RE@0x2ded ~ $
published
reading time
6 minutes

  :                                                                        :
  –┼──────────────────────────────────────────────────────────────────────┼–
+–─┘                                                                      └─–+
                        
Presentation
  
: :                                                                        : :
┌─|────────────────────────────────────────────────────────────────────────|─┐
└─│──┐– –────────────────────────────────────────────────────────────– –┌──│─┘
┌─┘  |                                                                  |  └─┐
│:   :                                                                  :   :│

$ Whoami

fr4mered

Greetings! Fr4mered here, in some circles. I’m penning this while deep in the throes of my Ph.D. journey. This piece is essentially a self-addressed letter, capturing the moment I discovered my passion for Reverse Engineering. It all began in the early days of my doctoral studies. I stumbled upon a paper discussing the 2015 Ukraine blackout and its implications for false data injection attacks. Though brief, the paper was a treasure trove of implicit information. It sparked an idea - what if I could spearhead research into malware behavior and symptom discovery? The irony isn’t lost on me. While I’ve never been particularly drawn to human medicine, here I am, eager to dissect cyber diseases for knowledge. It’s a field of uncommon expertise, challenging yet essential in the cybersecurity landscape. This demand for specialized knowledge excites me, as I thrive on challenges that push me to evolve. Reverse Engineering isn’t just a skill; it’s a philosophy that fascinates me. It’s about understanding how things are built, developing the ability to see through complex systems. This aligns with the wisdom found in Proverbs - insight is everywhere if you look closely. Take the humble pencil, for instance. As Milton Friedman demonstrated, unraveling its creation reveals a surprising complexity, despite its everyday nature. My goal is to contribute to this field, sharing knowledge with those who seek it. I’ve benefited from others’ guidance in my journey, and I aim to pay it forward. While the path to knowledge can be arduous, the rewards are immeasurable. If I can assist others in their quest for understanding, I’ll consider it an honor. In essence, Reverse Engineering is my gateway to wisdom. It’s a mental exercise that hones one’s ability to uncover hidden truths and complexities in seemingly simple systems. This pursuit of knowledge, challenging as it may be, is what drives me forward in my academic and professional journey.

o3wl

Hey everybody,

now it’s my turn to write about my view of Reverse Engineering and why I am part of the blog. For the sake of this blog, you can call me o3wl. I just started working towards doing my PhD in cyber security and with a colleague we decided to create this blog to document or journey of reverse engineering.

When I was a little kid, there were two professions I dreamed of. I wanted to be either a detective or an archaeologist. Both fascinated me. The detective fought for good by investigating crimes, and the archaeologist uncovered long-forgotten artifacts and mysteries. Looking back, even though these are two very different professions, what interested me about both can be boiled down to the same concept. The curiosity of discovery, of investigating clues and deducing what happened. To discover something and, in a further step, to share the knowledge that helps to understand the world better. Now I’m a graduate student, a scientist, exploring the new and unknown and teaching students. The curiosity hasn’t changed. Learning, growing, sharing. Reverse engineering fits that curiosity very well.

“To reverse engineer is to look beyond what is evident on the surface and find a hidden structure — one that reveals both how an object or idea was designed and, more important, how it can be recreated. It’s the ability to taste an intoxicating dish and deduce its recipe, to listen to a beautiful song and discern its chord progression, to watch a horror film and grasp its narrative arc.” 1

Reverse engineering, as an abstract concept, is looking at a finished or complete object and figuring out how it is made. It is about extracting the components and understanding the underlying structure and relationships. Much like a detective or archaeologist, you uncover artifacts and connect clues to build a bigger picture. As such, this concept can be applied to a wide variety of entities and for many different reasons and purposes.

“Reverse engineering is the process of analyzing a subject system to identify the system’s components and their interrelationships and create representations of the system in another form or at a higher level of abstraction.” 2

So reverse engineering can be used in any field where you may not have full knowledge of an artifact and you can deconstruct it. I think of reverse engineering in much the same way as I think of the word ‘hacker’. In recent years, it has been used very often in a narrow definition of “cybercriminal”. In a broader sense, it describes people involved in cybersecurity with the categories of white hat and black hat hackers. However, in an even broader sense, a hacker is a person who reuses things for a different purpose. The word was originally used by the Technical Model Railroad Club of MIT in 1955. 3

Reverse engineering is also often used in a narrower sense than described previously. When looking at dictionary, the following definitions come up:

  • “to disassemble and examine or analyze in detail (a product or device) to discover the concepts involved in manufacture usually in order to produce something similar” 4
  • “the act of copying the product of another company by looking carefully at how it is made” 5

These definitions have a very clear direction of reversing products to recreate or copy. These thoughts are very present and often with a negative connotation. Personally, I do not like these definitions. I prefer the other definitions mentioned in this post.

“Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accomplishes a task with very little (if any) insight into exactly how it does so.” 6

While being such a fast field, for me as a security researcher, one of the more common uses of the word is interesting. Reverse engineering in the context of computer science, software, security. Even in computer science there can be many areas for reverse engineering. From hardware, game or malware reversing. With reasons like interoperability, repurposing, obsolescence or cracking. The structure of most of them is very similar, the knowledge, methods and tools overlap, while each brings it’s own challenges. As with many things in computer science and security in particular, you need knowledge in different subfields and different domains, which makes it a really challenging subject. But also a very interesting one.

This blog will look at our journey into learning reverse engineering. We will focus on reverse engineering in computer science, specifically security. The end goal would be to be able to reverse engineer malware. The biggest struggle with anything security will most likely be patience. Because we will encounter a lot of walls and crossroads that are not always easy to navigate, if you don’t know what’s coming next. This is where the motivation, the curiosity, needs to be remembered.

I hope that by sharing this journey with you, we will share some of our curiosity and knowledge and motivate you to discover, dissect and deduce.

  1. https://hbr.org/2021/11/you-can-learn-anything-through-reverse-engineering ↩︎

  2. https://www.cs.cmu.edu/~aldrich/courses/654-sp05/ReengineeringTaxonomy.pdf ↩︎

  3. https://www.britannica.com/topic/hacker ↩︎

  4. https://www.merriam-webster.com/dictionary/reverse%20engineer ↩︎

  5. https://dictionary.cambridge.org/dictionary/english/reverse-engineering ↩︎

  6. https://en.wikipedia.org/wiki/Reverse_engineering ↩︎