(Part 2) Top products from r/ReverseEngineering
We found 17 product mentions on r/ReverseEngineering. We ranked the 37 resulting products by number of redditors who mentioned them. Here are the products ranked 21-40. You can also go back to the previous section.
21. IFit Module
Sentiment score: -1
Number of reviews: 1
Connects equipment to your online iFit account and lets you download workouts directly. Equipment automatically adjusts the resistance, incline/decline, and speed. Connects to a vast library of programs including Google Maps, training with Jillian Michaels, competitions with iFit community members, ...
22. A Bug Hunter's Diary: A Guided Tour Through the Wilds of Software Security
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
23. The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler
Sentiment score: 1
Number of reviews: 1
24. Hacking: The Art of Exploitation, 2nd Edition
Sentiment score: 1
Number of reviews: 1
No Starch Press
25. Hacking: The Art of Exploitation w/CD
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
26. DCE/RPC over SMB: Samba and Windows NT Domain Internals
Sentiment score: 0
Number of reviews: 1
Used Book in Good Condition
27. Advanced Compiler Design and Implementation
Sentiment score: 1
Number of reviews: 1
28. Elliptic Curves: Number Theory and Cryptography, Second Edition (Discrete Mathematics and Its Applications)
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
29. Windows® Internals: Including Windows Server 2008 and Windows Vista, Fifth Edition (Developer Reference)
Sentiment score: 1
Number of reviews: 1
Book is in excellent Condition
30. Making Software: What Really Works, and Why We Believe It
Sentiment score: 1
Number of reviews: 1
O Reilly Media
31. Secure Coding: Principles and Practices
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
32. Introduction to Lattices and Order
Sentiment score: 1
Number of reviews: 1
Used Book in Good Condition
33. The Undecidable: Basic Papers on Undecidable Propositions, Unsolvable Problems and Computable Functions (Dover Books on Mathematics)
Sentiment score: 1
Number of reviews: 1
I started from scratch on the formal CS side, with an emphasis on program analysis, and taught myself the following starting from 2007. If you're in the United States, I recommend BookFinder to save money buying these things used.
On the CS side:
On the math side, I was advantaged in that I did my undergraduate degree in the subject. Here's what I can recommend, given five years' worth of hindsight studying program analysis:
Final bit of advice: you'll notice that I heavily stuck to textbooks and Ph.D. theses in the above list. I find that jumping straight into the research literature without a foundational grounding is perhaps the most ill-advised mistake one can make intellectually. To whatever extent that what you're interested in is systematized -- that is, covered in a textbook or thesis already, you should read it before digging into the research literature. Otherwise, you'll be the proverbial blind man with the elephant, groping around in the dark, getting bits and pieces of the picture without understanding how it all forms a cohesive whole. I made that mistake and it cost me a lot of time; don't do the same.
That is a great list, just a few random comments.
Basics for discrete math, 6.042 is a nice resource, it has a free full open text book. While it's actually simpler than most of your links it actually gives a nice introduction to some of the formalisms you'll run into later.
CLRS is an amazing reference for just about anything you need. It's not a nice introduction to things but it will easily save your behind as a reference in a pinch.
My one real disagreement is your suggestion of abstract algebra book, I'm a fan of Algebra by artin. It's a bit rough, but you can usually pick up older versions fairly cheap and it comes with course notes. It can come with it's ocw counterpart. It's how I learned, and i personally think it's one of the better resources out there.
The more mature version of cousot's class is 6.820 which is a fairly good class but can actually take a while to get through the material if you don't have a friend to do it with. If you get through it, you will have one hell of a base.
For crypto, since i do love crypto probably a bit different, Stanford is a great class I suggest looking at My suggestions, start with
Number Theory and Cryptography is one of the best books I've read on EC yet. It's approachable and actually does an amazing job. If you want checks with it, try the psets here
Just a few supplementary suggestions.
You gave a great list, an absolutely a amazing roadmap
If anyone has any trouble with something in the walk-through as far as needing clarification or they are attempting to do it themselves and find I messed up somewhere, please let me know! Thank you.
The binary can be found on my github: https://github.com/emtuls/ctf/tree/master/2018-hacktober.org/Binary_Analysis/binaries -> Larry.out
For anyone that needs resources for learning Reverse Engineering, I can provide you with a baseline that I would recommend starting with. Eventually, I plan on making my own set of tutorials...but that's in the works.
x86 Assembly:
If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.
A few good books would be:
Hands On:
Courses:
Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.
To make a long story short, at a quick glance I see:
He has created a hashing function by shuffling the character map used in a base64 encoding.
He proposes running a file containing a list of your literal string list through this application command line app, which outputs a header file, like this, ready to include containing the encoded strings and decryption key (Base64 character map) defined as macros.
The generated macros defines take this format:
define INTRO_STRING GetDecryptedString("UCcFEN/FEN/cMv19EmJpl4kpEm1NgYiGebj3")
Critique:
This looks to accomplish it's task of providing obfuscation literal strings. There could be a number of different ways to accomplish this with varying pros and cons. Other strategies may already exist, be easier, and have polished tools.
One pro of this approach is that the strings are not decrypted until used. That could also be a con since each string must be decrypted each time it is accessed.
Another possible con is that the key must be kept with the encoded hashes, but possibly the whole idea was to just withhold the key, but this would likely make the code uncompilable or function incorrectly depending on how the strings are used and handling is done without a key.
Securely encrypted strings seems to not be a requirement of this project. Since that is the case, it seems the shuffling of the base64 seems a pointless step that merely forces possessors of the code to do more than just plot the string in an online base64 decoder. One could more easily just plop plain base64 in there and avoid the extra complication or just escaping the strings in an escaped hex representation Like this:
"\x32\xA9\xD9" see MSDN C++ Character Constants
Good enough security is all we can hope to obtain{1}, so if it accomplishes the security requirements needed, then it is a success.
Qualifications:
I have been programming C++ for nearly 20 years and working as a C/C++ Windows, Linux, and embedded device programer for more than 10 years. Probably not a very good critiquer.
{1} Secure Coding: Principles and Practices by Mark G. Graff and Kenneth R. Van Wyk
I think most is kind of a rough statement. Granted there were some truly gifted people in the 70's that rocked our world.
I think we have a LOT of research papers that we sift through and the legacy papers tend to stay highlighted in time. I can imagine if you sifted through everything that existed back then, you may be saying something similar.
I've found a few great ones and if you are heavy into software engineering, you may share the enthusiasm towards a book that came out several years ago: Greg Wilson - Making Software: What Works and Why we Believe it
He also has a talk where he references some of those papers: Greg Wilson talk
He comes off strong, but he backs it with research which I appreciate. It's more about bringing data to the table if you have something you'd like to discuss. Somewhat heavy handed, but there are good papers that I've read referenced there.
The continual evaluation of Conways law and it's research still holding true today is something that I continually enjoy (Although originating from a 1967 study reinforcing your point of seminal papers from that era)
I agree with Centurion89, but as an addition — if you want a good old fashioned book — check out Hacking: The art of exploitation by Jon Erickson. The title put me off at first, as it sounded a bit script kiddy-ish, but after having read a bit I find it very good.
Its focus is not reverse engineering per se, but it walks you through writing your first C program, disassembling it, explaining what happens where in memory. Very well explained. It has a lot of networking stuff that might not be that interesting from a reversing perspective, though.
I've skipped ahead while reading in the bathroom, legs falling asleep, and I found a part where you write a small web server and exploit it. What I found a bit impressive (Well, I might be easily impressed) is how the author walks you through improving the exploit.
At first, it gives you a shell, but leaves obvious lines in the server log and hijacks the main loop, refusing more connections. It is shown how to fix that, integrating manipulation of the log writing code and making the exploit code jump back to the main loop after doing it's dirty deal so the web server can start accepting connections again.
Disclaimer: I'm obviously very new to this too, and there probably are better books for reversing, but I think basic principles shared in this book also might be useful from a reversing perspective.
I have some knowledge on assembly and RE (Win32), but I never really got that much deep into it. I learned things as I needed in order to do my stuff.
I think the important thing here is to have a solid understanding of the architecture you're working on (for example x86/x86_64), the OS internals, and C. Without this you are going to have a very unpleasant and even painful experience.
If you don't have it yet, take the time and learn it, and then go back to RE. It will be worth it and save you a lot of effort. If you already have it, then things shall come easier to you.
If you are using Windows, I highly recommend David A. Solomon's and Mark Russinovich's Windows Internals book. It's an unmatched resource about Windows and will help you greatly.
Hewardt also made the Advanced .NET Debugging book which is pretty great for that type of debugging.
https://www.amazon.com/Advanced-NET-Debugging-Mario-Hewardt/dp/0321578899
"Source code fuzzers". Wow. Unless you're fuzzing a compiler/interpreter, it doesn't make any sense at all. Really, you should start by finding in Google about the subject.
In any case, I recommend you to read the book "The art of software security assessment" [1] and a Bug Hunter's Diary[2].
[1] http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426
[2] http://www.amazon.com/Bug-Hunters-Diary-Software-Security/dp/1593273851
/u/igor_sk and /u/andyac posted some great resources. I'd also like to point out that the IDA Pro Book goes into more than a few details about embedded firmware reversing throughout the book.
See also:
http://www.amazon.com/DCE-RPC-over-SMB-Internals/dp/1578701503
This is still one of my all time favorite books in R.E.
Have you worked through the loop detection in the Dragon Book? There are some slides on it here:
http://www.cs.cmu.edu/afs/cs/academic/class/15745-s03/public/lectures/L7_handouts.pdf
Does anyone have any experience with the serial protocol on iFIT modules like this one? I'm specifically trying to RE the serial protocol out of the module on the "BRAIN" connector of the treadmill mobo. I've seen telnet hacks, but you have to subscribe to a service to even configure wifi on the stupid thing.