Self-Learning Reverse Engineering in 2022
Рет қаралды 362,083
Күн бұрынThere exist some awesome tools nowadays to accelerate your self-education for reverse engineering. godbolt and dogbolt are amazing to quickly learn basic assembly and reversing.
Compiler Explorer: godbolt.org/
Decompiler Explorer: dogbolt.org/
C code example: github.com/LiveOverflow/liveo...
Introducing Decompiler Explorer - binary.ninja/2022/07/13/intro...
00:00 - Intro
00:23 - Motivation
01:00 - How to c?
02:11 - godbolt Basic Usage
03:40 - Function Call on x64
04:30 - Intel vs ARM assembly
05:22 - godbolt Compiler Options
05:50 - Enable gcc O3 Compiler Optimization
06:35 - Decompiler Explorer dogbolt
07:16 - Comparing Decompiled main()
08:25 - Outro
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
@LiveOverflow Жыл бұрын
Sometimes I'm streaming on Twitch: www.twitch.tv/liveoverflow
@mindlab369 Жыл бұрын
What kit do I need to purchase to practice Side Channel attacks if I don't want to spend hefty money on xilinx FPGAs?
@jhbonarius Жыл бұрын
C and especially C++ developers are actually using compiler explorer for _forward_ engineering. I.e. during development they try optimizations there and see what the compiler makes of it, before putting the best version in their code. It's an amazing tool Matt Godbolt brought into the world.
@TheBackyardChemist Жыл бұрын
Oh absolutely
@SamirPatnaik Жыл бұрын
I hope he gets rich out of it, somehow.
@jhbonarius Жыл бұрын
@@SamirPatnaik well, not rich no. It's more of a hobby project that has grown out of bounds. But he's become pretty famous in the C++ community.
@user-lb1ib8rz4h Жыл бұрын
i mean you don't need that tool, you can do the same locally
@OCEAN-fc9wl Жыл бұрын
Ew c++
@TheBackyardChemist Жыл бұрын
Step 1: pick a target that is not written in C++ with Boost and Qt and built with O3+LTO...otherwise you will spend months reversing the
@InfiniteQuest86 Жыл бұрын
Lol we've all been there.
@c0smo709 Жыл бұрын
@@InfiniteQuest86 no we havent, noob
@InfiniteQuest86 Жыл бұрын
@@c0smo709 Lol! Nice one!
@c0smo709 Жыл бұрын
@@InfiniteQuest86 thanks bro appreciate it
@martysh1226 Жыл бұрын
@@c0smo709 what a nice and friendly interaction
@zanidd Жыл бұрын
Your videos (in particular the binary exploitation playlist) have been a huge help in my cybersecurity career. Thank you very much ❤
@MattGodbolt Жыл бұрын
Thanks for the great shout out! This is a great introduction to Compiler Explorer in general!
@diegocastillo6470 Жыл бұрын
I started learning assembly code and disassemblers a couple months ago, with the help of the book "Hacking The Art of Exploitation", really good book but the assembly part was really hard of me. I tried to follow on my computer but had many many issues, got frustrated and just let it go. A couple weeks ago I took it upon myself to read it again, and now I got it a little bit better. For some reason assembly is still challenging for me, but no matter how frustrated you get, take some time, breath, stop for a couple hours maybe days and then try to resume. Would have loved to have this video before. Amazing, thank you so much.
@babbalaminou7697 Жыл бұрын
The best intro to assembly is from the book Practical Malware Analysis. Check out the Assembly crash course section
@root_etikit3658 Жыл бұрын
Perfect timing. I've been working my way through Practical Malware Analysis, this will be of great help! Thank you.
@revebbever7723 Жыл бұрын
Thank you so much. This simple overview was what i needed to look into reverse engineering. Assembly code doesn´t look that scary anymore!
@logiciananimal Жыл бұрын
Thanks for the info about the decompiler collection. What a gift to the community!
@weinihao3632 Жыл бұрын
Maybe it's worth mentioning that the intermingled output of source code and assembly can also be achieved (and in fact this is for sure what happens in the background on that website) with objdump -S , if the binary was compiled with debugging enabled. So, even if you are somewhere without internet or don't want to share the code you are working on with whoever is running that website, you can still conveniently self-learn reverse engineering in 2022.
@coder_rc Жыл бұрын
The one thing to remember while learning reverse engineering is that there are a lot of things that you won't get when you try the first time and it's fine. You also have to have a lot of patience since the process of learning reverse engineering can be extremely frustrating and it can make you give up on 5 out of your 10 projects. Always remember that theory will beat practice. Have a goal in mind why you want to learn reverse engineering as that will give you a clear idea of the platform on which you will be working. For example, I want to be a Vulnerbility Researcher and find 0 days on Windows so I would learn all the basics of reverse engineering simple programs on Windows, how to debug them, the tools necessary and I would read through ctf writeups and try stuff on my own. After clearing this up, I would try to increase my level and try malware analysis as it would give me clear understanding of software protections, debugging and understanding a program when almost nothing about the program is known. Then I can proceed to learn about different kinds of vulnerabilities and how they are found and so on.
@flirtyemy042 Жыл бұрын
This is me right now. I’m into malware dev. and most times i need to reverse Engineer the binary I’m writing to see how it’s been executed in memory but just can’t seem to wrap my head around the assembly codes
@Jonathan-ng4vw Жыл бұрын
@@flirtyemy042 How you learn malware dev. it means what is your resources to learn this.
@coder_rc Жыл бұрын
@@flirtyemy042 the best way to learn assembly is to write own programs and see what assembly code is generated in disassemblers or you might just try making a small project in assembly. You can sort of cheat by just learning about the most commonly used assembly instructions.
@flirtyemy042 Жыл бұрын
@@Jonathan-ng4vw Check out Sektor7’s malware dev course for a start. It’s really good. You can then follow it up with the intermediate and then evasion courses
@flirtyemy042 Жыл бұрын
@@coder_rc I think I’ll check out the tools in the video. At least they’ll help highlight each instruction in assembly. Thanks
@martint1775 Жыл бұрын
If one is interested in Reverse engineering themselves, I would highly recommend the book "Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software". It can be found online using a bit of googling. I just finished a course with the name Reverse Engineering and Malware Analysis and there we used this book. This course was obviously heavily focused on how windows malware works and can be detected through different means, but reverse engineering was a big part of it.
@jebactychpolicjantow5497 Жыл бұрын
A more abstract book would be Practical Reverse Engineering by Alexander Gazet and Bruce Dang. Especially if you don't want to go into malware analysis specifically.
@forbiddencake3989 Жыл бұрын
Leaving comment for ref. Thanks to you both
@younes3573 Жыл бұрын
Thx
@alimamulma3sum14 Жыл бұрын
Any link for the course? Thanks.
@chasemedsker Жыл бұрын
Bookmark
@lightblue254 Жыл бұрын
I love you! Thank you so much, this helps a lot in learning how to get sharper and started! :)
@astr4liteEx Жыл бұрын
+rep godbolt love, didnt know asm like 2 weeks ago, watched a few vids to briefly get a hang of what it does (alot easier than what i wouldve thought actually), then used godbolt to more understand what my code does at a lower level, its really nice being able to look at asm and be able to tell what it does, especially when u can hover over parts of asm and it highlights the code responsible for it! its been a real help. documentation helps alot to for checking out odd looking functions that ive never really seen before :D 10/10
@miranda92051 7 ай бұрын
This video is actually really, really good. Thank you!
@yashwardhanchavan6153 Жыл бұрын
I am currently following along the binary exploitation series and these tools will really help me out, thanks for the video.
@knopix Жыл бұрын
Thanks a lot for providing this 💖
@teddythobane2636 Жыл бұрын
Reversing is a way of life, and it takes time, but is very rewarding once you get the hang of it. Great video as always, sir.👌
@JoseAndCode Жыл бұрын
Can you explain the rewards you have experienced
@TienNguyen-ky4dx Жыл бұрын
what do you learn this for? Bug bounty?
@teddythobane2636 Жыл бұрын
@@JoseAndCode being able to fully understand software at the lowest level. That enables you to come up with clever ways of using (or exploiting) the software. I'm explaining in the context of software, but, really, this applies to any system that you manage to reverse-engineer :)
@teddythobane2636 Жыл бұрын
@@TienNguyen-ky4dx There are a whole host of reasons why one might learn reversing. It might be for compatibility or interfacing purposes, for vulnerability research and/or exploit development, for software development (finding out how someone else implemented some or the other component or system and try to do it yourself while inferring from what they did), malware analysis, etc.
@nczioox1116 Жыл бұрын
What are some good ways for a total beginner to get started? Ive seen some beginner videos but they all seem to intermediate levels and theres only a handful of them out there it seems
@rivhaaken9763 Жыл бұрын
Thanks Liveoverflow!
@-_-Girthbrooks-_- Жыл бұрын
Every hacking inquiry I have leads to a video made by you ❤. Keep up the great work.
@thezar86 Жыл бұрын
Started with your binary exploitation playlist and now working in cyber security. Thank you LiveOverflow!
@rafikkaddour8704 Жыл бұрын
Same here, so greetful for the awesome content
@humanxoxo4 8 ай бұрын
whats your roadmap sir?
@sihmy9870 Жыл бұрын
I swear I asked myself this question today Morning & here you are with this video
@daljeetbhati8353 Жыл бұрын
Loved background and editing
@yuriimynash6118 Жыл бұрын
Nice video I was searching for that
@user-ff4np7uy5r 16 күн бұрын
Nice video, it helped me a lot.
@PedroLucasbp Жыл бұрын
Very nice! Thank you ❤️
@korilcrave2783 Жыл бұрын
IT'S REALLY USEFULL... thankyou Febian...
@black_platypus Жыл бұрын
OMG! godbolt and dogbolt are so beautiful and helpful! 🤯
@albuslee4831 Жыл бұрын
this was interesting, didn't thought I would watch the whole thing through
@fugoogle_was_already_taken Жыл бұрын
We practiced reverse engineering by rewriting the simple basic utils like cat and tee from their asm dumps. That and also writing some assembly code is helpful
@cinageransayeh Жыл бұрын
Thanks for the video it was exciting.
@daljeetbhati8353 Жыл бұрын
Love your videos watching stream
@Aswin0x Жыл бұрын
This is what i need for past couple of weeks 😂❤️
@blaisetelfer8499 Жыл бұрын
Good content. Reverse engineering is how I got started; after taking classes on a language or doing YT tuorials of a certain framework, I'd clone a large GitHub repo to my desktop and toy around with it. See what I could add, see what made it break, read the errors after each save. That method was just as valuable, if not more so, than the classes themselves.
@hellopleychess3190 Жыл бұрын
I was confused about the "language"
@sliceoflife5812 Жыл бұрын
15secs in and I'm already in agreement with your view of an abstract concept.
@EscolaFreiMarcos2023 Жыл бұрын
Thanks, really helped
@eno88 Жыл бұрын
Weird. Just what I was looking for and you posted it 🤔
@adityagiri353 Жыл бұрын
weird. Same case here 🤔
@CoreDreamStudios Жыл бұрын
Subbed, this was very useful. :)
@smart_bar Жыл бұрын
wow, thank you, it's amazing
@pandatech3245 Жыл бұрын
Exactly the video I needed
@MadBuddhaAbuser Жыл бұрын
Great video man. Love the way u pronounce array.
@ZachHixsonTutorials Жыл бұрын
Literally could not have come at a better time. I've been itching to dive into contributing to Metaforce (reverse engineering of Metroid Prime) and have been scratching my head not knowing how to get started
@drygordspellweaver8761 Жыл бұрын
any forums or discord groups for such projects?
@Louganda Жыл бұрын
@@drygordspellweaver8761 nintendo 😮
@soaphornseuo8630 Жыл бұрын
Great resource
@a1esandra Жыл бұрын
stumbled on this vid expecting wires n bits n even tho i hate assembly this is so cool
@SmokelessMeme Жыл бұрын
Much love from the H1Emu team. (Reverse engineering H1Z1)
@NaNNaN-sh4vz 11 ай бұрын
thank you so muuch
@TemurSolief Жыл бұрын
Thanks a lot.
@WistrelChianti Жыл бұрын
Thanks!
@ananthuskumar1286 Жыл бұрын
Thanks mahn
@lancemarchetti8673 Жыл бұрын
Excellent
@zedeleyici.1337 Жыл бұрын
amazing 👀
@Snowflake_tv Жыл бұрын
Thanks alot
@Me.n_n Жыл бұрын
Very nice 👍 thanks ^_^
@giteshtripathi9911 Жыл бұрын
Awesome man That's what heroes do
@johndoe-xz2en Жыл бұрын
Thank you for your efforts. Your channel is one of the best on KZfaq.
@linuxinside6188 Жыл бұрын
Was
@johndoe-xz2en Жыл бұрын
@@linuxinside6188 I am new in reverse engineering and for me, this channel gives a lot of information in a very basic way.
@bva1092 Жыл бұрын
Useful
@PowerKuy Жыл бұрын
Cool
@m.alexbenny4500 Жыл бұрын
Your videos are just amazing. It encourages me to learn more and more. And you look a little like Christian Slater from Mr. Robot 😅
@ravikiranramachandra1000 Жыл бұрын
Crazy channel I came across
@chukwu_9 Жыл бұрын
I don’t even know how to get started
@katkatfarkat Жыл бұрын
the title so dope
@kingofgods2071 Жыл бұрын
Compiler explorer is actually a really good tool. like if you get cursor to stuff you dont know what it means it will show description of what it is like cmp, rbp and so on. thanks btw didnt knew about this tol.
@komismo Жыл бұрын
OllyDbg and IDA is waving
@Facebook-sk2iy Жыл бұрын
i love your videos specially the binary exploitation serie so can you do some videos about int overflow and int overlow to RCE
@LiveOverflow Жыл бұрын
Checkout the PwnAdventure series. I believe it was the fire and ice challenge
@ParallaxThe Жыл бұрын
Godbolt is great for just learning programing in general
@LukeAvedon Жыл бұрын
Wow I did not know about dogbolt
@NiranjanND Жыл бұрын
Good
@hendriksahertian5525 Жыл бұрын
now my mind is blow up
@restcure Жыл бұрын
Must say, the cover of your computer would make a great album cover.
@bobbobson1555 Жыл бұрын
purchases I made was soft soft. I knew it was my passion but I was just stuck because of trauma I couldn't deal with. Now that I'm at a
@markaltmann583 Жыл бұрын
My man looking more and more like Mr. Robot
@Adowrath Жыл бұрын
Hey! I know you're generally focusing on Reverse Engineering programming code, but I was wondering if you have any experience and or helpful tools on learning how to reverse engineer a file format? I've been working on somehting in my past-time but my best approach was just trying to write parsers for the files in question in Haskell (using Megaparsec), which doesn't lead to a quick analysis cycle having to rebuild the program, running it and either handling a huge print output or navigating bit by bit into the data structures to figure out what came out.
@user-bi7cs2rq1i Жыл бұрын
You can reverse the format by reversing part of software that reads/writes said format
@ziadalaoui2461 Жыл бұрын
learning yourself is one of the best tools in the world of hacking
@cuty5372 Жыл бұрын
I gotta throw my University-Assighment reference Implementation in there, to compare it to my solution, to prove mine is better xD
@mohamedfatheem2872 Жыл бұрын
1st view 🤞Was waiting for this a long time…
@Jarvx 4 ай бұрын
I want to add that Chat GPT can also be an extremely useful resource for learning reverse engineering.
@kalakxfif9473 Жыл бұрын
I was wondering how software cracking works. Could you do a video on the basic idea?
@Someone-ve7yn Жыл бұрын
It's basically taking the binary itself and finding some opcode bytes to replace in order to make the software work without having a license for example. He has made a video on that topic if you want to see how it works kzfaq.info/get/bejne/gt9-rMlkurOdiZc.html
@Kabup2 Жыл бұрын
Ahhh memories... I used to just read the numbers, and I did know what was happening... No translation necessary.
@byteflowr912 Жыл бұрын
minor thing but there are some strikethroughs in the description
@drygordspellweaver8761 Жыл бұрын
It's the Eckhart Tolle of RE
@Backstabbio Жыл бұрын
Godbolt is cool unless you want to reverse Swift code into ARM64, then you're hooped. Got to do it using the Swift compiler
@suryasubedi2276 Жыл бұрын
To be honest i am learning reverse engineering currently (self) and worried that i cannot become one. But this single video give me a boost . Lets see what will happen in future
@nomms Жыл бұрын
Learn to code in C or similar then move onto reversing. It's a process
@suryasubedi2276 Жыл бұрын
@@nomms Thanks buddy And do you have any supporting materials that i am unaware off. If so plz reply me I will be waiting for it
@fareedfauzi7915 Жыл бұрын
The motivation will be on and off. Give yourself time. Fundamentals like C, asm, os architecture are important... RE skills is a self learning subject.. you need to keep on practice, research and repeat.
@suryasubedi2276 Жыл бұрын
@@fareedfauzi7915 Thanks pal
@Westsider26-op3ff 9 ай бұрын
Can one learn c++ and then learn assembly for reverse engineering without having to learn c? I want to reverse engineer c++ apps
@aziz0x00 Жыл бұрын
Nice fast video my friend hhhh
@AndreasWilfer Жыл бұрын
I know this is not a very informative comment but... this video is really good and unlike my comment, very informative.
@clusterfkRust Жыл бұрын
I’m moving to Sweden
@alexobzor Жыл бұрын
Can you please answer, how to get right tools for reversing. Because, i am newbie in this stuff. I found so many variants of gdb, i found radare2, that is a powerful framework but not without cons, i found ghidra and ida, and both of this gui tools great, and many more tools, including time travel deugging. It's blowing my mind, i can't choose between all of this, and have already spent so many time on googling all this programs. My goals is reverse engineering and binary exploitation, which stack of programs to choose ? Or how do i do it ? Help please..
@FromRootsToRadicals Жыл бұрын
Great tech explain.
@Key_Capz_ Жыл бұрын
The dog one hurts my eyes 👀
@tg7943 Жыл бұрын
Push!
@Pixdoet Жыл бұрын
reverse engineering looks kinda fun :)
@pastuh Жыл бұрын
Expect to see Denuvo games as playground..
@biehdc Жыл бұрын
Would still recommend Cheat Engine and, since it exists nowadays, Ghidra.
@arshia_arez Жыл бұрын
👍👍👍👍👍
@alpheusseabi6931 11 ай бұрын
Idk what that means but cool
@kRySt4LGaMeR Жыл бұрын
one of your chapters has a error it says "Enable gdb -O3 Compiler Optimization" i think you meant gcc
@chriscurry2496 Жыл бұрын
Why not use Ghidra? It's free and it does this as well, plus it's a much more powerful tool for when you get more advanced.
@snoopiiii Жыл бұрын
I might be nitpicking, but at 2:04 you said a (local) variable, isn't it technically a const(ant) here? It's not a variable type where it can be changed by the program unless it's self modifying code ofcourse. Just learning the basics of C and was wondering if I got it right, so it threw me a bit off :D
@Stormrage476 Жыл бұрын
I'm not exactly sure what you're getting at, but what makes you think this is a constant, as we don't really see the rest of the code? One way of thinking about constants in the context of C code might be a "const" variable, where the compiler /might/ optimize it so that the variable is essentially inlined (as in, for example a function call with the const value gets compiled without the variable on the stack, but rather compiled in as a constant to the function call). I'm not entierly sure how the C compiler handles it, but depending on the optimizations used non-const variables can also be optimized out (possibly not much differently than const variables). The volatile keyword in the example essentially prevents the compiler to apply such optimizations and (in this case) ensures the variable gets placed on the stack.
@StevenHay3 Жыл бұрын
I don't see anywhere they're declared as 'const', only 'volatile' which actually tells the compiler that the value of this variable may change at any time, esp. without any action from any visible code, and as such it shouldn't attempt to apply optimizations.
@snoopiiii Жыл бұрын
@@StevenHay3 But the assembly doesn't show it as a variable tho 🤔
@ratchy1231 Жыл бұрын
@@snoopiiii I think you're misinterpreting the assembly code. The line you're seeing is simply initializing the local variable with a constant value. You can also clearly see in the original C code that there isn't any constant, only variables with the "volatile" modifier applied in order to suppress compiler optimizations.
@StevenHay3 Жыл бұрын
@@snoopiiii I'm going to be honest, I don't know nearly enough about assembly to answer :( I hope you figure it out, though!
@its_fzx5275 Жыл бұрын
Amazing video liveoverflow!! But What if you are a very nooby and you don't even know anything about how computer hardware works like how cpu functions etc... I heard you mentioning some very intersting stuff like stack,heap etc... But really felt lost hearing them Can you maybe drop us a video for those how wanna get into the field but are struggling with such stuff and don't know what to learn in the beginning?
@its_fzx5275 Жыл бұрын
@@II_xD_II nope
@scottveron Жыл бұрын
Computer Architecture or Operating Systems courses
@malbacato91 Жыл бұрын
ironically the binary exploitation series is the best place to learn those things IMO. it's a bit old by now if you're used to new LiveOverflow production qualities, but the principles changed none at all. even if you don't care about all the exploitation stuff you can just ignore it cause honestly in the process of explaining how to break stuff LO made the best explanation of what said stuff even is, for x86 at least
@its_fzx5275 Жыл бұрын
Thanks to all of you guys for the awesome responses!💜
@mgtowgaming8070 Жыл бұрын
Game hacking is a pretty good way to learn reversing skills. It has well defined goals as well, like esp, aimbot, bhop, etc, which can be used to measure success.
@i_youtube_ Жыл бұрын
Could you please provide a tutorial link to understand what you mean by game hacking?
@kenzakishiro5110 Жыл бұрын
@@i_youtube_ check out guided hacking’s channel, it is all about game hacking and reverse engineering a game
@skejeton Жыл бұрын
please don't do multiplayer, maybe multiplayer with you the only player, because otherwise it's not fun
@boiiboii7348 Жыл бұрын
@@skejeton i would agree if bypassing anticheat was easy if ur mad about cheaters no matter how good they make their client-sided anticheat it will ALWAYS be possible to bypass it and all it takes is one public cheat to let in all the skids companies need to start focusing more on server-sided anticheat so even if the hacker(reverse engineer not skid) bypasses the client its still really difficult to cheat for example u can make an anti-esp by only giving the player data of players near the enemy (like in csgo), u can use AI to combat aimbot, u can make speed/jump hacks impossible by making the players' characters serversided so that the player sends "intention" packets instead of raw position packets so the server would calculate those
@skejeton Жыл бұрын
@@boiiboii7348 I know. I don't play competitive games but I feel bad for people dealing with cheaters. learning hacking to ruin the fun is an asshole move
@HA7DN Жыл бұрын
Wait, so now we can use the HexRays decomplier without IDA pro?
Low Level Learning
Рет қаралды 134 М.
Winderton
Рет қаралды 283 М.