Reversing is a fundamental skill that requires understanding various low level concepts, both to uncover vulnerabilities as well as reverse algorithms. Within my time learning reversing, I've had to adapt my mindset to reading various patterns that assist me when playing CTFs or when doing my own independent security research. In this blog post, I will go over basic reverse engineering concepts and the methodology of what goes into it.
When reverse engineering is basically the process of tearing down software or hardware and analyzing its functions and information so that its functionality and behaviour can be better understood. To even begin looking at reverse engineering, we have to look at the various methods that can go into reverse engineering.
I'm not gonna go through the details of what and how a computer handles an executed program. That will be covered in a future post or a future tutorial which I will compile and go through in detail. I will go into reverse engineering a "hello world" program, compiled in x64, on my linux machine.
Take a look at the code below:
This is a simple "hello_world" program written in C. It simply prints out "Hello World!" on the command line using the puts() function. Looking at this program, it doesn't really do much. Let's start by first compiling this code into a working executable program that we will execute on our command line as well as debug. This tutorial is compatible on a linux system. You can apply the reverse engineering knowledge to a windows machine but for the sake of compilation, it is only linux based.
Copy this code and save it as "hello_world.c". After you do this, you can then use "gcc" which is a linux based compiler which will compile C programs in the terminal. To compile your "hello_world.c" program, the command is as follows:
gcc hello_world.c -o hello_world
Now that you have compiled the program, now its time to look at the assembly code of this program.