Binary Reversing - Part 1

tags: ctf class zenhack binary reversing
by zangobot

You successfully downloaded “MoneySafeMultiplier.exe”, because you are an optimistic guy who firmly believes that evil things only happen in movies. Then, your computer is entirely encrypted, and you’re asked to send 100 Bitcoins to 3v1lH4ck3r to restore your files.

That’s incredible! Isn’t it?

If only you performed a static or dynamic analysis on that binary… which is the core of the third lesson: Binary Reversing - Part1.

Our commander-in-chief Giovanni Lagorio (zxgio) introduces the audience to Radare2, an open source software which is widely used in binary reversing.

It can disassemble a binary, attach to a debugger, emulate code, rename labels and so on.

Radare2 is hard to master, there are plenty of features that need to be explored.

But it is a shot worth taking.

zxgio used some simple binaries to show the potential of Radare2, they can be found on the internet as IOLI Crackme.

IOLI Crackmes are very useful to learn some binary reversing techniques, which don’t only concern Radare2, but the UNIX environment itself.

For example, use the strings command to search for a hardcoded password in the binary… :-D

Next lesson will cover other aspects of Binary Reversing. Until then, practice with Radare2 and have fun!



alt text

  • Radare2 is not an easy task…

alt text

  • Binary reversing is challenging!

alt text

  • Prof. Lagorio explains how things need to be done.

alt text

  • Thank you and see you soon!