Although revealing the secret is always an appealing topic for any audience, Reverse Engineering is a critical skill for programmers. Very few information security professionals, incident response analysts and vulnerability researchers have the ability to reverse binaries efficiently. You will undoubtedly be at the top of your professional field (Infosec Institute).
It is like finding a needle in a dark night. Not everyone can be good at decompiling or reversing the code. I can show a roadmap to successfully reverse the code with tools but reverse engineering requires more skills and techniques. Software reverse engineering means different things to different people. Reversing the software actually depends on the software itself. It can be defined as unpacking the packed, disassembling the assembled or decompiling the complied piece of code termed as software. Some people have also named it as Auditing the Binary or Malware Analysis. This depends on the motive. Before we jump into more details, let’s highlight some pre-requisites of software reverse engineering.
Pre-requisite in Software Reverse Engineering
Most importantly, you should be a programmer who understands the basic concepts of how the software world works. It is like driving your car in reverse gear and reaching home without accidents! So yes, it’s not an easy job and it requires practice. Understanding following requirements is fundamental in reversing any piece of code.
001 – You should be good in at least one programming language so it could be C++.
002 – Understanding assembly language is the key to success in reversing the code and reaching the target. Understanding of stack and memory works, types of registers and pointers are the important factors.
003 – Which DLL is mapped to which statement is very important.
004 – Try identifying the algorithms used and drawing the map of them.
005 – Performing crash analysis to identify bugs, understanding the functionally of the software code by applying the hit and miss rule.
006 – Identifying files used.
007 – Identify variables used in the code, this is very important.
008 – Most importantly is Vulnerability Analysis, this is applicable when you are trying to modify the normal behaviour of the code. |