What is reverse engineering?
Reverse engineering is the process of dismantling a piece of software, electronics, or any object to get the design or knowledge of the object. A simple example: food can be reverse engineer to get the recipe. PCB can be reverse engineering to get the layout file. Software can be reversed engineer to get the algorithm, the key, the bug, etc. In the context of software: reverse engineering can be interpreted as reading code and usually the code is in machine language. Some tools allow us to return some machine language code back to source code, but in many cases we need to read code that is close to machine language (assembly / byte code).
What is the purpose of RE software / hardware?
There are lots of RE goals, some good and some bad, some of them
Understand file formats (for example OpenOffice does RE to be able to read Ms Office formats that have not been documented)
Understand network protocols (for example how to make the WhatsApp client open source)
Cracking software: making patches and key generators
Looking for a software algorithm
Looking for a software bug
Extract keys from hardware (for example Wii and PS3 cases)
Understand the old software so that it can be made a new version
Can I find a job with RE knowledge?
Outside Indonesia there are many special jobs that only use RE knowledge, for example: Malware Analysis, Reverse engineering hardware, Reverse engineering software. But in Indonesia (as far as I know) this work is usually included in the scope of penetration testing. If you don’t want to work for an Indonesian company, there are plenty of remote jobs that can be done in the RE field.
Does RE always read machine language?
What does RE have to do with exploits?
Exploit is a way to exploit bugs, usually the exploits are in the form of program code (although there are exploits that can be directly done with a browser or manually with telnet / nc). To make an exploit, we first need to find the bug. How to find bugs is done with RE. In addition to pure RE, fuzzing is usually done, meaning the application is given a variety of input combinations to crash, then RE is used to evaluate whether the crash can be exploited. In most exploits we need to know the exact memory layout. This can be obtained by RE executing the executable file.
What does RE have to do with cryptography?
Many soft and normal software uses cryptography. Understanding cryptography is needed to dismantle this kind of program. For example: certain games use encryption to protect data files from being easily changed. Ransomware (malware that encrypts victim files) uses cryptography to encrypt victim files. From the RE analysis it can be concluded whether there is a bug so the key can be obtained, or indeed impossible (please read my writing about unbreakable encryption). Various protocols also use encryption (for example, various chat protocols). Understanding cryptography is needed to understand programs that use such a protocol.
What does RE have to do with security in general?
As explained earlier: RE is used to write exploits and analyze malware, and in general many hacking tools are generated from the RE process. To be able to pentesting certain software (for example: mobile app with custom signing and custom SSL Certificate Check) RE expertise is required. Without this testing can not be done properly.
is topic X included in the reverse engineering topic?
Often beginners join the reverse engineering group, don’t want to read what reverse engineering is, then ask about: SQL injection, website hacking, etc. It’s easy if it’s not related to reading and understanding the code then it’s outside the RE topic. Questions about: how to hack Facebook is not a RE topic. How to dismantle / understand Facebook APK / IPA is a RE topic. SQL Injection is not a RE topic, but if we have application code (either binary or source) and we find out if there is an RE bug by reading the code then it’s the RE topic.
I have an application, how do I start the application RE?
There is no short answer to this. Must know: what application for the operating system, what version, made with what, etc. This is the same as asking: how to replace the hard disk on a laptop, must know: what brand, what year model, etc.
What is the basis for reverse engineering?
The main basis needed is the ability to program. The maximum RE tool can only return to the original source code (if lucky), and if there is protection, then we usually deal with machine language or bytecode. Example: If an application is given in .NET (which is not protected), we can easily generate code in C
`As an analogy: previously explained that RE can also be applied to the field of cooking, from what the recipe is looking for. Well imagine you can’t cook at all and don’t know the herbs, but try to make a food recipe that you taste. Maybe for simple cases (boiled eggs, sunny side up eggs) the recipe can be obtained, but as the menu gets more complicated, it becomes increasingly impossible to understand the recipe. The language that needs to be learned is according to what you want to reverse, for example you want to reverse Android so learn Java language. For reversing code in machine language, it is better to use C language