Shellmates, profile picture
Uploaded byShellmates
PPTX, PDF669 views

BSides Algiers - Reversing Win32 applications - Yacine Hebbal

Reverse engineering is the process of extracting design information from a man-made object by analyzing its structure, function, and operation. It can be applied to mechanical devices, electronic components, or software programs. Reversing software involves using disassemblers and debuggers to analyze a program's assembly code and observe the effects of instructions. It is used for security evaluation, defeating copy protection, and locating vulnerabilities. While legal for education, reversing software can enable illegal acts like password theft. Effective techniques include patching, password fishing, and keygenning. Protections like packers, protectors, and encryption can make reversing more difficult.

Embed presentation

Downloaded 33 times
1
What is reverse engineering ? Reverse engineering is the process of extracting the knowledge or design blueprints from anything man-made. 2
What is reverse engineering ? Reverse engineering can be practiced on: mechanical devices, electronic components, or software programs, and we will focus on reversing software programs Reversing applications can be seen as "going backwards through the development cycle”. 3
What is reverse engineering ? 4
Where do we need it? It is used for 1-Evaluating the level of security that the application provides 2-Analyzing and eventually defeat various copy protection schemes (cracking) 3-Locating vulnerabilities in operating systems and other software 4-Reversing Cryptographic Algorithms 5-Infecting application by viruses or to healing them from the infection 5
Is it legal ? It depends on why you are reversing software, it is legal for education purposes and illegal for stealing password and private information 6
Terminology Patching : A technique of modification of a program. Serial fishing : Finding the correct password for an application. Keygenning : Finding the algorithm that generate the password of an application. 7
So how to do it ? Software reverse engineering requires a combination of skills & tools So to do it we need: - Tools - Knowledge - A working mind , curiosity & the desire to learn 8
So how to do it ? Tools 1-disassemblers: are programs that let us get the assembly code from any application such as 9
IDA PRO DISASSEMBLER 10
OLLY 11
So how to do it ? Tools 2- Debuggers: they are programs that let us execute assembly code and see the results of any instruction IDA & Olly are also debuggers 12
So how to do it ? Tools 3-Hex editors: they show the content of any file (programs) in hexadecimal format, they allow us to modify instructions or to get some information (header information for ex) Ex: hex workshop 13
HEX WORK SHOP 14
So how to do it ? Tools 4- Other tools : We need also some other tools like : - Peid - ImpRec - metasploit - … 15
16
1- Patching applications Bypassing Authentication 17
2 - Password fishing Static passwords 18
3 - Password fishing Dynamic passwords 19
4 - Keygenning Create keygen 20
Some defense methodes To protect your application there is many defense methods such as: Packers Protectors Encryption algoritms … 21
Packers they compress the application so the constant like text for example will be changed, and they will be restored after the execution of the application so we can’t see theme before the execution Ex : UPX , Morphine , Aspack , FSG … 22
Protectors they are small programs fused with the application that can detect the debugger or the disassembler so they won’t let us reverse the application Sometimes we can find a packer and protector in the same time EX : YodaEncrypt , ARMprotect … 23
Encryption Also there are some other techniques like encrypting the password by using hash functions like MD5, SHA-1 … 24
Buffer overflow vulnerability Overview …. 25
Buffer overflow vulnerability Exploitation 26
Links: http://www.kromcrack.com/ http://tuts4you.com/ http://www.newbiecontest.org 27
Thank you For you attention 28

More Related Content

PPTX
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
ODP
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
byShellmates
 
PPTX
BSides algiers - Malware History - Sofiane Talmat
byShellmates
 
PDF
BSides Algiers - Normes ISO 2700x - Badis Remli
byShellmates
 
PPTX
BSides Algiers - Stuxnet - Sofiane Talmat
byShellmates
 
PDF
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
byShellmates
 
PDF
Atelier Python 2eme partie par Achraf Kacimi El Hassani
byShellmates
 
PPTX
Cryptography basics
byShellmates
 
BSides Algiers - Metasploit framework - Oussama Elhamer
byShellmates
 
BSides Algiers - Nmap Scripting Engine - Hani Benhabiles
byShellmates
 
BSides algiers - Malware History - Sofiane Talmat
byShellmates
 
BSides Algiers - Normes ISO 2700x - Badis Remli
byShellmates
 
BSides Algiers - Stuxnet - Sofiane Talmat
byShellmates
 
BSides Algiers - PHP Static Code Analysis - Abdeldjalil Belakhdar
byShellmates
 
Atelier Python 2eme partie par Achraf Kacimi El Hassani
byShellmates
 
Cryptography basics
byShellmates
 

Similar to BSides Algiers - Reversing Win32 applications - Yacine Hebbal

PPTX
Reverse engineering in software engineering vaibhav
byMani Kanth
 
PDF
Hacking with Reverse Engineering and Defense against it
byPrakashchand Suthar
 
PPTX
Reverse Engineering 101
byysurer
 
PDF
Software cracking and patching
byMayank Gavri
 
PDF
Demystifying Binary Reverse Engineering - Pixels Camp
byAndré Baptista
 
PPTX
Reverse Engineering - Protecting and Breaking the Software
bySatria Ady Pradana
 
PPTX
Reverse Engineering: Protecting and Breaking the Software
bySatria Ady Pradana
 
PPTX
Vulnerability, exploit to metasploit
byTiago Henriques
 
PDF
Cracking the mobile application code
bySreenarayan A
 
PPTX
Reverse Engineering.pptx
bySameer Sapra
 
PDF
Static Software Watermarking
byJames Hamilton
 
PDF
V4I5201571
bykrishan8018
 
PDF
Mobile Penetration Testing: Episode III - Attack of the Code
byNowSecure
 
PPTX
(Workshop) Reverse Engineering - Protecting and Breaking the Software
bySatria Ady Pradana
 
PPTX
Reverse Engineering: Protecting and Breaking the Software (Workshop)
bySatria Ady Pradana
 
PPS
Atul - Reverse Engineering v/s Secure Coding - ClubHack2008
byClubHack
 
PPS
Reverse Engineering v/s Secure Coding
byamiable_indian
 
PDF
Looking Forwards to Going Backwards
byJonathan Francis Roscoe
 
PPT
Reverse engineering
bySaswat Padhi
 
PPT
Protect Data in Your Software Client - Data Obfuscation
bySteven Davis
 
Reverse engineering in software engineering vaibhav
byMani Kanth
 
Hacking with Reverse Engineering and Defense against it
byPrakashchand Suthar
 
Reverse Engineering 101
byysurer
 
Software cracking and patching
byMayank Gavri
 
Demystifying Binary Reverse Engineering - Pixels Camp
byAndré Baptista
 
Reverse Engineering - Protecting and Breaking the Software
bySatria Ady Pradana
 
Reverse Engineering: Protecting and Breaking the Software
bySatria Ady Pradana
 
Vulnerability, exploit to metasploit
byTiago Henriques
 
Cracking the mobile application code
bySreenarayan A
 
Reverse Engineering.pptx
bySameer Sapra
 
Static Software Watermarking
byJames Hamilton
 
V4I5201571
bykrishan8018
 
Mobile Penetration Testing: Episode III - Attack of the Code
byNowSecure
 
(Workshop) Reverse Engineering - Protecting and Breaking the Software
bySatria Ady Pradana
 
Reverse Engineering: Protecting and Breaking the Software (Workshop)
bySatria Ady Pradana
 
Atul - Reverse Engineering v/s Secure Coding - ClubHack2008
byClubHack
 
Reverse Engineering v/s Secure Coding
byamiable_indian
 
Looking Forwards to Going Backwards
byJonathan Francis Roscoe
 
Reverse engineering
bySaswat Padhi
 
Protect Data in Your Software Client - Data Obfuscation
bySteven Davis
 

More from Shellmates

PDF
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
byShellmates
 
PPTX
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
byShellmates
 
PDF
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
byShellmates
 
PDF
Introduction à Python - Achraf Kacimi El Hassani
byShellmates
 
PPTX
HTML basics
byShellmates
 
PDF
BSides Algiers - Certification Electronique - Lilia Ounini
byShellmates
 
PPTX
JavaScript 1.0 by Zakaria Smahi
byShellmates
 
Malware Analysis par Mohamed Ali FATHI - BSides Algiers 2k15
byShellmates
 
BSides Algiers - Layer7 DoS Attacks - Oussama Elhamer
byShellmates
 
BSides Algiers - Linux Kernel and Recent Security Protections - Djallal Harouni
byShellmates
 
Introduction à Python - Achraf Kacimi El Hassani
byShellmates
 
HTML basics
byShellmates
 
BSides Algiers - Certification Electronique - Lilia Ounini
byShellmates
 
JavaScript 1.0 by Zakaria Smahi
byShellmates
 

Recently uploaded

PDF
IDSECCONF2025 - Aan Wahyu - Maze–Malware Analysis Platform.pdf
byidsecconf
 
PDF
November 2025 OpenMetadata Community Spotlight - Astronomer & Airflow 3
byOpenMetadata
 
PDF
IDSECCONF2025 - Budi Rahardjo - Cyber Security and AI.pdf
byidsecconf
 
PDF
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
PDF
Oracle MySQL HeatWave - Complete - Version 3
byLuca Bonesini
 
PDF
LVM Management and Disaster Recovery.pdf
byLinuxCert Guru
 
PDF
OutSystsems User Group Brabant November 2025
bymail496323
 
PDF
SELinux Basics: Managing SELinux Modes and Context - RHCSA+.pdf
byLinuxCert Guru
 
PDF
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
PDF
Raj Jain, Recent Advances, Issues, and Challenges in Cybersecurity, Keynote a...
byrjain51
 
PPTX
oop pillor polymorphism Code Presentation
byhifzamahmood8
 
PDF
IDSECCONF2025 - Rama Tri Nanda - Hunting Stingray GSM on Budget.pdf
byidsecconf
 
PDF
Mutation Testing for Industrial Robotic Systems (FMAS 2025)
bySylvain Hallé
 
PDF
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
PDF
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
PDF
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
PDF
Dev Dives: Build smarter agents with UiPath Agent Builder
byUiPathCommunity
 
PPTX
Understanding the digital experience of FE teaching staff in 2024/25
byJisc
 
PDF
THE THREATS OF INSTABILITY IN BRAZIL'S INTERCONNECTED ELECTRICAL SYSTEM AND H...
byFaga1939
 
PPTX
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 
IDSECCONF2025 - Aan Wahyu - Maze–Malware Analysis Platform.pdf
byidsecconf
 
November 2025 OpenMetadata Community Spotlight - Astronomer & Airflow 3
byOpenMetadata
 
IDSECCONF2025 - Budi Rahardjo - Cyber Security and AI.pdf
byidsecconf
 
Building a Multi-Tenant OpenShift Platform with HyperShift
byTosin Akinosho
 
Oracle MySQL HeatWave - Complete - Version 3
byLuca Bonesini
 
LVM Management and Disaster Recovery.pdf
byLinuxCert Guru
 
OutSystsems User Group Brabant November 2025
bymail496323
 
SELinux Basics: Managing SELinux Modes and Context - RHCSA+.pdf
byLinuxCert Guru
 
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
Raj Jain, Recent Advances, Issues, and Challenges in Cybersecurity, Keynote a...
byrjain51
 
oop pillor polymorphism Code Presentation
byhifzamahmood8
 
IDSECCONF2025 - Rama Tri Nanda - Hunting Stingray GSM on Budget.pdf
byidsecconf
 
Mutation Testing for Industrial Robotic Systems (FMAS 2025)
bySylvain Hallé
 
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
Top Crypto Supers 15th Report November 2025
byStephen Perrenod
 
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
Dev Dives: Build smarter agents with UiPath Agent Builder
byUiPathCommunity
 
Understanding the digital experience of FE teaching staff in 2024/25
byJisc
 
THE THREATS OF INSTABILITY IN BRAZIL'S INTERCONNECTED ELECTRICAL SYSTEM AND H...
byFaga1939
 
Support, Monitoring, Continuous Improvement & Scaling Agentic Automation [3/3]
byUiPathCommunity
 

BSides Algiers - Reversing Win32 applications - Yacine Hebbal

  • 1.
  • 2.
    What is reverseengineering ? Reverse engineering is the process of extracting the knowledge or design blueprints from anything man-made. 2
  • 3.
    What is reverseengineering ? Reverse engineering can be practiced on: mechanical devices, electronic components, or software programs, and we will focus on reversing software programs Reversing applications can be seen as "going backwards through the development cycle”. 3
  • 4.
    What is reverseengineering ? 4
  • 5.
    Where do weneed it? It is used for 1-Evaluating the level of security that the application provides 2-Analyzing and eventually defeat various copy protection schemes (cracking) 3-Locating vulnerabilities in operating systems and other software 4-Reversing Cryptographic Algorithms 5-Infecting application by viruses or to healing them from the infection 5
  • 6.
    Is it legal? It depends on why you are reversing software, it is legal for education purposes and illegal for stealing password and private information 6
  • 7.
    Terminology Patching : Atechnique of modification of a program. Serial fishing : Finding the correct password for an application. Keygenning : Finding the algorithm that generate the password of an application. 7
  • 8.
    So how todo it ? Software reverse engineering requires a combination of skills & tools So to do it we need: - Tools - Knowledge - A working mind , curiosity & the desire to learn 8
  • 9.
    So how todo it ? Tools 1-disassemblers: are programs that let us get the assembly code from any application such as 9
  • 10.
  • 11.
  • 12.
    So how todo it ? Tools 2- Debuggers: they are programs that let us execute assembly code and see the results of any instruction IDA & Olly are also debuggers 12
  • 13.
    So how todo it ? Tools 3-Hex editors: they show the content of any file (programs) in hexadecimal format, they allow us to modify instructions or to get some information (header information for ex) Ex: hex workshop 13
  • 14.
  • 15.
    So how todo it ? Tools 4- Other tools : We need also some other tools like : - Peid - ImpRec - metasploit - … 15
  • 16.
  • 17.
  • 18.
    2 - Passwordfishing Static passwords 18
  • 19.
    3 - Passwordfishing Dynamic passwords 19
  • 20.
  • 21.
    Some defense methodes Toprotect your application there is many defense methods such as: Packers Protectors Encryption algoritms … 21
  • 22.
    Packers they compress the application so the constant like text for example will be changed, and they will be restored after the execution of the application so we can’t see theme before the execution Ex : UPX , Morphine , Aspack , FSG … 22
  • 23.
    Protectors they are small programs fused with the application that can detect the debugger or the disassembler so they won’t let us reverse the application Sometimes we can find a packer and protector in the same time EX : YodaEncrypt , ARMprotect … 23
  • 24.
    Encryption Also there are some other techniques like encrypting the password by using hash functions like MD5, SHA-1 … 24
  • 25.
  • 26.
  • 27.
    Links: http://www.kromcrack.com/ http://tuts4you.com/ http://www.newbiecontest.org 27
  • 28.
    Thank you For youattention 28