Skip to content

Instantly share code, notes, and snippets.

@KevinLiebergen

KevinLiebergen/Reversing-exploiting.md

Last active May 19, 2023 16:56
Show Gist options
  • Save KevinLiebergen/7846c69f901a3f4a74df0f28a7cd1a0f to your computer and use it in GitHub Desktop.
Save KevinLiebergen/7846c69f901a3f4a74df0f28a7cd1a0f to your computer and use it in GitHub Desktop.
Download ZIP
Radare2
Raw
Reversing-exploiting.md

Tools to check first

  • file
  • strings
  • hexdump: Show the content of a binary
  • objdump: Show the elements (structure) of a binary
  • ltrace: Intercepts dynamic library calls
  • strace: Intercepts any syscall

Type of tools

  • Disassemblers: Reverse into assembler language (e.g., IDA)
  • Decompilers: Reverse binaries into higher-level languages, like C++
  • Debuggers: Allows you to view and change the state of a running program (e.g., GDB)
  • Hex editors: Allow youto view and edit contents of a binary (e.g., hexdump)

Tools

  • GDB (debugger)
  • Radare (debugger)
  • Ghidra (decompiler)
  • IDA (decompiler)

GDB

Radare2

Open file in write mode. -A is -aaa. What are the steps it takes. Each step has the command responsible for it inside parentheses

  • $ r2 -w -A ./binary

Seek to main

  • > s main

Print disassembly file

  • > pdf

Create a jump to specific address

  • > wa jmp 0x0040096a

IDA

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment