reverse - copy

8/2/2019 Reverse - Copy

1/21

Reverse Engineering


2/21

Contents

What is Reverse Engineering (RE)?

Why do we need Reverse Engineering?

Scope and Tasks of Reverse Engineering

Different Approaches

RE tools Conclusions


3/21

What is Reverse Engineering ?

You have an unexpected case:

You finished one course project using Java

Your program runs OK But, by accident, you delete the java file

How to hand in your project?


4/21


You have an unexpected case:

You finished one course project using Java

Your program runs OK But, by accident, you delete the java file

How to hand in your project?

Reverse Engineering


5/21

SRE

Software Reverse Engineering Also known as Reverse Code Engineering (RCE)

Or simply reversing

Can be used for good... Understand malware Understand legacy code

or not-so-good Remove usage restrictions from software

Find and exploit flaws in software

Cheat at games, etc.


6/21


Waterfall Model of software development

Requirementanalysis

design

Implementation

Testing and

Maintenance


7/21


Forward Engineering

Requirements

Design

Source Code

Behavior


8/21


Forward Engineering Reverse Engineering

Requirements

Design

Source Code

Behavior


9/21

What is Reverse Engineering?

RE encompasses any activity that is done to

determine how a product works, to learn the

ideas and technology that were used indeveloping that product.

RE can be done at many levels

RE generally belongs to SoftwareMaintenance


10/21

The Early Days of RE

Law of Software Revolution (Lehman, 1980)

Fundamental strategies for program

comprehension (Brooks, 1983)

Taxonomy of Reverse Engineering

(Chikofsky&Cross, 1990)

WCRE (Working Conference on R.E., 1990)

IWPC (Int. Workshop on Program

Comprehension)


11/21

Why do we need RE ?

Recovery of lost information

providing proper system documentation

Assisting with maintenance

identification of side effects and anomalies

Migration to another hw/sw platform

Facilitating software reuse


12/21

Scope and Task of Reverse

Engineering

program understanding

Problem/Application

domain

Program/Implemen.

domain

Mapping


13/21


Restructuring

Transformation from one representation to

another at the same level,

Requirements

Design

Source code

Behavior


14/21


Reverse Engineering

Design Recovery

reproduce all the info for understanding the system Re-documentation

provide different views of the system

Re-Engineering first phase --understanding the system

second phase--forward engineering


15/21


Abstraction System

Old system New System

Forward EngineeringRe-Implementation

Reverse EngineeringAbstraction


16/21

Reverse Engineering Tools

Analysis Tools

Browsers

Object Server

Task Oriented Tools


17/21

Example--Java Decompiler

How to recover bytecode from .class file

under Unix/Win with JDK?

%javap -c %javap -help (to see the options)

Java Decompilers ClassCracker http://www.pcug.org.au/~mayon/

DeCafe Pro" from DeCafe, France at

http://decafe.hypermart.net/index.htm

SourceAgain" from Ahpah corp athttp://www.ahpah.com


18/21

Example--Java Decompiler

ClassCracker 2 Interface


19/21

SRE Tools Disassembler

Converts exe to assembly

as best it can

Cannot always disassemble correctly

In general, it is not possible to assemble disassembly into working

exe

Debugger

Must step thru code to completely understand it

Labor intensivelack of automated tools

Hex Editor

To patch (make changes to) exe file Regmon, Filemon, VMware, etc.


20/21

ConclusionsReverse Engineering is a new research area

among software maintenance

RE includes activities of understanding the

system and recovery info from system

Program understanding is the most important

subset of Reverse Engineering

Discovery of abstraction is key issue


21/21

Questions ?

reverse - copy

Documents