Reverse Engineering (RE) Learning Path.

Hi guys!

I am completely new to reverse engineering.

I have been programming for about year on a scripting language called autohotkey, learned c++ recently (havent coded on that language yet, but will soon) and I have curiosity for this particular topic (RE).

I have noticed that debuggers show the information in assembly language (?) so my question is: what is the best route to learn reverse engineering?

I do realize that a little background in programming is essential but do i need (or is it better) to learn assembly first before i go deeper on to reverse engineering?

To be honest my main motivation is a particular software that i want to own but that is too expensive for me and i really consider the software not worth THAT much (yes there are free solutions but they are buggy and less powerful), and while i know the pure basics of RE (using Olly for patching jumps based on string) i have not much knowledge on unpacking, so thats my goal...

I will be starting with this course, if anybody has done it can you please provide feedback on it? how was it... is there anything better? and so on.

I hope to get some constructive replies, but thanks in advance anyways for taking the time to read until here even if you dont reply.

[henry_y]

I'd like to recommend you to learn Assembly a lil bit (if you just wanna know what is RE). But if you really interested and decided to dig into RE even more, learn Assembly & System Programming.

Long long time ago, when DOS still rulz the world, I learnt Assembly, an ordinary Assembly. By the time I learn it, I was able to figured out how to bypass a protection. That's how I lean RE. Retired now

[leosmi05]

> > > c++ (havent coded on that language yet, but will soon)
You can also learn by executing step by step the C/C++ code and watching the Assembler window (in Visual C/C++ for example).
But a good Assembler book is better.

[chessgod101]

I would suggest trying lena's tutorials. They will give you a basis on how to proceed with future endeavours.

Lena's Tutorials:
_hxxp://tuts4you.com/download.php?list.17

[yogi_saw]

I would suggest get some working knowledge abt assembly and then try to learn from lena's tuts they are really great for a newbie...

Thanks for the replies guys!

The tutorial i linked in the OP was coincidentally that one from Lenas, and I like that page (tuts4you).

Quick question though, arent those tutorials little old? I am doing it and im learning tons with it but can i safely assume that i will encounter most of it in "real life" applications.

I will start learning assembly + checking compiled code as suggested.

--Edit
Let me fit in another question here:
I have noticed that there might be different "flavors" of ASM language. Is that correct? if so what would be the way to go?

Of course there are different asm(s) for different hardware platforms (ie x86, ARM, 68K etc), these are the different chips and have very big differences in the number and type of commands they support.

For pc's you only really need to consider x86 (or IA64 AMD64, an extension of x86 if you want to go for 64bit).

I guess the different "flavours" you mean are the different assemblers available for translating assembler into machine code.

For the PC (Windows or Linux or any other machine using the Intel x86 processor) there are two (3?) main ways of writing assembler, AT&T, Intel (and HLA).

The first two are the main ones, with the Intel syntax the one you will see most often.
As Intel originally designed the chips I guess it is only right they dictate the mnemonics used. Most assemblers on both windows and Linux will be able to understand this way of writing code. (ie MASM, TASM)

The Intel syntax is primarily used with the assembler which GCC uses, called GAS on the Linux platform.

HLA (High Level Assembler) is another way of writing code, although it has more features of a high-level language like C or Pascal, and can be a good place to start.

As to your op, I think that a basic grounding in the concepts of proggramming languages will always stand you in good stead when delving into the inner workings of processors, and has the benefit of more tangible results when you are starting off. Then you can transfer the concepts of variables/flow-control etc, to assembler, as it can be a bit dry and hard going when you start off.

B

PS
wikipedia is a great place to find a lot of background on this stuff, before you dive in =)

http://en.wikipedia.org/wiki/X86_assembly_language

and dont forget to get the info straight from the horses mouth so to speak, with the full set of Intel manuals

http://www.intel.com/products/processor/manuals/

[matt]

Thanks. The link is very useful.

Quote:

Originally Posted by chessgod101

I would suggest trying lena's tutorials. They will give you a basis on how to proceed with future endeavours.

Lena's Tutorials:
_hxxp://tuts4you.com/download.php?list.17

[TechLord]

Don't forget this site :

http://woodmann.net/forum/index.php?

Excellent source of information and tools

[mcp]

In general, the RE reddit has reached a level where it receives very good submissions on a regular basis.
Also, there is a site dedicated towards beginners which is really useful.