52455645525345: Difference between revisions

From Chaosdorf Wiki
Jump to navigation Jump to search
m (Ich, ich!)
Tags: Mobile edit Mobile web edit
(38 intermediate revisions by 19 users not shown)
Line 1: Line 1:
{{Event
|Title=52455645525345
|Description=Reverse Engineering Workshop
|Type=Workshop
|Date=2017-01-15
|Start=18:00
|Host=barbieauglend
|isRelevant=Yes
}}
{{Project
{{Project
|name=52455645525345
|name=52455645525345
Line 17: Line 8:
|people={{U|barbieauglend}}
|people={{U|barbieauglend}}
}}
}}
{{Event
|Title=52455645525345
|Description=Reverse Engineering Workshop
|Type=Workshop
|Date=2018-07-16
|Start=18:00
|Host=barbieauglend
|isRelevant=Yes
}}
== ReVeRsE Engineering - Welcome to the page of the reverse engineering group! ==
Reverse Engineering PEs is fun! It's like a puzzle and if there is an algorithm out there that can solve this puzzle, it's your brain. =)
I, {{U|barbieauglend}}, would love to take a look at binaries with you and figure out together what the programs do. They are often a lot easier than you might think!


If you want to participate, you will need a laptop (with charger!) with a Windows 7 guest machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something! And if you have any questions, feel free to contact me under {{mailto|barbieauglend@chaosdorf.de}}.


<font size="3">ReVeRsE Engineering</font><br>
== Please read ==
Requirements:


<br>I am planning an workshop on reverse engineering PEs. Reverse Engineering PEs is fun! It's like a puzzle and if there is an algorithm out there that can solve this puzzle, it's your brain =)
- Virtual machine software (VMWare, VirtualBox etc...)
- Windows 7 guest system with IDA Pro (Free 5.0 is acceptable)
- Microsoft Visual Studio 2008 redistributable package


<br>I would like to take a look at one or two binaries with you and figure out together what the programs do. They are often a lot easier than you might think!
Let's dive into the blackhole of compiled code and understand the internals of the software running in our computer. It doesn't matter if you want to fix a broken gadget or save your files (now you know why to backup, right!?) from a ransomware, it is elementary to understand how they work. This is Reverse Engineering (RE), and it is done every day from recreating outdated and incompatible software, understanding malicious code, or exploiting weaknesses in software.


<br>If you want to participate, you will need a Laptop (with charger!) with a Windows OS virtual machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something!
We are going to try to cover topics like:


<br>I would send a week before also a pack list and some PDFs, so that you could get used to what we are going to do there.
* Uses for RE
* The tricks and pitfalls of analyzing compiled code
* Identifying calling conventions
* How to navigate x86 assembly using IDA Pro
* Identifying Control Flows
* Identifying the Win32 API
* Using a debugger to aid RE
* Dynamic Analysis tools and techniques for RE


I am going to bring some nice binaries which we can go through together. We are going to explore how static reverse engineering works and how can we use it to understand what a piece of malware does (hopefully).


== Participants (please register - max 8!) ==
== Participants (please register!) ==
* {{U|Ilias}}
* {{U|hanemile}}
* divado
* r2co
*ocyphert
* harryr


* D_Town
== Other related things ==
* <del>{{U|Plantprogrammer}}</del> (kein Computer zur Verfügung)
* [https://www.garykessler.net/library/file_sigs.html File signatures]
* sqrl
* [https://events.ccc.de/congress/2014/Fahrplan/system/attachments/2562/original/Funky_File_Formats.pdf File Formats]
* bullycamper
* [http://archive.hack.lu/2015/Albertini%20-%20Trusting%20files.pdf Moaaarr File Formats]
* {{U|Bison}}
* [https://pixl.dy.fi/posts/2018-01-22-reverse-engineering-basics-with-radare-fundamentals-and-basics/ Nice good to know before starting RE!]
* M3m0r3x
* newt
* winterfox
* {{U|YtvwlD}}

Revision as of 11:12, 16 July 2018

52455645525345 alpha
Ida.png
Reverse Engineering Workshop
Ort Chaosdorf
Beteiligt barbieauglend


52455645525345
Reverse Engineering Workshop
Art Workshop
Datum 2018-07-16
Start 18:00
Host barbieauglend
Relevant? Yes

ReVeRsE Engineering - Welcome to the page of the reverse engineering group!

Reverse Engineering PEs is fun! It's like a puzzle and if there is an algorithm out there that can solve this puzzle, it's your brain. =)

I, barbieauglend, would love to take a look at binaries with you and figure out together what the programs do. They are often a lot easier than you might think!

If you want to participate, you will need a laptop (with charger!) with a Windows 7 guest machine. If you don't have it or have problems organizing it, please let me know before the workshop =) We can manage something! And if you have any questions, feel free to contact me under barbieauglend@chaosdorf.de.

Please read

Requirements:

- Virtual machine software (VMWare, VirtualBox etc...) - Windows 7 guest system with IDA Pro (Free 5.0 is acceptable) - Microsoft Visual Studio 2008 redistributable package

Let's dive into the blackhole of compiled code and understand the internals of the software running in our computer. It doesn't matter if you want to fix a broken gadget or save your files (now you know why to backup, right!?) from a ransomware, it is elementary to understand how they work. This is Reverse Engineering (RE), and it is done every day from recreating outdated and incompatible software, understanding malicious code, or exploiting weaknesses in software.

We are going to try to cover topics like:

  • Uses for RE
  • The tricks and pitfalls of analyzing compiled code
  • Identifying calling conventions
  • How to navigate x86 assembly using IDA Pro
  • Identifying Control Flows
  • Identifying the Win32 API
  • Using a debugger to aid RE
  • Dynamic Analysis tools and techniques for RE

I am going to bring some nice binaries which we can go through together. We are going to explore how static reverse engineering works and how can we use it to understand what a piece of malware does (hopefully).

Participants (please register!)

Other related things