Reverse Engineering

620 Pages · 2005 · 8.54 MB · English

  • Reverse Engineering

    01_574817 ffirs.qxd 3/16/05 8:37 PM Page ii

    This Book Is Distributed By http://pdfstore.tk/ Please

    Make Sure That This E-Book Dont Have Any Or Damage This will cause you

    Missing Pages And Missing Tutorials.www.pdfstore.tk

    will automaticly `check . is this book is ready for read

    Attention :- Before You read this Book Please Visit www.pdfstore.tk and check

    you can Free Download any kind of Free matirials from www.pdfstore.tk

    web site 01_574817 ffirs.qxd 3/16/05 8:37 PM Page i

    Reversing: Secrets of

    Reverse Engineering 01_574817 ffirs.qxd 3/16/05 8:37 PM Page ii 01_574817 ffirs.qxd 3/16/05 8:37 PM Page iii

    Reversing: Secrets of

    Reverse Engineering

    Eldad Eilam 01_574817 ffirs.qxd 3/16/05 8:37 PM Page iv

    Reversing: Secrets of Reverse Engineering

    Published by

    Wiley Publishing, Inc.

    10475 Crosspoint Boulevard

    Indianapolis, IN 46256


    Copyright © 2005 by Wiley Publishing, Inc., Indianapolis, Indiana

    Published simultaneously in Canada

    Library of Congress Control Number: 2005921595

    ISBN-10: 0-7645-7481-7

    ISBN-13: 978-0-7645-7481-8

    Manufactured in the United States of America

    10 9 8 7 6 5 4 3 2 1


    No part of this publication may be reproduced, stored in a retrieval system or transmitted

    in any form or by any means, electronic, mechanical, photocopying, recording, scanning or

    otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copy-

    right Act, without either the prior written permission of the Publisher, or authorization

    through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222

    Rosewood Drive, Danvers, MA01923, (978) 750-8400, fax (978) 646-8600. Requests to the

    Publisher for permission should be addressed to the Legal Department, Wiley Publishing,

    Inc., 10475 Crosspoint Blvd., Indianapolis, IN 46256, (317) 572-3447, fax (317) 572-4355,

    e-mail: brandreview@wiley.com.

    Limit of Liability/Disclaimer of Warranty:The publisher and the author make no repre-

    sentations or warranties with respect to the accuracy or completeness of the contents of this

    work and specifically disclaim all warranties, including without limitation warranties of fit-

    ness for a particular purpose. No warranty may be created or extended by sales or promo-

    tional materials. The advice and strategies contained herein may not be suitable for every

    situation. This work is sold with the understanding that the publisher is not engaged in ren-

    dering any professional services. If professional assistance is required, the services of a com-

    petent professional person should be sought. Neither the publisher nor the author shall be

    liable for any damages arising herefrom. The fact that an organization or Website is referred

    to in this work as a citation and/or a potential source of further information does not mean

    that the author or the publisher endorses the information the organization or Website may

    provide or recommendations it may make. Further, readers should be aware that Internet

    Websites listed in this work may have changed or disappeared between when this work

    was written and when it is read.

    For general information on our other products and services or to obtain technical support,

    please contact our Customer Care Department within the U.S. at (800) 762-2974, outside the

    U.S. at (317) 572-3993 or fax (317) 572-4002.

    Wiley also publishes its books in a variety of electronic formats. Some content that appears

    in print may not be available in electronic books.

    Trademarks: Wiley, the Wiley Publishing logo and related trade dress are trademarks or

    registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States

    and other countries, and may not be used without written permission. All other trademarks

    are the property of their respective owners. Wiley Publishing, Inc., is not associated with

    any product or vendor mentioned in this book. 01_574817 ffirs.qxd 3/16/05 8:37 PM Page v


    Executive Editor Graphics and Production Specialists

    Robert Elliott Denny Hager

    Jennifer Heleine

    Development Editor

    Lynsey Osborn

    Eileen Bien Calabro

    Mary Gillot Virgin

    Copy Editor

    Quality Control Technician

    Foxxe Editorial Services

    Leeann Harney

    Editorial Manager

    Proofreading and Indexing

    Mary Beth Wakefield

    TECHBOOKS Production Services

    Vice President & Executive Group

    Cover Designer


    Michael Trent

    Richard Swadley

    Vice President and Publisher

    Joseph B. Wikert

    Project Editor

    Pamela Hanley

    Project Coordinator

    Ryan Steffen

    v 01_574817 ffirs.qxd 3/16/05 8:37 PM Page vi 01_574817 ffirs.qxd 3/16/05 8:37 PM Page vii


    It is amazing, and rather disconcerting, to realize how much software we run

    without knowing for sure what it does. We buy software off the shelf in shrink-

    wrapped packages. We run setup utilities that install numerous files, change

    system settings, delete or disable older versions and superceded utilities, and

    modify critical registry files. Every time we access a Web site, we may invoke

    or interact with dozens of programs and code segments that are necessary to

    give us the intended look, feel, and behavior. We purchase CDs with hundreds

    of games and utilities or download them as shareware. We exchange useful

    programs with colleagues and friends when we have tried only a fraction of

    each program’s features.

    Then, we download updates and install patches, trusting that the vendors

    are sure that the changes are correct and complete. We blindly hope that the

    latest change to each program keeps it compatible with all of the rest of the

    programs on our system. We rely on much software that we do not understand

    and do not know very well at all.

    I refer to a lot more than our desktop or laptop personal computers. The

    concept of ubiquitous computing, or “software everywhere,” is rapidly

    putting software control and interconnection in devices throughout our envi-

    ronment. The average automobile now has more lines of software code in its

    engine controls than were required to land the Apollo astronauts on the Moon.

    Today’s software has become so complex and interconnected that the devel-

    oper often does not know all the features and repercussions of what has been

    created in an application. It is frequently too expensive and time-consuming to

    test all control paths of a program and all groupings of user options. Now, with

    multiple architecture layers and an explosion of networked platforms that the

    software will run on or interact with, it has become literally impossible for all

    vii 01_574817 ffirs.qxd 3/16/05 8:37 PM Page viii

    viii Foreword

    combinations to be examined and tested. Like the problems of detecting drug

    interactions in advance, many software systems are fielded with issues

    unknown and unpredictable.

    Reverse engineering is a critical set of techniques and tools for understand-

    ing what software is really all about. Formally, it is “the process of analyzing a

    subject system to identify the system’s components and their interrelation-

    ships and to create representations of the system in another form or at a higher

    level of abstraction”(IEEE 1990). This allows us to visualize the software’s

    structure, its ways of operation, and the features that drive its behavior. The

    techniques of analysis, and the application of automated tools for software

    examination, give us a reasonable way to comprehend the complexity of the

    software and to uncover its truth.

    Reverse engineering has been with us a long time. The conceptual Revers-

    ing process occurs every time someone looks at someone else’s code. But, it

    also occurs when a developer looks at his or her own code several days after it

    was written. Reverse engineering is a discovery process. When we take a fresh

    look at code, whether developed by ourselves or others, we examine and we

    learn and we see things we may not expect.

    While it had been the topic of some sessions at conferences and computer

    user groups, reverse engineering of software came of age in 1990. Recognition

    in the engineering community came through the publication of a taxonomy on

    reverse engineering and design recovery concepts in IEEE Softwaremagazine.

    Since then, there has been a broad and growing body of research on Reversing

    techniques, software visualization, program understanding, data reverse engi-

    neering, software analysis, and related tools and approaches. Research

    forums, such as the annual international Working Conference on Reverse

    Engineering (WCRE), explore, amplify, and expand the value of available tech-

    niques. There is now increasing interest in binary Reversing, the principal

    focus of this book, to support platform migration, interoperability, malware

    detection, and problem determination.

    As a management and information technology consultant, I have often been

    asked: “How can you possibly condone reverse engineering?” This is soon fol-

    lowed by: “You’ve developed and sold software. Don’t you want others to

    respect and protect your copyrights and intellectual property?” This discus-

    sion usually starts from the negative connotation of the term reverse engineer-

    ing, particularly in software license agreements. However, reverse engineering

    technologies are of value in many ways to producers and consumers of soft-

    ware along the supply chain.

    Astethoscope could be used by a burglar to listen to the lock mechanism of

    a safe as the tumblers fall in place. But the same stethoscope could be used

    by your family doctor to detect breathing or heart problems. Or, it could

    be used by a computer technician to listen closely to the operating sounds

    of a sealed disk drive to diagnose a problem without exposing the drive to

    Please note: To fully download this free PDF,EBook files you need know All free.
    Found by internet command,site not saved pdf file
You May Also Like

Related PPT Template in the same category.