Slashdot Mirror

← Back to Stories (view on slashdot.org)

Learning Reverse Engineering

Posted by michael on from the click-and-drag dept.

TheBoostedBrain writes "Mike Perry and Nasko Oskov have written a very complete article about reverse engineering. It provides an introduction to reverse engineering software under both Linux and Windows."

11 of 211 comments (clear)

  1. Betting pool anyone? by Surak · · Score: 3, Insightful

    How long before this site is taken down for DMCA violations?

    --
    My journal has hot /. gossip.
  2. Good info by melete · · Score: 2, Insightful

    I'm not sure that their claim that anyone who's read a "How to Learn [C|C++|Java|*] in nn Days" should be able to follow the article is correct, but it's a good intro nonetheless. The section on binary formats (ELF, etc.) is particularly useful.

  3. Re:DMCA i.r.t. Reverse Engineering by Surak · · Score: 2, Insightful

    The letter of the law means nothing when Microsoft/SCO/**AA/All that is evil in the world/etc. sicks a team of lawyers on the poor unsuspected guy who posted it. It's not what the law is, it's how much money you can spend on lawyers. Haven't you figured that out yet?

    --
    My journal has hot /. gossip.
  4. Immature by mslinux · · Score: 5, Insightful

    Quote from the introduction of the book:

    "We don't know about you, but to us, software that we don't have source code to just pisses us off. So we figure: screw it, lets do some damage. :)"

    Cheap comments like this really degrade this book.

    1. Re:Immature by peachpuff · · Score: 2, Insightful

      I believe those are known as "jokes."

      --
      -- . . ramblin' . . .
  5. Re:README: From the Authors by Dunkalis · · Score: 3, Insightful

    Nobody should use RAR. WinZip opens tarballs properly. Every OS on earth has the ability to open tarballs, and they are better. gzip has better compression, you never get the weird problems you get with unzip, etc. So be intelligent and think before you call something like RAR a standard. Zip works fine, but if you're aiming for 100% cross-platform, tarballs are king. PS: Tarballs are used on every Unix and Unix clone OS in existence, not just Linux.

    --
    Slashdot is a waste of time. I enjoy wasting time.
  6. 3 cheers for Nasko and Perry (and SIGMil) by cfoster611 · · Score: 2, Insightful

    These are cool guys, I've gone to a few of their SIGMil meetings. Its cool to think i've partied with some guys who've been slashdoted (also perry TA'd a class i took in the fall). Nasko likes to hit on my girlfriend (tho he's only seen her twice).

    Good job guys! Keep it up!

    They also run the most excellent ACM Special Interest Group at U of Illinois- Urbana Champaign. Anybody who's interested in this kind of research should check it out when they host meetings in the fall.

    --
    --- Kicking the Cheat since late 2002
  7. Re:really dumb question... by Anonymous Coward · · Score: 1, Insightful

    wget -r -l2 http://www.acm.uiuc.edu/sigmil/RevEng

    and join the html files to make your own

  8. Banned from bibliographies by yerricde · · Score: 3, Insightful

    Is it supposed to cause certain groups of people to turn their noses up at this? What group would that be?

    How about the "I'm not going to cite this book in a bibliography because I cite only works that I would recommend to fellow professionals, who by the way do not appreciate obscene humor in the context of their jobs" group?

    I can't think of any group or person with that reaction who would be of the inclination to reverse engineer things.

    You mean like Compaq? Lots of Big Corporations(tm) reverse-engineer their competitors' products in order to learn how to interoperate. Such reverse engineering is exempt to an extent from the DMCA's circumvention ban (17 USC 1201) when under the supervision of an entity that can fund a legal defense.

    --
    Will I retire or break 10K?
  9. Re:DMCA i.r.t. Reverse Engineering by yaphadam097 · · Score: 2, Insightful
    First I thought black box testing was testing specifically without knowledge of the internals of the system ie. you provide input after independently calculating the answer and then see if the output is the same as your expected answer. If you do it enough times and the answers are the same as your calcs then you can rely on the black box.

    You are correct for the most part. What I was talking about was the circumvention of copy protection for the purpose of performing testing. I suppose it would have been more correct to refer to grey box testing because you are more likely to have to do this then. However, there are times where some circumvention of copy protection which would violate the DMCA is necessary even for black box testing. (In order to do white box testing you have to actually have the source code, which means you would have to completely reverse engineer the whole app. At that point it is usually easier to write your own.)

    Second, you may have missed the bit in the standard warranty and EULA that says the vendor accepts no responsibility if the software doesn't do what they say it will do let alone what you expect. Whether they stand up in court or not the vendor probably sees more l;oss in pirates than in claims for faulty software.

    No, I didn't miss that. One of the reasons that EULAs don't always hold up in court is that this type of clause (e.g. "It doesn't actually have to do what you paid for it to do.") doesn't fool judges very often. The more likely reason that software companies aren't afraid of litigation is that they are so rich from peddling their vaporware that they can afford to hold such litigation up with motion after motion while simultaneously lobbying for crap like the DMCA, but that is just my opinion.

  10. Re:DMCA i.r.t. Reverse Engineering by PickyH3D · · Score: 1, Insightful

    This is freedom of speech; they cannot go after this because this is simply documentation of a theory. This is a simple, general guide that does not target specific programs.