever is running that website, you can still conveniently self-learn reverse engineering in 2022.
The one thing to remember while learning reverse engineering is that there are a lot of things that you won't get when you try the first time and it's fine. You also have to have a lot of patience since the process of learning reverse engineering can be extremely frustrating and it can make you give up on 5 out of your 10 projects. Always remember that theory will beat practice. Have a goal in mind why you want to learn reverse engineering as that will give you a clear idea of the platform on which you will be working. For example, I want to be a Vulnerbility Researcher and find 0 days on Windows so I would learn all the basics of reverse engineering simple programs on Windows, how to debug them, the tools necessary and I would read through ctf writeups and try stuff on my own. After clearing this up, I would try to increase my level and try malware analysis as it would give me clear understanding of software protections, debugging and understanding a program when almost nothing about the program is known. Then I can proceed to learn about different kinds of vulnerabilities and how they are found and so on.
This is me right now. I’m into malware dev. and most times i need to reverse Engineer the binary I’m writing to see how it’s been executed in memory but just can’t seem to wrap my head around the assembly codes
@@flirtyemy042 the best way to learn assembly is to write own programs and see what assembly code is generated in disassemblers or you might just try making a small project in assembly. You can sort of cheat by just learning about the most commonly used assembly instructions.
@@Jonathan-ng4vw Check out Sektor7’s malware dev course for a start. It’s really good. You can then follow it up with the intermediate and then evasion courses
@@JoseAndCode being able to fully understand software at the lowest level. That enables you to come up with clever ways of using (or exploiting) the software. I'm explaining in the context of software, but, really, this applies to any system that you manage to reverse-engineer :)
@@TienNguyen-ky4dx There are a whole host of reasons why one might learn reversing. It might be for compatibility or interfacing purposes, for vulnerability research and/or exploit development, for software development (finding out how someone else implemented some or the other component or system and try to do it yourself while inferring from what they did), malware analysis, etc.
What are some good ways for a total beginner to get started? Ive seen some beginner videos but they all seem to intermediate levels and theres only a handful of them out there it seems
+rep godbolt love, didnt know asm like 2 weeks ago, watched a few vids to briefly get a hang of what it does (alot easier than what i wouldve thought actually), then used godbolt to more understand what my code does at a lower level, its really nice being able to look at asm and be able to tell what it does, especially when u can hover over parts of asm and it highlights the code responsible for it! its been a real help. documentation helps alot to for checking out odd looking functions that ive never really seen before :D 10/10
Literally could not have come at a better time. I've been itching to dive into contributing to Metaforce (reverse engineering of Metroid Prime) and have been scratching my head not knowing how to get started
We practiced reverse engineering by rewriting the simple basic utils like cat and tee from their asm dumps. That and also writing some assembly code is helpful
holy macaroni, i didn't know of dogbolt; that's awesome!! and also, i've been reading some arm, but for some reason it didn't click in my head prior that 'b' was branch, facepalm. thank you!
Good content. Reverse engineering is how I got started; after taking classes on a language or doing YT tuorials of a certain framework, I'd clone a large GitHub repo to my desktop and toy around with it. See what I could add, see what made it break, read the errors after each save. That method was just as valuable, if not more so, than the classes themselves.
Compiler explorer is actually a really good tool. like if you get cursor to stuff you dont know what it means it will show description of what it is like cmp, rbp and so on. thanks btw didnt knew about this tol.
To be honest i am learning reverse engineering currently (self) and worried that i cannot become one. But this single video give me a boost . Lets see what will happen in future
The motivation will be on and off. Give yourself time. Fundamentals like C, asm, os architecture are important... RE skills is a self learning subject.. you need to keep on practice, research and repeat.
Game hacking is a pretty good way to learn reversing skills. It has well defined goals as well, like esp, aimbot, bhop, etc, which can be used to measure success.
@@ske2004 i would agree if bypassing anticheat was easy if ur mad about cheaters no matter how good they make their client-sided anticheat it will ALWAYS be possible to bypass it and all it takes is one public cheat to let in all the skids companies need to start focusing more on server-sided anticheat so even if the hacker(reverse engineer not skid) bypasses the client its still really difficult to cheat for example u can make an anti-esp by only giving the player data of players near the enemy (like in csgo), u can use AI to combat aimbot, u can make speed/jump hacks impossible by making the players' characters serversided so that the player sends "intention" packets instead of raw position packets so the server would calculate those
@@boiiboii7348 I know. I don't play competitive games but I feel bad for people dealing with cheaters. learning hacking to ruin the fun is an asshole move
POV: you try coffee for the first time and accidentally grab the wrong ceramic cow container and accidentally put two tablespoons of crushed adderol in your coffee instead of sugar
I might be nitpicking, but at 2:04 you said a (local) variable, isn't it technically a const(ant) here? It's not a variable type where it can be changed by the program unless it's self modifying code ofcourse. Just learning the basics of C and was wondering if I got it right, so it threw me a bit off :D
I'm not exactly sure what you're getting at, but what makes you think this is a constant, as we don't really see the rest of the code? One way of thinking about constants in the context of C code might be a "const" variable, where the compiler /might/ optimize it so that the variable is essentially inlined (as in, for example a function call with the const value gets compiled without the variable on the stack, but rather compiled in as a constant to the function call). I'm not entierly sure how the C compiler handles it, but depending on the optimizations used non-const variables can also be optimized out (possibly not much differently than const variables). The volatile keyword in the example essentially prevents the compiler to apply such optimizations and (in this case) ensures the variable gets placed on the stack.
I don't see anywhere they're declared as 'const', only 'volatile' which actually tells the compiler that the value of this variable may change at any time, esp. without any action from any visible code, and as such it shouldn't attempt to apply optimizations.
@@snoopiiii I think you're misinterpreting the assembly code. The line you're seeing is simply initializing the local variable with a constant value. You can also clearly see in the original C code that there isn't any constant, only variables with the "volatile" modifier applied in order to suppress compiler optimizations.
For anyone interested, be sure to check out the talk where Mr. Godbolt talks about where Compiler Explorer comes from. It's called: CppCon 2017: Matt Godbolt “What Has My Compiler Done for Me Lately? Unbolting the Compiler's Lid”
Thanks! I have a number of talks now around where I talk about various optimizations compilers can do, as well as a (now a little out of date), "Behind the scenes of Compiler Explorer" for those interested.
It's basically taking the binary itself and finding some opcode bytes to replace in order to make the software work without having a license for example. He has made a video on that topic if you want to see how it works th-cam.com/video/LyNyf3UM9Yc/w-d-xo.html
Hi, thanks for the video. I‘m getting into reverse engineering and find it really fastinating. Could you tell me are there any job oportunity in this area other then pentesting/security.
Amazing video liveoverflow!! But What if you are a very nooby and you don't even know anything about how computer hardware works like how cpu functions etc... I heard you mentioning some very intersting stuff like stack,heap etc... But really felt lost hearing them Can you maybe drop us a video for those how wanna get into the field but are struggling with such stuff and don't know what to learn in the beginning?
ironically the binary exploitation series is the best place to learn those things IMO. it's a bit old by now if you're used to new LiveOverflow production qualities, but the principles changed none at all. even if you don't care about all the exploitation stuff you can just ignore it cause honestly in the process of explaining how to break stuff LO made the best explanation of what said stuff even is, for x86 at least
Hey! I know you're generally focusing on Reverse Engineering programming code, but I was wondering if you have any experience and or helpful tools on learning how to reverse engineer a file format? I've been working on somehting in my past-time but my best approach was just trying to write parsers for the files in question in Haskell (using Megaparsec), which doesn't lead to a quick analysis cycle having to rebuild the program, running it and either handling a huge print output or navigating bit by bit into the data structures to figure out what came out.
Best part of de vídeo 2:29 “see how amazing “ hahahahahha just people who watched the binary exploitation series who knows that. Liveoverflow thanks bro u are 🤩
Sometimes I'm streaming on Twitch: www.twitch.tv/liveoverflow
What kit do I need to purchase to practice Side Channel attacks if I don't want to spend hefty money on xilinx FPGAs?
C and especially C++ developers are actually using compiler explorer for _forward_ engineering. I.e. during development they try optimizations there and see what the compiler makes of it, before putting the best version in their code. It's an amazing tool Matt Godbolt brought into the world.
Oh absolutely
I hope he gets rich out of it, somehow.
@@SamirPatnaik well, not rich no. It's more of a hobby project that has grown out of bounds. But he's become pretty famous in the C++ community.
i mean you don't need that tool, you can do the same locally
Ew c++
Thanks for the great shout out! This is a great introduction to Compiler Explorer in general!
I started learning assembly code and disassemblers a couple months ago, with the help of the book "Hacking The Art of Exploitation", really good book but the assembly part was really hard of me. I tried to follow on my computer but had many many issues, got frustrated and just let it go. A couple weeks ago I took it upon myself to read it again, and now I got it a little bit better. For some reason assembly is still challenging for me, but no matter how frustrated you get, take some time, breath, stop for a couple hours maybe days and then try to resume. Would have loved to have this video before. Amazing, thank you so much.
The best intro to assembly is from the book Practical Malware Analysis. Check out the Assembly crash course section
If one is interested in Reverse engineering themselves, I would highly recommend the book "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software". It can be found online using a bit of googling. I just finished a course with the name Reverse Engineering and Malware Analysis and there we used this book. This course was obviously heavily focused on how windows malware works and can be detected through different means, but reverse engineering was a big part of it.
A more abstract book would be Practical Reverse Engineering by Alexander Gazet and Bruce Dang. Especially if you don't want to go into malware analysis specifically.
Leaving comment for ref. Thanks to you both
Thx
Any link for the course?
Thanks.
Bookmark
Your videos (in particular the binary exploitation playlist) have been a huge help in my cybersecurity career. Thank you very much ❤
Maybe it's worth mentioning that the intermingled output of source code and assembly can also be achieved (and in fact this is for sure what happens in the background on that website) with objdump -S , if the binary was compiled with debugging enabled. So, even if you are somewhere without internet or don't want to share the code you are working on with whoever is running that website, you can still conveniently self-learn reverse engineering in 2022.
The one thing to remember while learning reverse engineering is that there are a lot of things that you won't get when you try the first time and it's fine. You also have to have a lot of patience since the process of learning reverse engineering can be extremely frustrating and it can make you give up on 5 out of your 10 projects.
Always remember that theory will beat practice.
Have a goal in mind why you want to learn reverse engineering as that will give you a clear idea of the platform on which you will be working.
For example, I want to be a Vulnerbility Researcher and find 0 days on Windows so I would learn all the basics of reverse engineering simple programs on Windows, how to debug them, the tools necessary and I would read through ctf writeups and try stuff on my own. After clearing this up, I would try to increase my level and try malware analysis as it would give me clear understanding of software protections, debugging and understanding a program when almost nothing about the program is known. Then I can proceed to learn about different kinds of vulnerabilities and how they are found and so on.
This is me right now. I’m into malware dev. and most times i need to reverse Engineer the binary I’m writing to see how it’s been executed in memory but just can’t seem to wrap my head around the assembly codes
@@flirtyemy042 How you learn malware dev. it means what is your resources to learn this.
@@flirtyemy042 the best way to learn assembly is to write own programs and see what assembly code is generated in disassemblers or you might just try making a small project in assembly.
You can sort of cheat by just learning about the most commonly used assembly instructions.
@@Jonathan-ng4vw Check out Sektor7’s malware dev course for a start. It’s really good. You can then follow it up with the intermediate and then evasion courses
@@coder_rc I think I’ll check out the tools in the video. At least they’ll help highlight each instruction in assembly. Thanks
Started with your binary exploitation playlist and now working in cyber security. Thank you LiveOverflow!
Same here, so greetful for the awesome content
Reversing is a way of life, and it takes time, but is very rewarding once you get the hang of it. Great video as always, sir.👌
Can you explain the rewards you have experienced
what do you learn this for? Bug bounty?
@@JoseAndCode being able to fully understand software at the lowest level. That enables you to come up with clever ways of using (or exploiting) the software. I'm explaining in the context of software, but, really, this applies to any system that you manage to reverse-engineer :)
@@TienNguyen-ky4dx There are a whole host of reasons why one might learn reversing. It might be for compatibility or interfacing purposes, for vulnerability research and/or exploit development, for software development (finding out how someone else implemented some or the other component or system and try to do it yourself while inferring from what they did), malware analysis, etc.
What are some good ways for a total beginner to get started? Ive seen some beginner videos but they all seem to intermediate levels and theres only a handful of them out there it seems
Step 1: pick a target that is not written in C++ with Boost and Qt and built with O3+LTO...otherwise you will spend months reversing the
Lol we've all been there.
@@InfiniteQuest86 no we havent, noob
@@c0smo709 Lol! Nice one!
@@InfiniteQuest86 thanks bro appreciate it
@@c0smo709 what a nice and friendly interaction
Thank you so much. This simple overview was what i needed to look into reverse engineering. Assembly code doesn´t look that scary anymore!
You always pop up in my reccomendation when i need a determination boost when studying new concepts.
Thanks as always
Weird. Just what I was looking for and you posted it 🤔
weird. Same case here 🤔
+rep godbolt love, didnt know asm like 2 weeks ago, watched a few vids to briefly get a hang of what it does (alot easier than what i wouldve thought actually), then used godbolt to more understand what my code does at a lower level, its really nice being able to look at asm and be able to tell what it does, especially when u can hover over parts of asm and it highlights the code responsible for it! its been a real help. documentation helps alot to for checking out odd looking functions that ive never really seen before :D 10/10
Every hacking inquiry I have leads to a video made by you ❤. Keep up the great work.
Thanks for the info about the decompiler collection. What a gift to the community!
I love you! Thank you so much, this helps a lot in learning how to get sharper and started! :)
Perfect timing. I've been working my way through Practical Malware Analysis, this will be of great help! Thank you.
Very useful sources, thank you,man
This video is actually really, really good. Thank you!
OMG! godbolt and dogbolt are so beautiful and helpful! 🤯
Literally could not have come at a better time. I've been itching to dive into contributing to Metaforce (reverse engineering of Metroid Prime) and have been scratching my head not knowing how to get started
any forums or discord groups for such projects?
@@drygordspellweaver8761 nintendo 😮
We practiced reverse engineering by rewriting the simple basic utils like cat and tee from their asm dumps. That and also writing some assembly code is helpful
I just completed Binary Exploitation series.Thank you for your masterpiece
Nice video I was searching for that
holy macaroni, i didn't know of dogbolt; that's awesome!! and also, i've been reading some arm, but for some reason it didn't click in my head prior that 'b' was branch, facepalm. thank you!
Nice video, it helped me a lot.
Cool
Thanks Liveoverflow!
I swear I asked myself this question today Morning & here you are with this video
IT'S REALLY USEFULL... thankyou Febian...
Much love from the H1Emu team. (Reverse engineering H1Z1)
Thanks a lot for providing this 💖
Great video man. Love the way u pronounce array.
Subbed, this was very useful. :)
Thanks for the video it was exciting.
Very nice! Thank you ❤️
wow, thank you, it's amazing
Thanks, really helped
Exactly the video I needed
Love your videos watching stream
Loved background and editing
I am currently following along the binary exploitation series and these tools will really help me out, thanks for the video.
this was interesting, didn't thought I would watch the whole thing through
thank you so muuch
stumbled on this vid expecting wires n bits n even tho i hate assembly this is so cool
15secs in and I'm already in agreement with your view of an abstract concept.
This is what i need for past couple of weeks 😂❤️
I don’t even know how to get started
Great resource
Good content. Reverse engineering is how I got started; after taking classes on a language or doing YT tuorials of a certain framework, I'd clone a large GitHub repo to my desktop and toy around with it. See what I could add, see what made it break, read the errors after each save. That method was just as valuable, if not more so, than the classes themselves.
I was confused about the "language"
Compiler explorer is actually a really good tool. like if you get cursor to stuff you dont know what it means it will show description of what it is like cmp, rbp and so on. thanks btw didnt knew about this tol.
To be honest i am learning reverse engineering currently (self) and worried that i cannot become one. But this single video give me a boost . Lets see what will happen in future
Learn to code in C or similar
then move onto reversing. It's a process
@@nomms Thanks buddy
And do you have any supporting materials that i am unaware off. If so plz reply me I will be waiting for it
The motivation will be on and off. Give yourself time. Fundamentals like C, asm, os architecture are important... RE skills is a self learning subject.. you need to keep on practice, research and repeat.
@@fareedfauzi7915 Thanks pal
Thanks a lot.
OllyDbg and IDA is waving
Awesome man
That's what heroes do
Very nice 👍 thanks ^_^
Thanks!
Crazy channel I came across
Thank you for your efforts. Your channel is one of the best on TH-cam.
Was
@@linuxinside6188 I am new in reverse engineering and for me, this channel gives a lot of information in a very basic way.
Your videos are just amazing. It encourages me to learn more and more.
And you look a little like Christian Slater from Mr. Robot 😅
Thanks mahn
Thanks alot
Excellent
amazing 👀
i love your videos specially the binary exploitation serie so can you do some videos about int overflow and int overlow to RCE
Checkout the PwnAdventure series. I believe it was the fire and ice challenge
purchases I made was soft soft. I knew it was my passion but I was just stuck because of trauma I couldn't deal with. Now that I'm at a
I gotta throw my University-Assighment reference Implementation in there, to compare it to my solution, to prove mine is better xD
Godbolt is great for just learning programing in general
learning yourself is one of the best tools in the world of hacking
Must say, the cover of your computer would make a great album cover.
Game hacking is a pretty good way to learn reversing skills. It has well defined goals as well, like esp, aimbot, bhop, etc, which can be used to measure success.
Could you please provide a tutorial link to understand what you mean by game hacking?
@@i_youtube_ check out guided hacking’s channel, it is all about game hacking and reverse engineering a game
please don't do multiplayer, maybe multiplayer with you the only player, because otherwise it's not fun
@@ske2004 i would agree if bypassing anticheat was easy
if ur mad about cheaters no matter how good they make their client-sided anticheat it will ALWAYS be possible to bypass it and all it takes is one public cheat to let in all the skids
companies need to start focusing more on server-sided anticheat so even if the hacker(reverse engineer not skid) bypasses the client its still really difficult to cheat
for example u can make an anti-esp by only giving the player data of players near the enemy (like in csgo), u can use AI to combat aimbot, u can make speed/jump hacks impossible by making the players' characters serversided so that the player sends "intention" packets instead of raw position packets so the server would calculate those
@@boiiboii7348 I know. I don't play competitive games but I feel bad for people dealing with cheaters. learning hacking to ruin the fun is an asshole move
Useful
Wow I did not know about dogbolt
the title so dope
Hi bro, very nice video, possible make video reverse engineering, steps by steps course Basic to advance
POV: you try coffee for the first time and accidentally grab the wrong ceramic cow container and accidentally put two tablespoons of crushed adderol in your coffee instead of sugar
I might be nitpicking, but at 2:04 you said a (local) variable, isn't it technically a const(ant) here? It's not a variable type where it can be changed by the program unless it's self modifying code ofcourse. Just learning the basics of C and was wondering if I got it right, so it threw me a bit off :D
I'm not exactly sure what you're getting at, but what makes you think this is a constant, as we don't really see the rest of the code? One way of thinking about constants in the context of C code might be a "const" variable, where the compiler /might/ optimize it so that the variable is essentially inlined (as in, for example a function call with the const value gets compiled without the variable on the stack, but rather compiled in as a constant to the function call). I'm not entierly sure how the C compiler handles it, but depending on the optimizations used non-const variables can also be optimized out (possibly not much differently than const variables). The volatile keyword in the example essentially prevents the compiler to apply such optimizations and (in this case) ensures the variable gets placed on the stack.
I don't see anywhere they're declared as 'const', only 'volatile' which actually tells the compiler that the value of this variable may change at any time, esp. without any action from any visible code, and as such it shouldn't attempt to apply optimizations.
@@StevenHay3 But the assembly doesn't show it as a variable tho 🤔
@@snoopiiii I think you're misinterpreting the assembly code. The line you're seeing is simply initializing the local variable with a constant value. You can also clearly see in the original C code that there isn't any constant, only variables with the "volatile" modifier applied in order to suppress compiler optimizations.
@@snoopiiii I'm going to be honest, I don't know nearly enough about assembly to answer :( I hope you figure it out, though!
I want to add that Chat GPT can also be an extremely useful resource for learning reverse engineering.
My man looking more and more like Mr. Robot
For anyone interested, be sure to check out the talk where Mr. Godbolt talks about where Compiler Explorer comes from. It's called:
CppCon 2017: Matt Godbolt “What Has My Compiler Done for Me Lately? Unbolting the Compiler's Lid”
Thanks! I have a number of talks now around where I talk about various optimizations compilers can do, as well as a (now a little out of date), "Behind the scenes of Compiler Explorer" for those interested.
I’m moving to Sweden
Godbolt is cool unless you want to reverse Swift code into ARM64, then you're hooped. Got to do it using the Swift compiler
now my mind is blow up
I know this is not a very informative comment but... this video is really good and unlike my comment, very informative.
I was wondering how software cracking works. Could you do a video on the basic idea?
It's basically taking the binary itself and finding some opcode bytes to replace in order to make the software work without having a license for example. He has made a video on that topic if you want to see how it works th-cam.com/video/LyNyf3UM9Yc/w-d-xo.html
Hi, thanks for the video. I‘m getting into reverse engineering and find it really fastinating. Could you tell me are there any job oportunity in this area other then pentesting/security.
Ahhh memories... I used to just read the numbers, and I did know what was happening... No translation necessary.
Good
It's the Eckhart Tolle of RE
1st view 🤞Was waiting for this a long time…
Amazing video liveoverflow!!
But What if you are a very nooby and you don't even know anything about how computer hardware works like how cpu functions etc... I heard you mentioning some very intersting stuff like stack,heap etc... But really felt lost hearing them
Can you maybe drop us a video for those how wanna get into the field but are struggling with such stuff and don't know what to learn in the beginning?
@@II_xD_II nope
Computer Architecture or Operating Systems courses
ironically the binary exploitation series is the best place to learn those things IMO. it's a bit old by now if you're used to new LiveOverflow production qualities, but the principles changed none at all. even if you don't care about all the exploitation stuff you can just ignore it cause honestly in the process of explaining how to break stuff LO made the best explanation of what said stuff even is, for x86 at least
Thanks to all of you guys for the awesome responses!💜
The dog one hurts my eyes 👀
Hey! I know you're generally focusing on Reverse Engineering programming code, but I was wondering if you have any experience and or helpful tools on learning how to reverse engineer a file format? I've been working on somehting in my past-time but my best approach was just trying to write parsers for the files in question in Haskell (using Megaparsec), which doesn't lead to a quick analysis cycle having to rebuild the program, running it and either handling a huge print output or navigating bit by bit into the data structures to figure out what came out.
You can reverse the format by reversing part of software that reads/writes said format
the brackets actually mean its dereferencing the address
👍👍👍👍👍
That hand movement game should be reverse engineered
When you are Ed Sheeran and Mr. Robot at the same time
Best part of de vídeo 2:29 “see how amazing “ hahahahahha just people who watched the binary exploitation series who knows that. Liveoverflow thanks bro u are 🤩