class: center, middle # Introduction to Reverse Engineering and Binary Exploitation --- # \#whoami - Nikolai Magnussen - Student at UiT - CTF Player - Coach for the national CTF team --- # Agenda - Concepts - Live RE101 - Reverse engineering techniques - Live RE201 - Recap - Resources ??? - First I will tell you about reverse engineering and binary exploitation and what that means - Then I will lead you through a gentle introduction to reverse engingeering (101) - We will perform some halfway evaluation and formalize some techniques - After which we will move on to somewhat more advanced live reverse engineering and exploitation - Recap of vulnerabilities, not realistic examples, but realistic concepts, and key takeaways - Resources to pursue more knowledge and practice your skills --- # The Arts of - Taking things apart - Misusing broken things ??? - We can call reverse engineering the art of taking things apart - And binary exploitation the art of misusing broken things - Generally, binaries are black boxes, and we don't know what it is doing necessarily - Reverse engineering means you try and pry those black boxes apart - We can discover security vulnerabilities by reverse engineering - Binary exploitation is the art of using those vulnerabilities to our advantage --- class: center, middle # Live RE101 ??? - Start with hello - then go on to system --- # Reverse Engineering Techniques - Static analysis - Dynamic analysis ??? - Static analysis would mean looking at assembly, pseudo-C or decompiled C - Dynamic analysis means instrumentation of the binary during runtime - Static tools: r2, ghidra, ida, objdump - Dynamic tools: tracers, ltrace, strace, ftrace, gdb, frida, ida, r2 - We often use both --- class: center, middle # Live RE201 ??? - Start with variable - then go on to return --- # Recap - Vulnerabilities discovered - Real-world impact - How can I write secure code? --- # Resources - Tools - Learn more - Practice ??? - Of tools, we have angr, frida, ida, r2, cutter, gdb, ltrace, strace, ftrace, and many, many others - Learn more at how2heap, reading CTF writeups, and reading blogs - Practice your skills by participating in CTFs, playing wargames. pwnable.kr, pwnable.tw, root-me.org, hackthebox, uithack repo, tghack repo, ctftime