A FORMAL INTRODUCTION WITH REVERSE ENGINEERING

 

When I was a kid I had the habit of or say the passion of opening up machines and looking inside with deep enthusiasm the parts and particles inside. Even the battery used in torchlight couldn’t escape. And in this process many a times I ended with mending some of my toy cars and breaking down our old radio, VCR several watches and many and took some really memorable electric jolts. So before becoming nostalgic let me come to the topic and here we go.. 

What is reverse Engineering?
Often stated in EULAs (End User Licence Agreement) as being forbidden, however it is rarely ever “defined” Reverse engineering is the process of extracting the knowledge or design blueprints from anything man-made or sometimes natural. The concept of reversing has been around since long before computers or modern technology, and probably dates back to the days of the industrial revolution or may be even before.

Like software engineering, software reverse engineering is a purely virtual process, involving only a CPU, and human intelligence. Reverse Engineering understands how a proprietary piece of software works. Software reverse engineering integrates several arts: code breaking, puzzle solving, programming, and logical analysis. All this stuff makes reversing quite interesting. Try and you will realize.

Uses

Generally, there are two categories of reverse engineering applications: security-related(both good and bad) and software development–related.

Reversing in Software Development

Reversing can be incredibly useful to software developers.Software developers can employ reversing techniques to discover how to interoperate with undocumented or partially documented software. In other cases, reversing can be used to determine the quality of third-party code, such as a code library or even an operating system. Finally, it is sometimes possible to use reversing techniques for extracting valuable information from a competitor’s product for the purpose of improving your own technologies.

•Reverse engineering is usually applied to large legacy systems to make them easier to understand and maintainand to increase the potential for continued evolution.

• Learning from others’ products of a different domain or purpose.

•Reverse engineering techniques can enable the study of advanced software approaches and allow new students to explore the products of masters.

• Discovering features or opportunities that the original developers did not realize. Code complexity can foster new innovation. Existing techniques can be reused in new contexts. Reverse engineering can lead to new discoveries about software and new opportunities for innovation.

Reverse Engineering in the Computer Underground
• Cracking software copy protection
   a) PC software and games
   b) modding the Xbox and Playstation
• Exploit development
   a) Hackers, botnets, spyware
• Reversing undocumented DOS and Windows API
   a) Virus writers
   b) Spyware, key loggers, malware

Reverse Engineering in the Security Industry
• Virus and malware analysis in Antivirus and Anti-Spyware companies
• Patch analysis, vulnerability analysis in Intrusion Detection System(IDS) and Intrusion Prevention System(IPS) companies
• Binary code auditing for discovering new vulnerabilities
• Exploit development in penetration testing
• Interoperability and undocumented APIs

Tools of the trade

In a traditional software developing compilers, assemblers, and linkers are used by themselves or in combination to create executable programs. In order to reverse engineer programs we use tools to undo the assembly and compilation processes .Such tools are called dissemblers and decompilers, and they do pretty much what their names imply. A disassembler undoes the assembly process, so

We should expect assembly language as the output (and therefore machine language as input). Decompiles aim to produce output in a high-level language when given assembly or even machine language as input.

Some Reverse engineering tools
•IDA Pro
•BinDiff
•WinDbg
•SoftICE
•OllyDbg
In the later issues I will try to give more advanced details in this subject and cover some interesting issues of information security .Till then keep innovating.