Embedded Files
Overview
Overview
"Reverse Engineering in a CTF is typically the process of taking a compiled (machine code, bytecode) program and converting it back into a more human readable format. Very often the goal of a reverse engineering challenge is to understand the functionality of a given program such that you can identify deeper issues." - CTF101
Binary exploitation challenges, otherwise known as pwning challenges, require players to discover and exploit a vulnerability in a binary. Pwning challenges require many of the same skills as reverse engineering, and sometimes the two are lumped together, as we have done here.
Learning Resources
Learning Resources
Great book with step by step examples for binary exploitation, including a review of the C programming language for beginners
Available through the USF Library!
Download a VM with all the code!
An online interactive game where you work as a secret agent attempting to remotely hack a lock so other agents can steal stuff.
Teaches the basics of using a debugger for reverse engineering
A YouTube channel from Murmus, a WCSC alumni! He commonly does live streams and uploads videos of binary challenges and techniques.
Available on OverTheWire, the same site with the Bandit Linux challenges. Binary exploitation challenges with lots of links to useful reading material.
A list of tips from OTA CTF members, mostly focusing on reverse engineering and binary exploitation, plus a bit of crypto.
Tools
Tools
The GNU Debugger, GDB is a great tool both for debugging programs and reverse engineering them. Comes installed on most Linux distros.
A CTF framework for Python 2.7, it has many useful functions for CTF players, such as easy process management, networking, and exploit crafting. Use it to automate your exploits!
"A software reverse engineering (SRE) suite of tools developed by NSA's Research Directorate in support of the Cybersecurity mission." Open-sourced and completely free, definitely a tool you want in your toolkit
Check out a few useful tutorials at https://www.shogunlab.com/blog/
A reverse engineering platform that provides many useful features, such as the disassembly graph seen above. It costs money, but the demo is still pretty great for 32-bit ELF programs.
Radare2 is a extremely powerful debugger, disassember, and much, much more. However, it has a steep learning curve.
Check out the Radare2 book!
"A multi-architecture binary analysis toolkit, with the capability to perform dynamic symbolic execution"
A great tool for working on crackmes and other challenges.
Report abuse