Introductory Bootcamp On Software Reverse-Engineering, Cracking, and Counter-Measures
Overview
This class is centered around an introduction to the world of disassembling software. It will cover the basics of the x86 assembly language, and progress to how that knowledge can be used to circumvent software protections. No knowledge of assembly, reverse engineering, or software cracking is required, but students should be comfortable with a high level language of their choice.
The course begins with an introduction to the computer architecture and data representation concepts necessary for understanding assembly. From here, the class will introduce students to the basics of programming in x86 assembly, including syntax, registers, memory models, the most common x86 instructions, and machine code representations. With help from the instructions, students will write, build, and debug x86 assembly programs. More advanced topics, including logic structures and function calls are covered next. Collectively, this will provide students with the requisite background experience to read and understand the disassembly of closed-source programs.
The class then progresses to reverse engineering applications using the industry-standard IDA Pro. Students will become familiar with the IDA interface, control flow analysis, and debugging, progressing to proficiency in dissecting functions and reverse-engineering closed source programs, culminating in cracking an introductory key-gen problem.
Advancing to more complex programs, the class will examine how compiler settings impact the reverse engineering process. With additional hands-on labs, students will get comfortable analyzing more complex, optimized, and statically stripped binary executables.
Next, the class introduces binary patching as a means of circumventing software protections. In a series of progressively more challenging labs, students will remove and circumvent key checks by directly modifying binary executables.
Progressing to real-world problems, the class will introduce fundamental strategies in reverse engineering, including how to quickly find key points of interest and how to infer meaning from control flow and high level patterns. This section culminates in cracking a complex, real world program, using the techniques learned so far.
With an understanding of the offensive approaches to software cracking, the class next examines cracking from a defensive perspective. Defensive techniques from obfuscation to software blacklisting will be discussed, followed by an examination of real world software protection tools. In class exercises, students will get hands on experience protecting a simple game, followed by an exploration of techniques for overcoming the protections.
The class will wrap up with a discussion of the legal issues involved in software cracking. We'll discuss legal ways to gain experience in cracking, and conclude with a final series of hands-on exercises cracking real world programs
Who Should Take this Course
From security professionals to hobbyists, this course is for anyone who wants to learn to take apart, understand, and modify black-box software.
Student Requirements
Students should have basic coding knowledge in any procedural programming language. The class will cover all the necessary background on assembly and reverse engineering.
What Students Should Bring
Students should bring a laptop with Virtual Box installed, and at least 50 GB of free disk space. VMs with examples, tools, and exercises will be distributed in class via USB sticks.
What Students Will Be Provided With
Printed slides; USB stick with complete software cracking environment, including tools, sample code, lab material, and challenges
Trainers
Stephanie Domas is vice president of research for MedSec, a cybersecurity research company formed exclusively to serve the health care industry. Ms. Domas joined MedSec in 2018 after serving as lead security engineer for Battelle's suite of cyber security services for medical devices. She is a member of several AAMI and UL working groups, contributing to security guidance and standards for medical devices, a registered professional engineer (PE), and a certified ethical hacker (CEH). Ms. Domas has given a TEDx talk on medical product security and publishes articles on medical cybersecurity topics. She is also an adjunct faculty member at the Ohio State University, where she earned a degree in Electrical and Computer Engineering.
Christopher Domas "@xoreaxeaxeax" is a cyber security researcher and embedded systems engineer, currently investigating low level processor exploitation. He is best known for releasing impractical solutions to non-existent problems, including the world's first single instruction C compiler (M/o/Vfuscator), toolchains for generating images in program control flow graphs (REpsych), and Turing-machines in the vi text editor. His more relevant work includes the binary visualization tool ..cantor.dust.. and the memory sinkhole x86 privilege escalation exploit.