Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 04-01-2023, 03:57
RAMPage RAMPage is offline
Friend
 
Join Date: Mar 2023
Posts: 44
Rept. Given: 3
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 55
Thanks Rcvd at 23 Times in 12 Posts
RAMPage Reputation: 1
Question Where to start? Where to go? The right reversing path (?)

Hello dear friends, hope you can give me some advises on where to go, because Im a little confused about how to create a good learning curve.I tried to search a similar post to not make a new one but I didnt found.

Im very interested on how things work, not only computers, mechanic, medicine, etc. I did 14 years ago a Certification that lead my to a work that I like what I do and plus it puts food in the table for my family. In that certification they make me do in the 48 hour exam a 32bit shellcode (It was a MessageBox) and I had to exploit an Overflow bypassing ASLR on Vista.

Now Im on the need of going deep down the rabbit-hole , in Coding and Operating Systems. I collected a lot of courses but no one satisfies me really, because I never end finishing anyone, so Im here to ask help on where to start.

I want to learn how use debuggers , understand the basics of Reversing, but with a good base. I know bits of things, but Im not in deph what I would like to be.

In this post @blue_devil, and @chessgod101 , tried to help me and gave me Assembly references to start:
https://forum.exetools.com/showthread.php?p=127430

Im seeing RIcardo Narvaja`s reversing courses, but I feel its not enough, Im not having FUN*. I dont know what im doing wrong.

I was seeing all the old posts , and I very exited to be here in a forum with so many people who knows a lot, and is humble. I was doubting to start this post because one always should try to find its own path, but Im really kinda stuck.

Thanks for Reading,
Your forum buddy, Rampage.
Reply With Quote
  #2  
Old 04-01-2023, 07:04
vitriol vitriol is offline
Friend
 
Join Date: Jan 2023
Posts: 5
Rept. Given: 0
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 0
Thanks Rcvd at 19 Times in 5 Posts
vitriol Reputation: 1
Sure. I started myself with this book:
"Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System" - Reverend Bill Blunden.
Also: "Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercrime, and IoT attacks"
And "Windows Internals" (Series)
Though the first one is the best for getting into kernel land, if that is even what you want?

A great hands on practice will give you the "Extreme Vulnerable Driver". It comes with a huge collection of blogs that explain you all the different flaws in the driver and how to exploit them on modern systems.

If you rather want to stay in userland then you may want to simply search for "Awesome *WHATEVER IT IS* Collection"s on github, I'm sure it will help you to find the things you're interested in.

Here is also a nice collection "https://www.vx-underground.org/windows.html"
They also have a huge list of malware, so you can just google for reversing tuts.

Also on youtube there are some channels I can recommend you:
"Malware analysis for hedgehogs"
"OALabs"

Hope it helps
Reply With Quote
The Following User Says Thank You to vitriol For This Useful Post:
RAMPage (04-02-2023)
  #3  
Old 04-04-2023, 04:54
0xDA7B01 0xDA7B01 is offline
Friend
 
Join Date: Jan 2023
Posts: 7
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 9
Thanks Rcvd at 5 Times in 4 Posts
0xDA7B01 Reputation: 0
(Admittedly my experience is not a lot yet, I'm new to this, but this is what I've learned so far)

I'd say that it depends on what you want to do. Why do you want to reverse in the first place? Are you doing this to learn? For fun? Something else?

If I were you I'd forgo the courses and start simple, from the fundamentals. Assuming you know how to program, the various asm variants (e.g. x86 asm) you can learn as you go by writing simple programs in e.g. C, and tools like Godbolt (godbolt.org) will display you the resulting assembly, and helpfully mark which parts of the assembly map to a given line of code.

It could also be helpful to start with reversing some older programs that interest you (e.g. retro games) using a tool like Ghidra (or IDA if you prefer). Older programs tend to be a bit easier to understand when disassembled IMHO, though that's not always the case. As you start to get a feel for the patterns and calling convention (e.g. how a function is set up in x86 asm on Windows) you can "graduate" to more advanced programs like malware, that use more advanced techniques.

Hope I helped, and most of all, have fun!
Reply With Quote
The Following User Says Thank You to 0xDA7B01 For This Useful Post:
RAMPage (04-16-2023)
  #4  
Old 04-16-2023, 09:40
RAMPage RAMPage is offline
Friend
 
Join Date: Mar 2023
Posts: 44
Rept. Given: 3
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 55
Thanks Rcvd at 23 Times in 12 Posts
RAMPage Reputation: 1
Quote:
Originally Posted by 0xDA7B01 View Post
(Admittedly my experience is not a lot yet, I'm new to this, but this is what I've learned so far)

I'd say that it depends on what you want to do. Why do you want to reverse in the first place? Are you doing this to learn? For fun? Something else?

If I were you I'd forgo the courses and start simple, from the fundamentals. Assuming you know how to program, the various asm variants (e.g. x86 asm) you can learn as you go by writing simple programs in e.g. C, and tools like Godbolt (godbolt.org) will display you the resulting assembly, and helpfully mark which parts of the assembly map to a given line of code.

It could also be helpful to start with reversing some older programs that interest you (e.g. retro games) using a tool like Ghidra (or IDA if you prefer). Older programs tend to be a bit easier to understand when disassembled IMHO, though that's not always the case. As you start to get a feel for the patterns and calling convention (e.g. how a function is set up in x86 asm on Windows) you can "graduate" to more advanced programs like malware, that use more advanced techniques.

Hope I helped, and most of all, have fun!
. I want to know how to bypass protections, things that I never done before. I know about reversing basic programs with GHIDRA, but I dont know entirely x64. I want to rock and have fun with ASM, and use it in the field of Binary Explotation. Since I like hardware too, I think asm will be the door to discovering hardware , and lowlevel OS internals.

Im now reading @blue_devil 's recomende book in "learning x32-64 with ubuntu", and its going quite well. I have too many courses and materials but I need to start applying to learn to them. mmmm I read The Rootkit Arsenal in the week (79 pages by now) and its very interesting has very, good references and history. Learning a lot and trying to eat more that I can.

Last edited by RAMPage; 04-16-2023 at 10:19. Reason: edited to follow rhe rules
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 21:17.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )