Hacker News new | past | comments | ask | show | jobs | submit login
Reverse Engineering for Beginners [pdf] (beginners.re)
451 points by dennis714 on Nov 26, 2019 | hide | past | favorite | 49 comments



Some very serious work was put in writing this book. I admit I never fully read it from beginning to end, but from the parts I did read I think it is very well written.

My general advice for beginners who want to get into reverse engineering is to read less books, and try to actually reverse engineer small and self contained programs. Reverse engineering has been my job for many years now, but it still very difficult for me to consume a long text talking about a reverse engineering project without touching the code on my own.

If you are interested in a hands-on experience, I recently made a self learning kit for learning reverse engineering for beginners. It is called ReversingHero. (https://www.reversinghero.com). It is one binary file made of 15 levels of increasing difficulty, teaching reverse engineering. It works in Linux environment, on the x64 series, and can also be completed using WSL (Windows subsystem for linux).

ReversingHero also contains an accompanying (paid) video solutions. The video solutions contain 12+ hours of step by step solutions to all the levels.


Maybe you can make the "hex editor", "debugger" and "disassembler" bold words into links to good FOSS implementations of each tool?

Otherwise, this looks very interesting :)


I more or less compulsively downloaded this, and started skimming it. I'm not an assembly-language programmer, but I thought I at least knew how to read an assembly listing.

But right there on page 8, in the MIPS and ARM "functions that return a constant", is an example of "branch delay slots", which (a) I've never heard of, and (b) failure to grok them makes a two line function incomprehensible.

Fortunately, I like learning things.


Branch delay slots on MIPS come about because the instruction decoder already has the next instruction ready by the time the conditional runs. The architecture decides to unconditionally run this instruction instead of potentially throwing it away due to the results of the branch.


ISA's can get very complex very fast, so I would suggest, like the author wrote down in next sentence, to realize that some complexity is best left for a later time.

Now that I think about it, ISA's/assembly are a really good example of how lots of tiny small things combined can become really hard to understand fast.


MIPS’s choice to shove details from the instruction decoding pipeline into its visible execution model is still kinda annoying though…


Branch delay slot gives you something to do while you're not sure where you're going. In the best case, you don't take the branch, and you have made progress down the correct path without knowing that it was the correct path. However, it's not always possible to fill the branch delay slot with useful instructions, so a lot of the time it ends up just being a nop.



This looks like a great resource for beginners, albeit a bit dense and overwhelming.

If you're looking for a very gentle introduction the Lena151 video tutorials are great: https://tuts4you.com/e107_plugins/download/download.php?list...

They're a bit dated, but all the concepts are still relevant.

I wish we had all these great learning resources around when I was starting with W32Dasm + Hiew lol


The Lena151 tutorials will only teach dynamic analysis, not static analysis. What most people do in industry is a combination of static and dynamic analysis. Static analysis being used to figure out the overall structure and function of a binary, and dynamic analysis being used to fill in details that would otherwise be tedious to figure out with a pure static approach.


Lena151's tutorials were how I got into RE back when I was yet to install WinXP SP1.


LiveOverflow's channel on YouTube has been fantastic and may be slightly more up to date.


Any input from beginners who have dipped their toes into this? Is the content explained fairly intuitively or in a way that is simple to understand?

I'm also curious - for those in the know - is the pursuit of knowledge regarding reverse engineering something that has proven valuable in a job or is it primarily an academic pursuit? If it has proven valuable, how so?


The book is good and it explains stuff very well. It can be a bit dense in the beginning, if you're looking for a gentler introduction look at the Lena151 tutorials I linked to elsewhere in this thread.

Ultimately reverse engineering is a hard and dry topic to learn. Different people learn in different ways. Try several different tutorials and learning resources before finding what works for you.

Reverse engineering has been invaluable for my career. It helps you understand the intricacies of modern systems, and makes it so you're never afraid to dive under the hood of something. You approach all software with a can-do attitude, because you know that no matter what, with enough effort you will be able to understand it and make it do what you want.

It has also opened up many interesting career paths for me in game anticheat, software exploitation, and tamper resistance. The jobs pay well and are very interesting :)


I'm one "in the know", so I'll answer that part.

Heck yeah it is valuable. My area has numerous employers that are eager to hire people with that skill set. It pays more than the typical software development jobs. Most of the jobs seem to be related to how things get hacked into. One can play defense or offense.

I post about my employer in the "Who is hiring?" sometimes: https://news.ycombinator.com/item?id=21422735


how much is "more than typical"? Sounds interesting!


Informally I was told I could get a 40% instant raise by joining a company like this. I bet it can be more than that though. I haven’t pursued it yet because I don’t think my skill is enough.


Defense contractors dont pay well. No stocks n peanuts bonus


All of that is false.

I've seen people doing that stuff get yearly pay that is about the price of a house. That is good pay. I've seen stock given, and I've seen bonuses that seem nice, but it makes more sense to focus on pay. The pay is fine.


I work in the field and maybe there are people out there getting paid like that, but that’s not the norm at all.


Cybersecurity defense contractor?


The parts I read seemed well-written, but I'm not sure any beginners are going to dive into a big tome like this.

I started reversing when I started coding, which was back in the 80s. Back then it was just trying to get extra lives on home computer-games.

Later I wanted to install software, and that lead me to +fravia, and some of the associated challenges.

It's almost too hard to step back and imagine whether a true beginner would follow along, but I think with the right motivation and a lot of baby-steps along the way it is a field that will always draw some people, and they'll get there in the end due to sheer tenacity, regardless of the quality of documentation they come across.


I've followed this book for a bit when learning. Most of it is just examples however. You basically write the program in c, compile and assemble it, disassemble it, and see what it looks like. It's a good exercise though and repeating the motions help. After following it a bit you can then pick ones which you find more interesting. Also I didn't follow it all the way through, the content later in might be a bit different


A dedicated career in reverse engineering is quite lucrative.

It is also quite helpful in the embedded space where sometimes your only tool is a hex dump of memory.


For beginners...1054 pages of assembly.

Sometimes I think the entire IT sector is on the spectrum.


Ackshually, all matter emits black body radiation and is therefore on the spectrum. /s


Sarcasm that needs to be declared with /s is not sarcasm. /s


Please don't use that as an insult.


>Please don't use that as an insult.

Wasn't intended as an insult. Pretty sure I'm on it myself on the mild side


It can be a quite lengthy introduction and still be intended for begginers.

I don't see the contradiction.


This book is great. I would say that it is for beginners as long as they have some semblance of C understanding and spent a few hours (days?) reading up about assembly and machine code topics. These skills take years to truly master and the book starts from the beginning. I think the difficulty of asm is overrated (its not uncommon for young kids to learn this sort of stuff).

I think one of the greatest initial hurdles of being a good reverser is not being afraid to wade through large amounts of disassembly and being comfortable with not understanding whats going on for long periods of time.


Glancing at the table of contents, it seems like it covers an excellent breadth of useful topic for reverse engineers/hackers/those interested in how their computer works. One part of that will be a working knowledge of assembly, of course, so that’s why the book tries to give a somewhat fast-paced intro to it. But you’ll see that there are other things covered too.


Shouldn't we be kinda proud of it?


Be proud of it! It's an asset. I know I can't get through that stuff.


beginners to reverse engineering, nothing otherwise implied


wouldn't "Introduction to Reverse Engineering" imply you're a beginner at RE if you're reading it?


Found the web developer


Real Men program web sites in assembly, and they like it.



I'm a bit disappointed the frontend uses javascript. I was hoping for handwritten webassembly.



I swear the FreeBSD handbook used to (or still does?) have a section documenting writing a CGI program in x86 assembly


Haha opposite actually. More comfortable with compiled code & struggling to wrap my head around the web side of things with no clear execution path. This RESTful/async/api stuff is killing me


If you enjoy this format, the same author also wrote "SAT/SMT By Example" which I learned a lot from: https://yurichev.com/SAT_SMT.html


Why does he have a bulletin board in the beginning of his book?


Very readable. Highly recommended.


Unfortunatly the french translation is very bad and hardly readable.


How do you prevent from reversing some standard function (eg: MD5, base64, blowfish etc.) from a mangled source?


Science and engineering is sort of revere hacking of the world code. If you believe moral is built in, it is also a discovery and “hacking” process. Only in arts ... may be even that if you are more Plato than hacksmann




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: