Saturday, December 18, 2010

Reverse Engineering

What Is Reverse Engineering?
In the software world reverse engineering boils down to taking an existing  program for which source-code or proper documentation is not available and  attempting to recover details regarding its’ design and implementation. In  some cases source code is available but the original developers who created it  are unavailable.
Software reverse engineering is a purely virtual process, involving only a CPU, and the human mind which integrates several arts: code breaking,  puzzle solving, programming, and logical analysis.

So what are the common applications of reverse engineering in the software  world?
Malicious Software:-
Developers of malicious software often use reversing to locate vulnerabilities  in operating systems and other software. Such vulnerabilities can be used to  penetrate the system’s defense layers and allow infection—usually over the  Internet.
At the other end developers of antivirus software dissect and analyze every malicious program that falls into their hands. They use reversing  techniques to trace every step the program takes and assess the damage it could cause, the expected rate of infection, how it could be removed from  infected systems.

Auditing Program Binaries:-
With open-source software, having open access to the program’s source code means that certain vulnerabilities and security holes can be discovered very early on, often before malicious programs can take advantage of them. With proprietary software for which source code is unavailable, reversing becomes a viable (yet admittedly
limited) alternative for searching for security vulnerabilities.

Reversing in Software Development:-
Reversing is incredibly useful to software developers. For instance, software developers can employ reversing techniques to discover how to interoperate with undocumented or partially documented software.
Many software companies(few are very well known) use  reversing techniques for extracting valuable information from a competitor’s  product for the purpose of improving their own technologies.

Finding crack:- hackers generally use reverse Engineering technique to make a crack/keygen  of any software.

Types of Reversing:-
Reversing can broadly be divided into two phases:-
System-level reversing:- This is a kind of large-scale observation of the earlier  program,System-level reversing techniques  help determine the general structure of the program .
It involves running various tools on the program and utilizing  various operating system services to obtain information, inspect program executables, track program input and output, and so forth. Most of this  information comes from the operating system.
Code-level reversing:-
Code-level reversing is really an art form. Extracting design concepts and algorithms from a program binary is a complex process that requires a mastery  of reversing techniques along with a solid understanding of software development, the CPU, and the operating system.
Code-level reversing observes the code from  a very low-level, and we’ll be seeing every little detail of how the software operates.
What you should know before starting?
1)     A solid knowledge of how Different Operating system works specially in low level.
2)     You should be very good in Assembly programming language
Read  The Art of Assembly Language by Randall Hyde.
3)   Good knowledge of 8085/86 microprocessor programming
4)   Not to forget good knowledge of C is also required
The Tools you can use:-
ü      Disassemblers
ü      Debuggers
ü      Decompilers

More on these tools I will be discussing in next part of this article. If you like this topic then don’t forget to post your comments. Till then bye… and stay tune with hackingheart