Commit 3c22122d authored by Ines Kramer's avatar Ines Kramer

updated README.md

parent 1928c8ad
# Reverse Engineering Example1
### Compile:
gcc example1 -o example1
g++ example1plus.cpp -o example1plus
### Analyse binary statically:
1. Use and check out options with man <command>:
file
readelf
strings
ltrace
strace
2. Try compilation with -m32 parameter and 'strip example1' and test again
3. Disassemble:
Use:
objdump
gdb -d
###
# gdb tutorial - change program flow
sudo gdb example1
info functions
dissamble main
break *main
dissamble secret
set $rip = <address of main>
info register
continue
# Reverse Engineering Tutorial Example1
### Try to figure out what the program is doing and catch the password
### Compile:
gcc example1 -o example1
g++ example1plus.cpp -o example1plus
### Analyse binary statically:
1. Use and check out options with man <command>:
file
readelf
strings
ldd
ltrace
strace
2. Compile for 32 bit architecture
sudo apt-get install gcc-multilib
Try compilation with gcc and -m32 parameter activated and 'strip example1' and test again
3. Disassemble:
Use:
objdump
or use gdb
disasssemble main
### GDB
### make your gdb more fancy displaying all registers
cd ~
wget -P ~ git.io/.gdbinit
## gdb tutorial - change program flow
1. Start gdb with binary
sudo gdb example1
2. Have a look to the functions
info functions
3. Disassemble main function
dissamble main
4. Disassemble secret function and extract first address
dissamble secret
5. Set a breakpoint to main function
break *main
6. Run program, should stop at break point of main functions
run
7. Modify program flow by changing instruction pointer to secret functions
set $rip = <address of secret>
info register
8. Continue program and check result
continue
# Reverse Engineering Tutorial Example1
### Try to figure out what the program is doing and catch the password
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment