Self-Learning Reverse Engineering in 2022
ฝัง
- เผยแพร่เมื่อ 5 พ.ค. 2024
- There exist some awesome tools nowadays to accelerate your self-education for reverse engineering. godbolt and dogbolt are amazing to quickly learn basic assembly and reversing.
Compiler Explorer: godbolt.org/
Decompiler Explorer: dogbolt.org/
C code example: github.com/LiveOverflow/liveo...
Introducing Decompiler Explorer - binary.ninja/2022/07/13/intro...
00:00 - Intro
00:23 - Motivation
01:00 - How to c?
02:11 - godbolt Basic Usage
03:40 - Function Call on x64
04:30 - Intel vs ARM assembly
05:22 - godbolt Compiler Options
05:50 - Enable gcc O3 Compiler Optimization
06:35 - Decompiler Explorer dogbolt
07:16 - Comparing Decompiled main()
08:25 - Outro
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
Sometimes I'm streaming on Twitch: www.twitch.tv/liveoverflow
What kit do I need to purchase to practice Side Channel attacks if I don't want to spend hefty money on xilinx FPGAs?
Step 1: pick a target that is not written in C++ with Boost and Qt and built with O3+LTO...otherwise you will spend months reversing the
Lol we've all been there.
@@InfiniteQuest86 no we havent, noob
@@c0smo709 Lol! Nice one!
@@InfiniteQuest86 thanks bro appreciate it
@@c0smo709 what a nice and friendly interaction
C and especially C++ developers are actually using compiler explorer for _forward_ engineering. I.e. during development they try optimizations there and see what the compiler makes of it, before putting the best version in their code. It's an amazing tool Matt Godbolt brought into the world.
Oh absolutely
I hope he gets rich out of it, somehow.
@@SamirPatnaik well, not rich no. It's more of a hobby project that has grown out of bounds. But he's become pretty famous in the C++ community.
i mean you don't need that tool, you can do the same locally
Ew c++
The one thing to remember while learning reverse engineering is that there are a lot of things that you won't get when you try the first time and it's fine. You also have to have a lot of patience since the process of learning reverse engineering can be extremely frustrating and it can make you give up on 5 out of your 10 projects.
Always remember that theory will beat practice.
Have a goal in mind why you want to learn reverse engineering as that will give you a clear idea of the platform on which you will be working.
For example, I want to be a Vulnerbility Researcher and find 0 days on Windows so I would learn all the basics of reverse engineering simple programs on Windows, how to debug them, the tools necessary and I would read through ctf writeups and try stuff on my own. After clearing this up, I would try to increase my level and try malware analysis as it would give me clear understanding of software protections, debugging and understanding a program when almost nothing about the program is known. Then I can proceed to learn about different kinds of vulnerabilities and how they are found and so on.
This is me right now. I’m into malware dev. and most times i need to reverse Engineer the binary I’m writing to see how it’s been executed in memory but just can’t seem to wrap my head around the assembly codes
@@flirtyemy042 How you learn malware dev. it means what is your resources to learn this.
@@flirtyemy042 the best way to learn assembly is to write own programs and see what assembly code is generated in disassemblers or you might just try making a small project in assembly.
You can sort of cheat by just learning about the most commonly used assembly instructions.
@@Jonathan-ng4vw Check out Sektor7’s malware dev course for a start. It’s really good. You can then follow it up with the intermediate and then evasion courses
@@coder_rc I think I’ll check out the tools in the video. At least they’ll help highlight each instruction in assembly. Thanks
If one is interested in Reverse engineering themselves, I would highly recommend the book "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software". It can be found online using a bit of googling. I just finished a course with the name Reverse Engineering and Malware Analysis and there we used this book. This course was obviously heavily focused on how windows malware works and can be detected through different means, but reverse engineering was a big part of it.
A more abstract book would be Practical Reverse Engineering by Alexander Gazet and Bruce Dang. Especially if you don't want to go into malware analysis specifically.
Leaving comment for ref. Thanks to you both
Thx
Any link for the course?
Thanks.
Bookmark
Your videos (in particular the binary exploitation playlist) have been a huge help in my cybersecurity career. Thank you very much ❤
Thanks for the great shout out! This is a great introduction to Compiler Explorer in general!
Perfect timing. I've been working my way through Practical Malware Analysis, this will be of great help! Thank you.
I started learning assembly code and disassemblers a couple months ago, with the help of the book "Hacking The Art of Exploitation", really good book but the assembly part was really hard of me. I tried to follow on my computer but had many many issues, got frustrated and just let it go. A couple weeks ago I took it upon myself to read it again, and now I got it a little bit better. For some reason assembly is still challenging for me, but no matter how frustrated you get, take some time, breath, stop for a couple hours maybe days and then try to resume. Would have loved to have this video before. Amazing, thank you so much.
The best intro to assembly is from the book Practical Malware Analysis. Check out the Assembly crash course section
Thank you so much. This simple overview was what i needed to look into reverse engineering. Assembly code doesn´t look that scary anymore!
Thanks for the info about the decompiler collection. What a gift to the community!
Maybe it's worth mentioning that the intermingled output of source code and assembly can also be achieved (and in fact this is for sure what happens in the background on that website) with objdump -S , if the binary was compiled with debugging enabled. So, even if you are somewhere without internet or don't want to share the code you are working on with whoever is running that website, you can still conveniently self-learn reverse engineering in 2022.
+rep godbolt love, didnt know asm like 2 weeks ago, watched a few vids to briefly get a hang of what it does (alot easier than what i wouldve thought actually), then used godbolt to more understand what my code does at a lower level, its really nice being able to look at asm and be able to tell what it does, especially when u can hover over parts of asm and it highlights the code responsible for it! its been a real help. documentation helps alot to for checking out odd looking functions that ive never really seen before :D 10/10
I love you! Thank you so much, this helps a lot in learning how to get sharper and started! :)
This video is actually really, really good. Thank you!
Loved background and editing
Every hacking inquiry I have leads to a video made by you ❤. Keep up the great work.
Thanks a lot for providing this 💖
We practiced reverse engineering by rewriting the simple basic utils like cat and tee from their asm dumps. That and also writing some assembly code is helpful
Reversing is a way of life, and it takes time, but is very rewarding once you get the hang of it. Great video as always, sir.👌
Can you explain the rewards you have experienced
what do you learn this for? Bug bounty?
@@JoseAndCode being able to fully understand software at the lowest level. That enables you to come up with clever ways of using (or exploiting) the software. I'm explaining in the context of software, but, really, this applies to any system that you manage to reverse-engineer :)
@@TienNguyen-ky4dx There are a whole host of reasons why one might learn reversing. It might be for compatibility or interfacing purposes, for vulnerability research and/or exploit development, for software development (finding out how someone else implemented some or the other component or system and try to do it yourself while inferring from what they did), malware analysis, etc.
What are some good ways for a total beginner to get started? Ive seen some beginner videos but they all seem to intermediate levels and theres only a handful of them out there it seems
Thanks Liveoverflow!
OMG! godbolt and dogbolt are so beautiful and helpful! 🤯
15secs in and I'm already in agreement with your view of an abstract concept.
Started with your binary exploitation playlist and now working in cyber security. Thank you LiveOverflow!
Same here, so greetful for the awesome content
whats your roadmap sir?
IT'S REALLY USEFULL... thankyou Febian...
I swear I asked myself this question today Morning & here you are with this video
Very nice! Thank you ❤️
Thanks for the video it was exciting.
I am currently following along the binary exploitation series and these tools will really help me out, thanks for the video.
Thanks, really helped
Nice video I was searching for that
Love your videos watching stream
wow, thank you, it's amazing
this was interesting, didn't thought I would watch the whole thing through
Great video man. Love the way u pronounce array.
Exactly the video I needed
This is what i need for past couple of weeks 😂❤️
Good content. Reverse engineering is how I got started; after taking classes on a language or doing YT tuorials of a certain framework, I'd clone a large GitHub repo to my desktop and toy around with it. See what I could add, see what made it break, read the errors after each save. That method was just as valuable, if not more so, than the classes themselves.
I was confused about the "language"
Subbed, this was very useful. :)
Great resource
Much love from the H1Emu team. (Reverse engineering H1Z1)
Thanks mahn
Literally could not have come at a better time. I've been itching to dive into contributing to Metaforce (reverse engineering of Metroid Prime) and have been scratching my head not knowing how to get started
any forums or discord groups for such projects?
@@drygordspellweaver8761 nintendo 😮
Weird. Just what I was looking for and you posted it 🤔
weird. Same case here 🤔
thank you so muuch
Thanks a lot.
Compiler explorer is actually a really good tool. like if you get cursor to stuff you dont know what it means it will show description of what it is like cmp, rbp and so on. thanks btw didnt knew about this tol.
Your videos are just amazing. It encourages me to learn more and more.
And you look a little like Christian Slater from Mr. Robot 😅
Thanks!
Awesome man
That's what heroes do
Excellent
amazing 👀
stumbled on this vid expecting wires n bits n even tho i hate assembly this is so cool
Thanks alot
the title so dope
Crazy channel I came across
Godbolt is great for just learning programing in general
Very nice 👍 thanks ^_^
OllyDbg and IDA is waving
Useful
i love your videos specially the binary exploitation serie so can you do some videos about int overflow and int overlow to RCE
Checkout the PwnAdventure series. I believe it was the fire and ice challenge
Cool
Thank you for your efforts. Your channel is one of the best on TH-cam.
Was
@@linuxinside6188 I am new in reverse engineering and for me, this channel gives a lot of information in a very basic way.
1st view 🤞Was waiting for this a long time…
Wow I did not know about dogbolt
Good
now my mind is blow up
purchases I made was soft soft. I knew it was my passion but I was just stuck because of trauma I couldn't deal with. Now that I'm at a
I gotta throw my University-Assighment reference Implementation in there, to compare it to my solution, to prove mine is better xD
My man looking more and more like Mr. Robot
Must say, the cover of your computer would make a great album cover.
Can you please answer, how to get right tools for reversing. Because, i am newbie in this stuff. I found so many variants of gdb, i found radare2, that is a powerful framework but not without cons, i found ghidra and ida, and both of this gui tools great, and many more tools, including time travel deugging. It's blowing my mind, i can't choose between all of this, and have already spent so many time on googling all this programs. My goals is reverse engineering and binary exploitation, which stack of programs to choose ? Or how do i do it ? Help please..
I know this is not a very informative comment but... this video is really good and unlike my comment, very informative.
Hey! I know you're generally focusing on Reverse Engineering programming code, but I was wondering if you have any experience and or helpful tools on learning how to reverse engineer a file format? I've been working on somehting in my past-time but my best approach was just trying to write parsers for the files in question in Haskell (using Megaparsec), which doesn't lead to a quick analysis cycle having to rebuild the program, running it and either handling a huge print output or navigating bit by bit into the data structures to figure out what came out.
You can reverse the format by reversing part of software that reads/writes said format
To be honest i am learning reverse engineering currently (self) and worried that i cannot become one. But this single video give me a boost . Lets see what will happen in future
Learn to code in C or similar
then move onto reversing. It's a process
@@nomms Thanks buddy
And do you have any supporting materials that i am unaware off. If so plz reply me I will be waiting for it
The motivation will be on and off. Give yourself time. Fundamentals like C, asm, os architecture are important... RE skills is a self learning subject.. you need to keep on practice, research and repeat.
@@fareedfauzi7915 Thanks pal
Can one learn c++ and then learn assembly for reverse engineering without having to learn c? I want to reverse engineer c++ apps
I was wondering how software cracking works. Could you do a video on the basic idea?
It's basically taking the binary itself and finding some opcode bytes to replace in order to make the software work without having a license for example. He has made a video on that topic if you want to see how it works th-cam.com/video/LyNyf3UM9Yc/w-d-xo.html
Wait, so now we can use the HexRays decomplier without IDA pro?
learning yourself is one of the best tools in the world of hacking
Can you explain about decompile Ex4 to Mq4 source code please🙏
Great tech explain.
Can I reverse engineer SASL DRM with this tutorial? I want to crack some add ons that has DRM built inside the content instead of outside of it..
minor thing but there are some strikethroughs in the description
Godbolt is cool unless you want to reverse Swift code into ARM64, then you're hooped. Got to do it using the Swift compiler
Nice fast video my friend hhhh
Ahhh memories... I used to just read the numbers, and I did know what was happening... No translation necessary.
Push!
It's the Eckhart Tolle of RE
I want to add that Chat GPT can also be an extremely useful resource for learning reverse engineering.
uncle, how to get started into cybersec?
👍👍👍👍👍
Can you introduce me some resources for learning malware development field?im very happy to seem your chennel
I don't....feel like this helped. I mean maybe i'm getting something wrong here but i thought the goal was to be able to read and identify code and i learned how to read the assembly but i wouldn't understand what it could represent in the high-level code without the source-code anyways. Especially when the programm is more complex with many more functions calling each other... I don't know where to go from here. How do i interpret the stuff i see?
one of your chapters has a error it says "Enable gdb -O3 Compiler Optimization" i think you meant gcc
I dont understand the functions calls on x86. In your printf it gets assembled to call printf but in mine it gets assembled to call puts. I use the same gcc version to compile so how can that happen?
reverse engineering looks kinda fun :)
I’m moving to Sweden
Amazing video liveoverflow!!
But What if you are a very nooby and you don't even know anything about how computer hardware works like how cpu functions etc... I heard you mentioning some very intersting stuff like stack,heap etc... But really felt lost hearing them
Can you maybe drop us a video for those how wanna get into the field but are struggling with such stuff and don't know what to learn in the beginning?
@@II_xD_II nope
Computer Architecture or Operating Systems courses
ironically the binary exploitation series is the best place to learn those things IMO. it's a bit old by now if you're used to new LiveOverflow production qualities, but the principles changed none at all. even if you don't care about all the exploitation stuff you can just ignore it cause honestly in the process of explaining how to break stuff LO made the best explanation of what said stuff even is, for x86 at least
Thanks to all of you guys for the awesome responses!💜
Would still recommend Cheat Engine and, since it exists nowadays, Ghidra.
Game hacking is a pretty good way to learn reversing skills. It has well defined goals as well, like esp, aimbot, bhop, etc, which can be used to measure success.
Could you please provide a tutorial link to understand what you mean by game hacking?
@@i_youtube_ check out guided hacking’s channel, it is all about game hacking and reverse engineering a game
please don't do multiplayer, maybe multiplayer with you the only player, because otherwise it's not fun
@@skejeton i would agree if bypassing anticheat was easy
if ur mad about cheaters no matter how good they make their client-sided anticheat it will ALWAYS be possible to bypass it and all it takes is one public cheat to let in all the skids
companies need to start focusing more on server-sided anticheat so even if the hacker(reverse engineer not skid) bypasses the client its still really difficult to cheat
for example u can make an anti-esp by only giving the player data of players near the enemy (like in csgo), u can use AI to combat aimbot, u can make speed/jump hacks impossible by making the players' characters serversided so that the player sends "intention" packets instead of raw position packets so the server would calculate those
@@boiiboii7348 I know. I don't play competitive games but I feel bad for people dealing with cheaters. learning hacking to ruin the fun is an asshole move
Better to take classes with knowledge you can reverse engineer just by looking at it. Yes you need to know assembly to reverse engineer in assembly