You are on page 1of 7

REVERSE ENGINEERING:AN EXPLORATION FROM OUTPUT TO INPUT

Throughout the history of invention furious minds have sought to understand the inner workings of their gadgets.whether investigating a broken watch, or improving an engine,these people have broken down their goods into their elemental parts to understand how they work.This is Reverse Engineering(RE), and it is done every day from recreating outdated and incompatible software , understand malicious code or exploiting weakness in software.

what is Reverse Engineering?????


The concept of reverse engineering as applied to computer software refers to a variety of practices undertaken to understand how a software program is built and how it achieves its functionality. In the finished state of a computer software consist machine readable object code that is not meaningful to as comprehensible by humans. Most software is sold or leased to end- users in object code form. In the typical software process, programmers write code in a programming language using alphanumeric characters that can be understood by a person familiar with the language.This form of the program is referred to as SOURCE CODE.After the source code is written, it is translated by a COMPILER program into the machine-readable object code. In order to understand the ideas and Innerworking of a computer program ,one must therefore obtain either the original source code or detailed specifications from the programs developer .if these cannot be obtained ,it becomes necessary to understand a process of independen tly decompiling the object code back into source code. On Contrast,

Reverse Engineering is the decompilation of any application regardless of the programming that was used to create it, so that one can acquire its sources code or any part of it
Or Simply.

Reverse Engineering is the exploration of object code to source code of a software.

USE OF REVERSE ENGINEERING:


Reverse Engineering can be applied to many areas of computer science , but here a couple of generic categories: ->Making it possible to interface to legacy code (where you do not have the original code source). ->Breaking copy protection This means disabling time trials, defeating registration, and basically everything else to get commercial software for free. This we will be discussing at great length. ->Studying virus and malware Reverse engineering is required because not a lot of virus coders out there dont send instructions on how they wrote the code, what it is supposed to accomplish, and how it will accomplish this (unless they are really dumb). This is a pretty exciting field, but requires a great deal of knowledge. ->Evaluating software quality and robustness. Using this processwe can evaluate software security and vulnerabilities. When creating large (think Windows Operating Systems), reverse engineering is used to make sure that the system does not contain any major vulnerabilities, security flaws, and frankly, to make it as hard as possible to allow crackers to crack the software. ->Adding functionality to existing software.

KNOWLEDGE REQUIRED:

As you can probably guess, a great deal of knowledge is necessary to be an effective reverse engineer.Fortunately, a great deal of knowledge is not necessary to begin reverse engineering. Initially,one should at least have basic knowledge of how program flow works (for example, you should know what a basic ifthen statement does, what an array is, and have at least seen a hello world program).Secondly, becoming familiar with Assembly Language is highly suggested.In addition, a lot of your time will be devoted to learning how to use tools.These tools are invaluable to a reverse engineer, but also require learning each tools shortcuts, flaws and idiosyncrasies.Finally, reverse engineering requires a significant amount of experimentation; playing with different packers / protectors/ encryption schemes, learning about programs originally written in different programming languages

What kinds of tools are used?


Reversing is all about the tools.The following sections describe the basic categories of tools that are used in reverse engineering: SYSTEM-MONITORING TOOLS: System-level reversing requires a variety of tools that sniff,monitor,explore and otherwise expose the program being reversed.Most of these tools display information gathered by the operating system about the application and its environment.because almost all communications between a program and the outside world go through the operating system. DISASSEMBLERS: Disassemblers attempt to take the machine language codes in the binary and display them in a friendlier format.An example for disassembler is IDA(there is a free version available http://www.hex-rays.com/) DEBUGGERS: Debuggers are the bread and butter for reverse engineers. They first analyze the binary, much like a disassembler Debuggers then allow the reverser to step through the code, running one line at a time and investigating the results. This is invaluable to discover how a program works. Finally, some debuggers allow certain instructions in the code to be changed and then run again with these changes in place. Examples of debuggers are Windbg and Ollydbg. TYPICAL EXAMPLE:
what comes in our minds, when we hear reverse engineering,is cracking. cracking is as old as theprograms themselves.to crack a program mean,to trace and use a serial number or any other sort of registration information, required for the proper operation of a program.therefore,if a shareware program requires a valid registration information, a reverse engineer can provide that information by de-compiling a particular past of the program. Even though we are starting with very little knowledge, I did want to give you at least a little taste of reverse engineering.Here i include a resource tool called XN Resource Editor(you can download it from http://www.4shared.com/file/FcjKWtH2/xn_resource_editor_3001.htm) It is freeware. Basically, this program allows you to see the resource section in an exe file, as well as modify these resources. I have found that you can have an awful lot of fun with these- they allow you to change the menus, icons, graphics, dialogs, you name it, in programs. Lets try one ourselves First, run XN. Click on the load icon on top, and click over to Windows\System32\ and load calc.exe (youre default windows location may vary.) You should see a bunch of folders available:

You can see that there are folders for Bitmaps (any graphics the program displays), Menu (the top menu items), Dialog (dialog boxes, along with text and buttons), String Table, IconGroup etc. You should feel free to mess around with these things. Just make sure to save it as a different file (you would hate to have to re-install windows just for the dumb calculator). In particular, try this: Click on the plus next to Menu. You will then see a folder with a number as a name. This is the ID that windows will use to access this resource in the program. Open this folder as well. You should now see an icon for English (United States) or something like this. If you click on this you will see a diagram of what the menu will look like (you can even click around- it works just like a real menu).

Now, click on the menu option Scientific. The Caption field should change to &Scientific. The ampersand is there to tell you what the Hot-Key is, in this case S. If instead we wanted the e to be the hot-key, it would look like this Sci&entific. So already, dont like the built in hot -keys for calc? Just change them!! But lets do something different.In the Caption field, replace the &Scientific with &Nerd. This will now change the menu option to Nerd and use the hot-key N (I looked through the other options in the menu to make user no other menu option used N as a hot-key). You should do this for all of the menu entries. Now, go up to File (in XN Resource) and choose Save As Save your new version of calc to a different name (and preferably a different location) and then run it.

fast payday loans Of course, you dont have to stop there. In order to drive my coworkers nuts, I changed all of the numbers in their calcs.

As you can see, the skys the limit.

It is freeware. Basically, this program allows you to see the resource section in an exe file, as well as modify these resources. I have found that you can have an awful lot of fun with these- they allow you to change the menus, icons, graphics, dialogs, you n ame it, in programs. Lets try one ourselves

Scope:
Our major goal will be the ability to RE any computer application and to be able to partially understand what happens in a program. Everyone should be able to perform RE techniques and achieve certain simple tasks. In particular we will focus on: The inputs and outputs of a computer How the OS (Operating System) works Analyze an executable file Assembly and Disassembling Commercial and Freeware Tools for RE Advanced techniques for RE

Ethics:
Most commercial programs (if not all), are protected by copyright laws that prevent unauthorized usage, duplication or reproduction of the packages (including hard copies). This does NOT apply for reverse engineering the compiled code of these programs. In other words, one cannot possibly prevent users from reversing his program since there is no regular or consistent way to reverse a program.

reference:
1)Reverse Engineering in computer application by fotis fotopoulous. 2)REVERSING-Secrets of Reverse Engineering by Eldad Eilam foreword by Elliot chikofsky.