Reverse Engineering tutorial: Super simplified for beginners
Before diving into the topic of reverse engineering, lets first see what is engineering? In a nutshell, engineering is designing, planning, creating large structures & new products, solving problems in a constrained environment. Reverse Code Engineering(RCE) is just the opposite of it. In engineering, we construct/code/create things, while in reverse engineering, we deconstruct/decode stuff in order to understand its inner working & its layout. Newbies usually find a hard time regarding this subject, so I’ll try to introduce this subject according to the KISS(Keep It Simple Stupid) principle. Let’s dive into this reverse engineering tutorial & understand its more elaborative version from a software point of view.
What is Reverse Engineering in Software engineering?
Generally, there are many different meanings of the term “reverse engineering” -:
- First one: Doing reversing of the compiled software.
- Second one: Recreating the Database structure.
- Third one: Duplication of a 3-D structure by scanning them.
In the world of Software engineering, we will deal with the first one. In software engineering, we use to code/construct the software in order to perform a specific task. In this situation, we use to write specific instructions given to the computer, called “Source Code.” Now the question comes, “How can a computer understand code written in human language ?” Directly it CAN’T. So here the role of compilers come into play. A compiler is a program that converts source code written in a specific programming language to object code(in most cases).
So now what?
As we humans can’t directly read object code or binary code. Now if somehow source code is not available or lost! Then how can we edit the software? At this place, Reverse engineering comes into play. In Software Reverse Engineering, Reverse engineers use certain tools & tricks to attempt to obtain the complete/partial source code of “compiled software” then try to modify it according to our need(for example making a MOD of an app).
Why is Reverse Engineering Important & used?
Reverse Engineering is vital in order to understand how the software works, malware analysis, to do security analysis of software, website or an app, to debug an application, to learn how the code works behind the scenes, to fix particular errors, to make an app forcefully behave in a certain way(to get unlimited money, life, fuel, etc in games). Out of these uses, some are considered ethical, while others are not-so-ethical. For programmers, debugging is VERY crucial as excellent debugging skills means able to quickly resolve any bug & fix it & for people like me(gamers)-: to get unlimited money, life, gems in games.
Is Reverse Engineering illegal or legal?
Well, it depends upon where reverse engineering is used i.e. where you use RE in the above cases. As out of those uses, some are considered ethical, while others are not-so-ethical. If you are using it to learn how stuff works, to fix bugs, etc then it’s perfectly fine. But if you are using RE for hacking some Copyrighted software or spying on someone without his/his concern then it becomes illegal (for obvious reasons).
Advantages and disadvantages of Reverse Engineering
- Helps in improving the security of software.
- Reduces the risk of vulnerability in a program that can be misused by “Bad Hackers.”
- You can customize the program as per your requirement.
- A great learning tool.
- To impress others 😉
- Initially difficult to learn & apply this skill.
- Unavailability of various tools & scripts for newbies as various reverse engineering tools and scripts are NOT in the public domain.
- Requires in-depth knowledge of various things.
- Debuggers and disassemblers can’t fully convert binary to its original state, especially when the code is obfuscated.
Benefits of Reverse Engineering software
- Helps in enhancing the security of an application.
- Helps in development of emulators.
- Plays a big role in Malware analysis.
- Plays a crucial role in the development of Anti Viruses & Anti Malware.
How to learn software reverse engineering?
This is probably the most asked question asked by many people & I use to see this question on various hacking forums frequently. Every skill is art so is this
- Programming language(like C/C++, Java)
- Assembly language(MUST)
- Knowledge of various tools
- Last but not least, Something between your ears- Brain 😉
Good news is that you need not necessarily require this great deal of knowledge to begin this journey. Don’t worry I will help you out to begin your journey (to the point as much as I know).
Reverse Engineering tools for windows
To perform the certain type of operations in Reverse Engineering you must be familiar with these tools-:
- Disassembler-: Disassembler is a complete opposite of assembler i.e it is a program that attempts to convert machine language code (binary) to assembly language(ASM). Disamsseblers might able to fully or partially convert code i.e there is no 100% surety of the conversion. This type of reversing tools are widely used to reverse exe, dll, apk in Windows XP, 7, 10 or Linux.Example of disassembler is-:
- IDA Pro(Interactive Disassembler)
- Debuggers-: Debuggers are like a diamond for a reverser. Debugging tools are one step ahead of disassemblers, after analyzing the binary they allow the reversers to step through the code i.e running 1 line at a time. To be an efficient reverser you should have a decent grasp of the fundamentals of a debugger. Examples of debugging tools for Windows are-:
- Hex editors-: Hex editors are also valuable reverse engineering tools. Its full form stands for “Hexadecimal Editor”. A hex editor is a program that allows a user to see the actual bytes of a binary & manipulate them according to our needs. Examples of Hex editors are-:
- Protection Scanners-: Many times the software which you want to reverse is protected by “Packers” and/or “Protectors”. Then you need to first unpack the protection, in order to do so, you first need to know what type of Packer an app is using. Protection Scanners do this work for us. Examples of Packer detector are-:
- Various other tools-: These are the tools that make the life of a reverse engineer a little better. These tools can be very helpful often times. Examples-:
- System Monitoring Tools-: Regshot & Procmon
- Scientific Calculator (Windows Scientific Calculator is enough)
- Unpacking Scripts & Unpackers
- ASCII Table
- And many more
ALSO READ-: Click to view an in-depth article on 12 Best software Reverse engineering tools.
How to reverse engineer an app?
Now comes the really interesting stuff! To be a successfully reverse engineer an app or apk or any other application, there are several steps that needed to be followed. The path by which a particular app/apk is cracked varies from app to app & its protection. A trick used to crack one app may not be applicable to another. So it’s important to have good knowledge of various tricks. Now I’ll tell you GENERALIZED technique to reverse an app successfully-:
- Scan the particular app or apk with protection scanner in order to know if it is protected by another protector or not.
- If software or app is protected, then you must first remove that protection [Unpacking]. (Nowadays apps are protected by multiple layers of protection to protect it from reverse engineering)
- After removing the protection, load the software in the debugger (such as Ollydbg or IDA Pro).
- With the help of debugger make necessary changes in the program. (this is one of the toughest parts)
- Save the program & Enjoy!
Notice-: This is just a generalized approach which works on almost 70% of the programs you will encounter. Also if you want to see a practical tutorial then click here.
Wrapping it up!
Finally, it’s over! Now if you have made till here, then now you have a good overview of Reverse Engineering, it’s importance, Various RCE tools, Debuggers, How to take the first step in the world of Reversing. I tried to make it simple & effective especially for beginners & I hope you would have learned something useful from this article but most importantly enjoyed reading it.