|
Module Learning Outcomes Assessed: 1. Demonstrate understanding of link between compiled software and the source code it is generated from 2. Make use of tools to examine the memory state of a running process with the aim of deriving the underlying algorithm 3. Examine and evaluate the differences in tools used for reverse engineering, patching and binary mangling |
||||||||||||||
|
The Assignment You are required to write a C program that simply takes in user input, checks the input against a static value and return a secret if it matches. Then compile the program and reverse analyse it using a disassembler and a debugger of your choice, and your main tasks include: i. Describe the program control flow with reference to the reversed assembly instructions and map the instructions to the original C source code. ii. Explain how the arguments/parameters are passed to the C function calls (including imported functions from shared libraries used) in the program and processed at assembly level. iii. Dynamically modify memory data to alter the program control flow/behaviour in a debugging session. iv. Patch the binary image on disk to permanently alter the program control flow/behaviour. Note: you may write the program for either Linux or Windows and select your compiler for the exercise.
Your written report would typically contain: · A title. · A brief summary of the actions you performed in the reverse engineering exercise. · An introduction in which you briefly describe the tools you selected. · A detail analysis section, which is the main body of your report. In this section you should articulate in detail your methodology and how you performed the analysis, and reported steps of the process must be repeatable. · A conclusion. · Recommendations / Any suggested future work. · References. |
||||||||||||||
|
Task and Mark distribution: Your work will be marked out of 100 with the breakdown as follows:
|
||||||||||||||