Defining the basics of reverse engineering is a challenge that is surely as complex as the practice of the discipline itself. This article reviews some of the key issues, such as applications, the importance of the human factor, tools…
One of the great milestones of 20th century reverse engineering originated by chance. Such is fate: capricious. When Howard Jarrell found himself in the middle of those clouds with no radio and electrical equipment problems in his B-29 bomber, the U.S. Army captain broke into a shaking sweat.
He was going to have to land at Uglovoye airfield. Near Vladivostok, a Soviet Navy base.
On that day in 1944, Stalin saw the light.
The Soviet leader had been obsessed for years with getting a super bomber like the one the Americans had. He had even approached Washington about the possibility of acquiring several of them. Always without success.
Jarrell’s crash landing, returning from a mission in Manchuria, precipitated one of the great reverse engineering operations of World War II.
Russian scientists disassembled every last bolt of that plane, dubbed the Ramp Tramp in the U.S., to replicate an aircraft that would make all the difference in the Eastern Bloc.
Only two years later, the Soviet Union put into action the first TU-4 bomber.
From then until today, reverse engineering has become a key field of knowledge. A discipline in permanent evolution called to play a key role in the technological era we are living in.
These are, therefore, six key issues that you should take into account to understand the phenomenon.
And since there is nothing better than starting at the beginning, let’s focus on the simplest of the issues surrounding this activity.
What is reverse engineering?
On paper, the definition is quite simple to understand. Reverse engineering is a search process. A journey to unravel the technological principles of an object, tool, device or system based on abductive reasoning.
Conjecturing about the functioning of the element to be studied, its structure…
Today, the discipline is mainly divided into two paths: reverse engineering of software, on the one hand, and of hardware, on the other.
The first aims to get hold of the source code of a program in order to modify it or simply analyze it.
An example oriented to security holes consists of modifying a program or abusing its functionalities or design flaws after reverse engineering it to make it do different things, or to embed a patch that avoids a flaw.
To do this, the researcher will work on a software coded in machine language.
Hardware reverse engineering, on the other hand, is based on the same principle but with a different operation. In this case, the disassembly of the device to understand how it works. What are the mechanisms and knowledge that allow it to fulfill its mission.
Something like what the Russian engineers did with the Ramp Tramp, in short.
What are the applications?
Miguel Tarascó, co-founder of Tarlogic Security and head of the Development Department, explains that reverse engineering has three main applications:
• Identify the vulnerabilities of a device or software.
• Extend the capabilities of that program or gadget under analysis.
• Copying the technology for commercial or other use.
The latter is an application that has placed the discipline in quicksand on multiple occasions.
Cases of espionage and copyright infringement have raised doubts about the practices of some companies in the field of reverse engineering. Copying has always been cheaper than innovating, you know.
A very entertaining and illustrative movie about this is Paycheck. In it, a talented engineer is hired to reverse engineer devices and, after each job, his memory is wiped.
For what purpose? On the one hand, to eliminate possible legal problems. And, on the other hand, to prevent him from succumbing to the temptation of keeping the know-how of the technology he was developing.
But beyond practices of dubious business ethics, the truth is that reverse engineering has also become a powerful tool for protecting all kinds of companies.
Neutralizing ransomware by relying on software reverse engineering is just one of its many applications. One of the invaluable contributions that this discipline is set to make to society and the global economy in the midst of the technological revolution.
What should I study if I want to dedicate myself to reverse engineering?
Defining the regulated studies that best suit reverse engineering is not easy due to the complexity of this field. Engineering degrees such as Telecommunications, Electronics, Computer Science or even Physics provide very valuable knowledge.
But perhaps above the chosen career, the most important element in the equation is passion. If there is a common denominator among reverse engineering professionals, it is perhaps an overflowing curiosity.
And a determined vocation to fight the machine/code. «It’s very hard work -warns Miguel Tarascó-, you have to dedicate a lot of personal time to it».
A good starting point for all those who want to immerse themselves in this activity is one of the most recurring challenges among professionals in the sector: loading Doom on the most unusual devices.
The popular video game created in the early 1990s has ended up in some of the most unexpected gadgets due to the stubbornness of a few reverse-engineering nuts. A Canon printer, a TI-Nspire calculator, an iPod Nano… even an ATM.
At the end of last year, perhaps the most unusual case of all came to light. An enthusiast in this field managed to load Doom in a ClearBlue pregnancy test (link). Seeing is believing…
Which are the essential programming languages?
The starting point is Assembler for different hardware architectures, the language used to write low-level programs. This is an essential skill if you want to work in reverse engineering.
Depending on the field of choice (software or hardware), the potential researcher will have to acquire specific knowledge for each of the architectures.
With this acquired base, other programming languages appear whose mastery is very useful. In the field of the Internet of Things (IoT), it is appropriate to master C or C++ because most of these devices are programmed with this language.
If the specialization orbits towards software engineering, the most appropriate choice is perhaps to master Python. Why? Basically because there are a large number of tools written in this language.
And also because this mastery will allow the user to develop and standardize his own working tools.
It is true that Python has as many supporters as detractors. Especially among those who operate in the pentesting world.
Is it possible to find a package of useful tools to enter the world of reverse engineering?
There are many solutions available on the market. Depending on the path you have chosen, you will have to opt for one or the other, both commercial tools and open source frameworks such as r2 (radare).
These are some of the most popular ones:
- Reverse engineering of software:
- Disassemblers: Ida Pro, Radare, Ghidra, Binary Ninja.
- Debuggers: WinDbg, OllyDbg, Api Monitor.
- Hexadecimal Editor: HxD, WinHex, 010Editor…
- Hardware reverse engineering:
- Binwalk, FACT.
- Logic analyzers. It is a hardware device that incorporates software.
- JtagEnum o JTAGulator.
- USB-UART converter, Interfaz Serial/TTL a USB.
- Visual binary analyzers: Vix, o binvis.
- If you want to analyze the network traffic of your devices…
Is the human factor important?
Miguel Tarascó argues that the human factor is the central asset of this discipline. Contrary to what might seem from a distance, technology is not everything in reverse engineering.
«Human factor is 90% -argues Miguel- because there has to be a reasoning behind it. You can deal with malware or ransomware, for example, but the tools you are going to work with aren’t magic».
Therefore, it will be the researcher, the person, who uncovers the secrets of the software or the device. The one who reverses the engineering until they reach their goal.
«On the subject of hardware hacking (you can find a thousand pages with tutorials and tips on technological tools, but most of the time there is nothing left to do but fight, read all the documentation and think over your head until you find the solution», concludes Miguel.
In other words, what really works in this discipline is that old aphorism about mind over matter. Remember? Although matter can even become virtual…