| ▲ | palata 3 hours ago | |||||||||||||||||||||||||
Taking the opportunity to ask: are there nice recommended resources for a beginner to start with reverse engineering (ideally using Ghidra)? Let's say for an experienced developer, but not so experienced in reverse engineering? I guess one issue I have is that I don't have good ideas of fun projects, and that's probably something I need to actually get the motivation to learn. I can find a "hello world", that's easy, but it won't help me get an idea of what I could reverse engineer in my life. For instance I have a smartspeaker that I would like to hack (being able to run my own software on it, for fun), but I don't know if it is a good candidate for reverse engineering... I guess I would first need to find a security flaw in order to access the OS? Or flash my own OS (hoping that it's a Linux running there), but then I would probably want to extract binary blobs that work with the buttons and the actual speaker? | ||||||||||||||||||||||||||
| ▲ | baby_souffle 2 hours ago | parent | next [-] | |||||||||||||||||||||||||
> Taking the opportunity to ask: are there nice recommended resources for a beginner to start with reverse engineering (ideally using Ghidra)? Let's say for an experienced developer, but not so experienced in reverse engineering? The good news is that there has never been MORE resources out there. If you want to use this learning expedition as an excuse to also build up a small electronics lab then $100 on ali express to buy whatever looks cheap and interesting and then tear it apart and start poking around to find where the firmware lives. Pull the firmware, examine it, modify it and put it back :) This guy has a discord server with a specific "book club" section where they all choose a cheap $thing and reverse engineer it: https://www.youtube.com/@mattbrwn/about I can't help much with "traditional" app/software RE work, sorry. | ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||
| ▲ | unleaded 2 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||
Somewhat unconventional (and i'm not really a seasoned reverse engineer so take it with some salt) but I started by hacking old video games (nes, gameboy, arcade.. that kind of thing). You could start with making basic action replay RAM cheats to e.g. give Mario infinite lives, then you can use breakpoints, the debugger, and a 6502 ISA reference to edit instructions and make ROM patches. from then you can use things like Ghidra (which supports a lot of those old CPU arches) for more advanced analysis and make the game do almost whatever the hell you want if you have the patience. I think a lot of the skills will transfer quite well (obviously not 1:1, you will need to learn some things) to the more employable side of RE if that's what you're interested in | ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||
| ▲ | brynnbee 33 minutes ago | parent | prev | next [-] | |||||||||||||||||||||||||
I personally learn best by doing which is why I love learning with LLMs. They're going to be wrong a lot, and give bad advice, and do things in silly ways. I learn well from the process of working with them, seeing them fail constantly, then learn the tool yourself by researching what it's doing wrong to fix it. I just attempted to use Ghidra to reverse engineer the game Shenmue from Dreamcast. I was previously unfamiliar with Ghidra and I mostly did it as a learning exercise, but it wasn't really the right tool for the job. However the project itself made lots of progress without it: | ||||||||||||||||||||||||||
| ▲ | quux0r 3 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||
So a couple things. Bruce Dang’s book, while a little old, is still a great spot to get started. Another great book is Blue Fox by Maria Markstedter for ARM. From there, finding small binaries and just trying to get the “flow” is a good next step, for me this is largely renaming functions and variables and essentially trying to work the decompiled code into something readable, then you can find flaws. So for the second thing, pulling the data off chips like that typically involves some specialized hardware, and you have to potentially deal with a bunch of cryptographic safeguards to read from the chip’s memory. Not impossible though, and there are not always good safeguards, but might be worth checking out some simpler programs and working up to it, or learning some basic hardware hacking to get an idea of how that process works. | ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||
| ▲ | 0x54MUR41 3 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||
If you are into the book, I would recommend The Ghidra Book from No Starch publisher https://nostarch.com/ghidra-book-2e. The book is designed for beginner and advance users. | ||||||||||||||||||||||||||
| ▲ | ramuel 2 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||
https://pwn.college has really good modules/dojos that cover a bunch of reverse engineering concepts. | ||||||||||||||||||||||||||
| ▲ | an hour ago | parent | prev | next [-] | |||||||||||||||||||||||||
| [deleted] | ||||||||||||||||||||||||||
| ▲ | gray_charger 3 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||
You can start here to learn reverse engineering. | ||||||||||||||||||||||||||
| ▲ | ActorNightly an hour ago | parent | prev [-] | |||||||||||||||||||||||||
>are there nice recommended resources I often wondered why people asks this in the age of LLMs, and I think i know why now. When you ask this question, you are not asking for resources, you are asking for "what is a guide that I can just follow mindlessly without thinking that will enable me to do said thing" You will never learn anything this way, or be anywhere decent at it. If you actually want to learn, you have to be curious. And if you are curious, you are able to ask questions. And for questions, you have LLMs. If you are still clueless on what questions to ask, then start by learning how to actually learn. | ||||||||||||||||||||||||||
| ||||||||||||||||||||||||||