Slashdot Mirror

← Back to Stories (view on slashdot.org)

Reverse Engineering Win32 Trojans on Linux

Posted by michael on from the clean-room dept.

slackrootcyc writes "A post (and previous article) give a detailed examination of the reversing process, using a trojan found in the wild. Later on in the story it discusses some techniques for reversing Windows-native code entirely under Linux."

3 of 86 comments (clear)

  1. On Mac OS-X by Anonymous Coward · · Score: 3, Interesting

    I know a Windows underground group which is converting M$ Windows trojans to Mac OS-X. They just think it's cool - that's their motivation. I don't see what's so cool in it..

  2. Re:Not a big deal. But could get expensive. by Ninja+Master+Gara · · Score: 3, Interesting
    Reverse engineering is protected indirectly by laws in other countries that override the EULAs, since those clauses are not valid under the state laws.

    Russian crackers would happily tell you all about this, just like they happily tell the owners of the software they've cracked when they're slapped with Cease and Desists.

    --

    ---
    When I grow up, I want to be a kid again.
  3. Re:Reverse engineering with WINE by IamTheRealMike · · Score: 5, Interesting

    Actually the missing parts of Wine are now mostly common controls or desktop components. For debugging low level stuff, Wine is invaluable as it can show you exactly what API calls a program is making, with parameters, filtered according to type.