의료 IT 공학과 조용석 교수 Reverse Engineering Introduction Reverse Engineering #2
What is Reverse Engineering?
Reverse Code Engineering Reverse Engineering is also known as RE or RCE RE: Reverse Engineering RCE: Reverse Code Engineering RE is the process of understanding an existing product Malware analysis( 악성코드분석 ) and security research often involves RE
Compilation Process( 컴파일 과정 ) Source CodeObject FileExecutable CompilationLinking Human readable text file Binary code with Readable symbols Binary code with no symbols Code Readability
Compilation Results
Uses of Reverse Engineering 악성코드분석 보안 / 약점 연구 Driver 개발 호환성 수정 Legacy application( 레거시 응용프로그램 ) 지원 Legacy application: 현재의 기술보다 이전의 언어와 플랫폼 기법으로 만들어진 애플리케이션과 데이터로 예를 들면, 윈도우 95 이상 OS 를 사용하고 있는 이때 DOS 와 윈도 3.1 응용 프로그램들 을 일컫는 말
Ethical and Legal Aspects
Legal Uses Reverse Engineering
Illegal Activities
Decompilation Process( 컴파일 과정 ) Disassembly Executable DecompilationDisassembly Reverse Engineer Readable Code Binary code with no symbols Code Readability Source Code Human Readable Code
Disassembly Results
Required Skills 일반적인 컴퓨터구조 지식 관련 프로세서에 대한 어셈블리어 프로그래밍 운영체제 (Operating Systems) 파일형태 (File Format) 자료수집 능력
사용되고 있는 도구들 (Tools) hex editor/viewer Disassembler Search Engine Debugger Script language
Getting Started Master your tools Identify the target binary format Identify the target processor Identify the target operating system …dig in and find out as much as you can….
Reverse engineering primary output 1.block diagram 2.schematic diagram 3.circuit board layout 4.Flowchart 5.operations manual
1.block diagram 의 정의 A diagram in which the essential units of any system are drawn in the form of rectangles or blocks and their relation to each other is indicated by appropriate connecting lines. A diagram of a system, in which the principal parts or functions are represented by blocks connected by lines, that show the relationships of the blocks. They are heavily used in the engineering world in hardware design, electronic design, software design, and process flow diagrams.diagramsystemhardware design electronic designsoftware designprocess flow diagrams Black box Data flow diagram
block diagram Symbol
1.block diagram
1.block diagram1
1.block diagram(Drawing)
2.schematic diagram A schematic diagram represents the elements of a system using abstract, graphic symbols rather than realistic picturessystemsymbols A drawing showing all significantcomponents, parts, or tasks (and their interconnections) of a circuit, device, flow, process, or project by means of standardsymbols. Schematic diagrams for a project may also be used for preparing preliminary cost estimates.drawingsignificantcomponentspartstaskscircuitdeviceflowprocessprojectmeansstandardsymbolscost estimates
2.schematic diagram
2.schematic diagram(Drawing)
2.schematic diagram(Drawing1)
3.circuit board layout
3.circuit board layout(Drawing)
4.Flowchart A flowchart is a type of diagram that represents an algorithm or process, showing the steps as boxes of various kinds, and their order by connecting these with arrows.diagramalgorithm process 간단한 Flowchart 의 예 )
4.Flowchart
4.Flowchart(Drawing)
5.operations manual