everything is open source if you can reverse engineer (try it RIGHT NOW!)

  Рет қаралды 1,517,752

Low Level

Low Level

Күн бұрын

Пікірлер: 987
@LowLevelTV
@LowLevelTV Жыл бұрын
wanna learn more about computers? check out my courses at lowlevel.academy (there's a sale) 👌
@a-google-user07
@a-google-user07 4 ай бұрын
9 likes?? lmao what
@Moppup
@Moppup 4 ай бұрын
This is fascinating! Thanks!
@Vortex-qb2se
@Vortex-qb2se 7 ай бұрын
The guys with no coding experience must be terrified now
@MohitKhare
@MohitKhare 5 ай бұрын
bro, 8 years of professional experience with me. Still struggling just to keep up with him. 😂
@artemis-arrow-3579
@artemis-arrow-3579 4 ай бұрын
@@MohitKhare skill issue
@candybird7028
@candybird7028 4 ай бұрын
@@artemis-arrow-3579 no one likes u
@minhhoangvo4759
@minhhoangvo4759 3 ай бұрын
@@artemis-arrow-3579 challenge your
@laincy-zp6lr
@laincy-zp6lr 3 ай бұрын
İ Felt dumb until ı read thıs tnx
@fus3n
@fus3n Жыл бұрын
"You don't need any programming experience" continues to show code and terms that only a programmer would understand.
@dongueW
@dongueW Жыл бұрын
😂😂
@replikvltyoutube3727
@replikvltyoutube3727 Жыл бұрын
Not only programmer, computer scientist too
@kofiboateng9181
@kofiboateng9181 Жыл бұрын
Forreal lol..... Im looking at the command line print out like, "Is that not assembly." Then very next line "That's why we learn assembly." 🧐
@glowiever
@glowiever Жыл бұрын
basically the "refuse to elaborate" chad kinda thingy kek
@supermariozaken
@supermariozaken Жыл бұрын
You definitely need it, anyway why would you want to "reverse engineer" if you have no clue what to do with it? KZbinrs need to stop promoting "you don't need to know anything of X for this" and actually encourage people to learn what they need.
@stevereaver
@stevereaver Жыл бұрын
"No coding experience needed", then dives straight into system level assembly.
@LowLevelTV
@LowLevelTV Жыл бұрын
teehee
@fodk7021
@fodk7021 9 ай бұрын
@@LowLevelTV don't try to teehee yourself out of this one !
@MisterChief711
@MisterChief711 9 ай бұрын
@@LowLevelTVnot even funny. you just lied in the video
@NickyDekker89
@NickyDekker89 9 ай бұрын
@@MisterChief711 Skill issue.
@MisterChief711
@MisterChief711 9 ай бұрын
i can feel the sweat on your hands@@NickyDekker89
@avader5
@avader5 Жыл бұрын
This reminds me back in the nineties when I ran my own company. I found a bug in QuickBooks Pro where they assumed a value for one of the payroll deductions would be a constant number. In my case it turned out that it had to be another value that the programmers at Intuit hadn't coded for since they hadn't done their due diligence research into corporate payroll tax law. I then proceeded to look at the data file that they were keeping I found the two bytes that represented the number for the percentage deduction on the line and I manually modified it to be the new number it needed to be. I then was surprised when I informed Intuit of their bug that they threatened to sue me for modification of what they termed copyrighted data.
@torphedo6286
@torphedo6286 Жыл бұрын
Checks out lol
@featherfiend9095
@featherfiend9095 Жыл бұрын
Super cool to c one of the original hackers (before it became erroneously equivalent to a “cracker”) talking about this.
@RealCaptainAwesome
@RealCaptainAwesome Жыл бұрын
How dare you.... checks notes... find and fix a bug in our software!
@orrilindalgunason8034
@orrilindalgunason8034 Жыл бұрын
This sounds a lot like what happened with Russell 'Rusty' Hardenburgh if I remember correctly. Very interesting either way.
@baruchben-david4196
@baruchben-david4196 Жыл бұрын
Corporations are touchy that way. Heaven forbid you should improve something, correct a bug... That's what all that text is about in the EULA.
@AnRodz
@AnRodz Жыл бұрын
Although coding from a young age, 'decompiling' always felt like black-magic concept. Thanks for explaining it to me.
@adewalo
@adewalo Жыл бұрын
but black-magic makes it sound cool so its even better
@EvilSapphireR
@EvilSapphireR 11 ай бұрын
You get used to it. Just filling in the gaps made by compiler optimizations and custom data types most of the time by intelligent guessing.
@skilz8098
@skilz8098 11 ай бұрын
Think of compiling as a mathematical function and decompiling as its inverse function. This is a fairly decent analogy except compilation and recompilation is within a much bigger scope of complexity where some deductions have to be inferred by its context.
@narrativeless404
@narrativeless404 9 ай бұрын
It's actually kinda hard to make a good decompiler and the ones we do have are inherently unreliable So most of the time you're better off with just disassembly
@artemis-arrow-3579
@artemis-arrow-3579 4 ай бұрын
@@narrativeless404 idk man, I've always found psuedo C to be decently reliable to be fair, I never tried ghidra or ida pro, binary ninja ftw
@davidolsen1222
@davidolsen1222 Жыл бұрын
Also, for various reasons password checkers shouldn't execute like that. You can absolutely tell that if you hammer it that feeding it a letter `c` first takes twice as long as any other letter when entered into the password checking. And then another 10ms if you add an `a` you can end up solving the password based on the time it takes to accept or reject that password. Since each letter you get right delays the time to rejection.
@Oliver_Atkinson
@Oliver_Atkinson Жыл бұрын
How do you check them simultaneously?
@davidolsen1222
@davidolsen1222 Жыл бұрын
@@Oliver_Atkinson You can force a delay. So from the time you hit `enter` to the rejection the time will be like 1 second, which also makes brute force not an issue. But, usually this isn't an issue because the password is stored as a salted-hash password. So when you type aaaaaaa and then aaaaaab it would create two radically different hashed strings so you would not actually be able to simply compute the time to denial, because even if you could tell a particular password took longer to reject the hash is cryptographic, so you can't use that information in any useful way. It's another reason to never store passwords, because comparing plain-text passwords also leads to some security issues.
@kirasmith1147
@kirasmith1147 Жыл бұрын
@davidolsen1222 Well, the even better answer is that a check in an executable will never hold, or more simply "you don't". But ofc server side stuff too (also, a delay will not hold up, the actual operation must be constant time)
@joshie1984
@joshie1984 9 ай бұрын
Usually a password is hashed and salted, it does not check letter by letter... this would almost never/ never work or make a difference in execution time
@TribeWars1
@TribeWars1 9 ай бұрын
One thing you can do is for example put both the password and the input in a 256 character buffer and then check all 256 characters for equality, regardless of whether an earlier check already failed. This is not a problem if you're using password hashes btw, which is the actual correct solution for password authentication.
@Kyrelel
@Kyrelel 9 ай бұрын
Good luck reversing any binary with zero programming knowledge.
@jeanm3506
@jeanm3506 7 ай бұрын
😂😂😂😂
@Jxhsxn
@Jxhsxn 4 ай бұрын
fr 😂
@mrhassell
@mrhassell 4 ай бұрын
That's why IDA Pro is such a great set of tools. Besides the fact, by learning from zero programming knowledge, you're learning from the base (assembler), which is about as low level as a human being can get between program operations and the computer CPU (the next step being binary), you'll learn things that even advanced programmers are only casually (if at all) familiar with, as well as develop a skillset that can be used in digital forensic investigations, learn how to battle in the field against real-world malware, viruses and uncovering exploits and vulnerabilities that have never been seen or identified. I learnt "debug", when I was 11 years old to gain access to more games in MS-DOS 1.1, as I found this easier to learn ASM registers and HEX conversions and re-program instruction cycles as well as stack management and I/O, than fiddling with BASIC to draw sprites. Admittedly I went to a computer fair every month, for 6 months before I started to get any clue of how it worked but from there, in time and with a sincere dedication (with 3 months of glandular fever, which nearly prevented me from ever reaching teenage years), I honed my skills and put my OCD to good use, becoming one of the most prolific crackers in Australia and the UK (where my father lives and 12 years of my life were spent), during the 80s and the best part, was nobody knew who I was or would have guessed anything about my identity, being just a kid from rural Victoria! From that point, learning C and C++ was straightforward and much easier than had I taken a standard learning path, achieved in higher learning or as a student of an academic institution. Having worked in IT for over 25 years, I recommend this path as the first point in learning, or for anyone serious in developing skills, as this goes far beyond simply programming and opens your mind to a universe of new possibilities, which developing programming skills and knowledge of alone, likely will never provide anyway (reverse engineering is not a basic requirement of programming or used to teach software development, as I tend to believe they should be!).
@flowmardev
@flowmardev 14 күн бұрын
I'm a developer and this is my first exposure to reverse engineering.... I have other stuff to do but the urge to learn more about it is SO STRONG!!! I'm putting a pin in it and most definitely coming back to learn more. Thanks, dude!!!! 😀
@C5pider
@C5pider Жыл бұрын
Amazing video. Just a small side note that IDA Freeware comes with a free online decompiler which generates (very *accurate*) pseude C code. Would love to see more of this kind of vids. Cheers.
@neutron_stz8894
@neutron_stz8894 Жыл бұрын
ida is too far away from that "accurate"
@曹絮
@曹絮 3 күн бұрын
@@neutron_stz8894 推荐一个
@valshaped
@valshaped Жыл бұрын
The ABI is more like an agreement that writers of assembly language programs make with other assembly writers for the sake of code interoperability. (In this context, the writer is a compiler, but it could be a person as well.) The processor generally doesn't care; as long as it's valid machine code, it'll run, ABI be damned. You can return your own custom tuple with 2 ints, a short, and a char* if you want, but you can't expect a C program to understand.
@zaphod101010
@zaphod101010 Жыл бұрын
I came down here to say that this is absolutely correct.
@dono42
@dono42 Жыл бұрын
The ABI varies depending on the OS rather than the processor. For example, Windows and Linux have different ABIs while they may run on the same process.
@arronalt
@arronalt Жыл бұрын
does that mean that some ASM scripts don't run on both Operating Systems?
@andrewdunbar828
@andrewdunbar828 Жыл бұрын
@@arronalt ASM is not a script and typically no ASM code that does anything useful will run on two different OSes with the same CPU unless specially crafted to do so.
@andrewdunbar828
@andrewdunbar828 Жыл бұрын
Came here to say this. The CPU or ISA company may well have an official ABI these days and some part of that might not be negotiable by the OS designer, but most of it is. And machine code doesn't need to follow it at all and in the case of malware should probably avoid as much official ABI style as possible in the most obfuscated parts.
@wreespace
@wreespace Жыл бұрын
I was having trouble understanding how memory call works on a computer. This video cleared that for me. Seeing it into action made so much sense. I can't thank you enough.
@jakenbaked87
@jakenbaked87 11 ай бұрын
This was the BEST tutorial on IDA and disassembly I've heard on KZbin
@anon_y_mousse
@anon_y_mousse Жыл бұрын
The program `strings` is exactly why if I want to protect my own programs I just encode my own strings. I don't always write things that I want to protect, but it's still fun to play with different methods of encoding to stave off passive RE.
@spaghettiking653
@spaghettiking653 Жыл бұрын
What do you mean by encoding?
@anon_y_mousse
@anon_y_mousse Жыл бұрын
@@spaghettiking653 It could be as simple as an xor scheme, but no matter what method I use, it wouldn't be secure because the means to decode it would be in the binary. It's at best a first step.
@kirasmith1147
@kirasmith1147 Жыл бұрын
Also best to save this part as a pre-production-build automation instead of unironically making a mess of your codebase
@martijn3151
@martijn3151 Жыл бұрын
I definitely enjoyed the video. Although I think the title is a bit too much clickbait. Equaling reverse engineering to being open source code, is a long stretch in my opinion. Sure, this simple non optimized example is quite understandable when it’s reverse engineered. Now try a large program containing lots of templated code, with O3 optimization, inline functions, loops unrolled, SIMD optimizations etc and see how far the disassembly will bring you to what it is you’re trying to achieve. E.g., getting around a password check. It’s super hard and you definitely need programming and assembly experience to even begin to tackle that. Nice introduction though ☺️
@Dante-420
@Dante-420 10 ай бұрын
It's definitely click bait and a lie - just because you can reverse engineer something doesn't mean you have the legal ability to create and publish a derivative work.
@qoq4837
@qoq4837 2 ай бұрын
maybe llms or anns can be employed to make the process more accessible
@red.doritos
@red.doritos Жыл бұрын
You are good at explaining things to beginners, pls do more of this reverse engineering stuff, make it a series you don't complicate things, i like it
@neti_neti_
@neti_neti_ Жыл бұрын
आपने बिलकुल सही कहा , सरलता और सहजता ही दिव्यता। 👏👏👏
@JLSXMK8
@JLSXMK8 Жыл бұрын
“..Simplicity and spontaneity is divinity.”; Very true.
@neti_neti_
@neti_neti_ Жыл бұрын
@@JLSXMK8 👏👏👏
@laptopDoctorKZN
@laptopDoctorKZN Жыл бұрын
Hi firmware can it be decompiled
@afifmalghani5202
@afifmalghani5202 Жыл бұрын
I have been waiting man. Thank you! I don't wanna go down the conventional, tools first, path that is taught in most of the courses out there.
@LowLevelTV
@LowLevelTV Жыл бұрын
Right on
@thiagomoreira6640
@thiagomoreira6640 Жыл бұрын
@@LowLevelTV can you please answer where did you hide the password on C's source code? I reviews the video some times and I didn't see the password on original C source code... How did you manage to hide?
@galfisk
@galfisk Жыл бұрын
​@@thiagomoreira6640 he collapsed the getPass function in the source view. Lines 4-36 are hidden when we see it.
@adityakeshla1668
@adityakeshla1668 4 ай бұрын
Brother Can anyone explain...how can we unlock item in codm ... through open source
@numnut1516
@numnut1516 Ай бұрын
No!
@matthewboyer4212
@matthewboyer4212 Жыл бұрын
Should also be worth mentioning that in the United States, contracts can override the fair use clause in the DMCA. Courts have upheld this. This means thar while reverse engineering isn't illegal, it almost always violates a contract and could result in a civil lawsuit for breach of contract or copyright infringement.
@LowLevelTV
@LowLevelTV Жыл бұрын
www.eff.org/files/2022/02/17/2022-02-16_apple_v_corellium_amicus_-_filed.pdf
@ChristopherGray00
@ChristopherGray00 Жыл бұрын
reverse engineering, with how it is traditionally done, can violate copyright law, however pure clean room blackbox reverse engineering, in any instance does not break copyright law, as none of the code of the original program is actually used. clean room blackbox reverse engineering, is obviously astronomically more difficult to do, but legally it is airtight because all you are doing is reading the output of the original program, and then writing code based on what you think it is doing.
@matthewboyer4212
@matthewboyer4212 Жыл бұрын
@@LowLevelTV 1: see Bowers v. Baystate Technologies, Inc. 2: This is an amicus curiae, not a court case. it also discusses the benefits of reverse engineering and isn't a law. I never said that reverse engineering was bad, I said it was a breach of contract.
@offroaders123
@offroaders123 Жыл бұрын
Woah, super cool! And at 12:50, after he pointed out the 'g', you can actually see the rest of the password characters at the start of each section in the buffer. Crazy!
@YasserCherfaoui
@YasserCherfaoui Жыл бұрын
I never knew IDA before, I used to use GDB to do kinda reverse engineering but now I feel like it's something I should start relaying on. Thank you sir!
@YasserCherfaoui
@YasserCherfaoui Жыл бұрын
@@khatdubell thanks a lot man
@sobowalebayo9185
@sobowalebayo9185 Жыл бұрын
Hello, can you help with guides to becoming a reverse engineer?
@zhad6045
@zhad6045 Жыл бұрын
@@sobowalebayo9185 google
@taahaseois.8898
@taahaseois.8898 10 ай бұрын
@@sobowalebayo9185 watch the video...
@berkaykurkcu
@berkaykurkcu Жыл бұрын
Loving the content! A tutorial on learning C language from beginner to advanced maybe? Roadmaps for these kind of languages are always welcome by community and highly watchable, might pull in more new viewers!
@alpayarsoy2437
@alpayarsoy2437 Жыл бұрын
Intermediate c programming kitabı var internette bedava. Orda güzel bilgiler vardı.
@raka2844
@raka2844 Жыл бұрын
@@alpayarsoy2437 can you tell me which one is it?
@Moon-D0G
@Moon-D0G Жыл бұрын
Bro cmon it's like begging content for calculus 1 or trigonometry in 2023. C and C++ already have very depth guides on youtube and as book. These languages are out there like decades.
@berkaykurkcu
@berkaykurkcu Жыл бұрын
@@Moon-D0G 5 ay önce “im new at programming” diye baska bir videoya yorum atmissin simdi buraya gelip come on bro yillardir var bro yazmissin hava atiyosun 😁 adama hem icerik tavsiyesi vermisim hem de gecerli sebepler sunmusum, “begging” diyosun ulen bizim Türkler niye böyle anlamak imkansiz 😁
@berkaykurkcu
@berkaykurkcu Жыл бұрын
@@alpayarsoy2437 teşekkür ederim güzel yönlendirmeniz için 🙏🏼
@BiteYt69
@BiteYt69 Жыл бұрын
I once made a function from ida pseudocode in c++, used a function pointer of my function and Mshookfunction to hook into the real function and replaced it, it worked as the replacement function had same bytesize as original function. Ida or ghidra + hooks are really fun
@lanceward7048
@lanceward7048 9 ай бұрын
You don't have to have ANY programming experience, you just have to be a computer engineer🤣
@FalcoGer
@FalcoGer Жыл бұрын
6:00 there is no agreement with the processor. It's simply a calling convention that in 64 bit processors you use registers for the first few arguments and then the stack for the rest. There is no agreement with anything, it's just something that the compiler does for internal consistency. There is no need for it to be that way. You can write your own assembly and put whatever you want in whatever register you want and do a function call and then read those registers back. All that really matters is how the processor behaves to the outside world, and that is documented in the instruction set manual, outlining how the processor should behave when any given instruction is executed. And none of those say that RDI should contain the first argument for a function call. In fact call really only does 2 things. Push the next IP to the stack and set the instruction pointer to the callee. Or in detail it pushes the address of the next instruction to the stack pointer address and then decrements the stack pointer address and then sets the instruction pointer to the function to be called. Nothing else goes on here. It's up to the compiler to handle how arguments are transferred to and from the function, how to handle the stack or anything else, really. 9:43 no, some dumb programmer may have given the function the name "getPass" originally, but that's not what the function does. Since you "don't know" the original name, you should give it the best name you can come up with. A better name would be "checkPassword" or "comparePassword" or something along those lines, because that function doesn't return (get) the password, it just checks if the password you provided is correct or not.
@saddish2816
@saddish2816 Жыл бұрын
Reverse engineering is so fun. Please teach us more
@ZeonLP
@ZeonLP Жыл бұрын
While I like the video in general, reverse engineering is definitely NOT easy. Try reversing a more complex binary (AAA games, commercial software, etc.). Without references, existence of obfuscation & code virtualization, RE can quickly become a very specialized and extremely time-intensive puzzle that likely requires deep knowledge about OS internals, compilers and assembly. Here, we of course have the original code as reference and - having written it ourselves - all underlying program concepts are already known which defeats the purpose of "solving the puzzle" aka reverse engineering.
@poiu477
@poiu477 Жыл бұрын
getting into it is easy, getting good is hard
@S.O.N.E
@S.O.N.E Жыл бұрын
Guy really expected the 13 min video to be 3 hours long
@simulator8
@simulator8 Жыл бұрын
@@S.O.N.E Guy really thinks the 3 Hours video to be enuf for reverse engg
@ocaly
@ocaly Жыл бұрын
@@simulator8 guy really wouldn't want a 3 hour long video about RE
@thomasbard1506
@thomasbard1506 Жыл бұрын
You are doing such a great job man ! Keep it up, I learnt so much from you dude, you're litterally a better teacher than most of the teachers I had in college ! Love you !
@LowLevelTV
@LowLevelTV Жыл бұрын
I appreciate that!
@SanketL3730
@SanketL3730 Жыл бұрын
Same here
@pialdas6835
@pialdas6835 Жыл бұрын
@@agentstona Where was he messing with CPU registers? What memory address registers was he changing?
@jirehla-ab1671
@jirehla-ab1671 Жыл бұрын
​@@LowLevelTVeverything is open source if u understand machine code and the cpu architecture of the app.
@harveysattic3918
@harveysattic3918 Жыл бұрын
I am so far 1 week into C#, granted this video went over my head a tiny bit, but I understood the fundamentals. Looks like I might dabble in this in the future.
@jesusdueas7145
@jesusdueas7145 11 ай бұрын
“You don’t need any programming experience” taking a binary? From a Source code? With diferent simbols? They are tipes of variables? Names of funcions? And they are readable strings? And you can get a lot of information by reading a buffer from the source code? What is the if get pass? This is just not even minute 1 and I’m lost.
@Grentanksmog
@Grentanksmog Жыл бұрын
Nice demonstration! Except that when dealing with passwords no one just compares them char by char. They often are stored in hashes with salts, so you cannot decipher it w\out brute force
@BackyardMonster
@BackyardMonster Жыл бұрын
Would be cool to see you reverse engineering a multiplayer flash game. Since most of them only have the .swf files and no server side files. Maybe tricking it to run on a localhost. Something like this would be very cool and could help archive more flash games, but it probably 100x more effort
@user-yw8sr3uj1w
@user-yw8sr3uj1w Жыл бұрын
Yes please!!
@VanBagdi
@VanBagdi Жыл бұрын
It is actually easier to decompile Flash games because they run on ActionScript, which like Java and C#, is first compiled to bytecode, which is then run on a VM. There are decompilers that give you the entire source code from a SWF file with full variable names and everything.
@TheColonel_
@TheColonel_ 11 ай бұрын
"You don't need any programming experience" yeah right...
@Johny9405
@Johny9405 4 күн бұрын
No, just the basics and you can learn that in an hour maybe
@ssrd.
@ssrd. Жыл бұрын
Amazing video, king. One thing though, I think you forgot to put the download link for IDA you mentioned at 4:11. Also, the repo in the description is probably private.
@alexandrsavochkin9442
@alexandrsavochkin9442 Жыл бұрын
Good introduction! Not quite disassembly-related question: I am wondering why the code generated by the compiler for each character comparison uses RAX for different things, so it needs to overwrite it multiple times: 1. it loads the buffer address into it and adds offset to it, and then 2. loads the character for comparison. Wouldn't it be more effective to use another register, say, RBX for the buffer address and RAX for the character comparison (or vice versa)? I know, registers are scarce resource, but here it seems to make sense for me to use 2 regs. At the same time, I heard that compilers are very smart today and create much better binary code then average human writing assembly code, so it should have some efficiency explanation.
@wildbohana
@wildbohana Жыл бұрын
GCC does have many flags that can affect the way that the compiled code will look, some of the flags allow you to choose what level of optimization you want for your code, but more optimized code also takes more time to compile
@giornikitop5373
@giornikitop5373 Жыл бұрын
a few come to mind. 1. rax is the alu register. 2. being a c program, all return values are stored in rax. 3. rax is generally safe to be changed whenever. 4. modern cpus can write faster to the same register if it was accessed shortly before. of course it's not perceivable but that's what intel claims. my guess is mostly because of 2 and 3 but also depends on the compiler's optimization lvl. of course the disassembly can be a bit "off" because ida doesn't always produce the most accurate results, but this is a very simple binary for that to be the case.
@miriamkapeller6754
@miriamkapeller6754 Жыл бұрын
The explanation is simply that he compiled without optimizations. The mov, add and movzx instructions are unnecessary. In an actual release executable, each set of these 4 instructions can be reduced to a single cmp instruction, like cmp byte ptr [rdi+7], 100.
@ThePowerRanger
@ThePowerRanger Жыл бұрын
Great video, a similar video for ARM Assemble would be great, explaining the special registers and stuff.
@LowLevelTV
@LowLevelTV Жыл бұрын
Great suggestion!
@m.projects
@m.projects Жыл бұрын
I think that the free IDA version doesn't include ARM support, that would be a big issue
@jordantheman25
@jordantheman25 Жыл бұрын
I love Ghidra
@billigerfusel
@billigerfusel Жыл бұрын
Idafree is really limited. Ghidra is the way to go.
@MisterK-YT
@MisterK-YT Жыл бұрын
I love chicks
@mantisgaming
@mantisgaming Жыл бұрын
I'd love to have seen what the getpass function looked like in c at the end of the video
@ludologian
@ludologian Жыл бұрын
I didn't know that there's existing bash code disassemble strings and object.. I like that you go up level by level but you should talked about reverse engineering the code with some decompilers as it's usually return the code if it's not obfuscated then maybe try to see the callstack with debugging. then using a disassembler
@GeneralZimmer
@GeneralZimmer Жыл бұрын
I legit thought he'd show us a decompiler when he said you don't need programming skills or anything.
@OmarRampado87
@OmarRampado87 Жыл бұрын
Great video! You say the registers are set for the processor x86, but I think is for the "calling convention" in Linux and it can change for other OS. I didn't know this IDA, it looks very intersting, thank you!
@Acorn_Anomaly
@Acorn_Anomaly Жыл бұрын
Yeah, a calling convention is set based on the target processor AND target OS. x86/i686 is different than x86-64/amd64, which is different from ARM, etc. And Linux and Windows conventions can be different.
@julianbittner4822
@julianbittner4822 10 ай бұрын
i always wanted to dig into reverse engineering but never knew where to start. thank you so much!
@jonathanmurray2986
@jonathanmurray2986 Жыл бұрын
“No previous programming experience needed…anyway, here’s assembly”
@RICK_MCN
@RICK_MCN 8 ай бұрын
I like how you brake this down for people that don't understand this or dummy it down very nice brother 👍👍
@int-64
@int-64 Жыл бұрын
We need more stuff like this
@flyingbutter7612
@flyingbutter7612 7 ай бұрын
Ok this was very helpful since i didn‘t know where to begin on reverse engineering thank you!
@aadiththiruvallarai4856
@aadiththiruvallarai4856 Жыл бұрын
I get a 404 error when I click on the GitHub link. Where can I find your GitHub?
@BuckyOhYeah
@BuckyOhYeah 11 ай бұрын
For novice programmers... write some javascript or css. Use an online minifyer on said code. Take the minified code and place into a formatter. Then try to determine what the code is doing...
@paulezekiel-hart733
@paulezekiel-hart733 Жыл бұрын
Remember folks, you don't need any programming experience 😅
@gabrieldta
@gabrieldta Жыл бұрын
Speaking of which... Has anybody ever considered this Reverse Engineering pipeline i came up with? 1. Play a game 2. Record the video/sound 3 Record each and every player input 4. Feed [Pixels and Sound + Player input] to an AI 5. Through AI "magic", the game is recreated because the AI has learned so much from what happens to the pixel resulting from this/that input. 6. Create a whole new AImulation (my term) market. =)
@rawbmar1166
@rawbmar1166 10 ай бұрын
What you just said was... Have AI do all the work and you do nothing. Doesn't sound like reverse engineering.
@sorek__
@sorek__ Жыл бұрын
Such explanations of simple concepts are really why I subscribed to your channel! Wish you did followup videos on more advanced stuff with it.
@SloppyPuppy
@SloppyPuppy Жыл бұрын
Ghidra is a more complex tool to per say, but its also its gpl2, so if your looking for something opensource I'd go for that
@whtiequillBj
@whtiequillBj Жыл бұрын
This is a very good high level explanation of reverse engineering. Do you have any plans on something more intermediate level or do you have a channel that I could go look at for something like that? I'm already in the weeds from reading the Intel Architectures Software Developer's Manual. I've been enjoying using Kaitai.
@sh_gosha6867
@sh_gosha6867 Жыл бұрын
This channel youtube.com/@HEXORCIST?si=EnSIkaIECMiOmarE
@kkyang7515
@kkyang7515 Жыл бұрын
I finally understood why my school taught me assembly now🤯. I never used it because I am on the dev side. that is so cool!!
@meatgoat4084
@meatgoat4084 Жыл бұрын
"everything is open source if you can reverse engineer" -- I hope the company you work for has a good legal team.
@dameanvil
@dameanvil 9 ай бұрын
0:00 📖 Reverse engineering is the process of understanding the functionality of a binary without access to its source code. 1:31 🛡 Malware reverse engineering is crucial for cybersecurity professionals to understand and defend against threats. 1:53 😄 Reverse engineering can also be enjoyable, involving the challenge of understanding how things work. 2:03 🛠 Basic reverse engineering techniques include using the strings command to find ASCII strings in a binary. 3:01 🧠 Disassemblers like object dump and IDA convert binary machine code into human-readable assembly instructions. 8:00 🔍 Reverse engineers use disassemblers to analyze assembly instructions and infer the functionality of a binary. 11:38 🔐 Understanding the binary's functionality, such as password comparison, allows for successful reverse engineering. 13:00 🤔 Some binary content, like password comparisons, may not be revealed by simple string extraction due to how instructions are encoded.
@SUNNofODIN
@SUNNofODIN Жыл бұрын
"Manipulating Assembly is so interesting!" I said today for the first time in my life.
@karama300video
@karama300video Жыл бұрын
Indeed!
@angryman9333
@angryman9333 Жыл бұрын
Its pure power.
@vega7338
@vega7338 5 ай бұрын
If anyone found themselves struggling to understand this, the following are the required courses: 1. Program design (for understanding the C code) (C recommended, python is not actually close to the topic) 2. Compiler (for understanding how computer transfer high level code to machine code or instructions) 3. Computer Organization (for understanding how instructions have your CPU interact with other components like RAM and Cache) Overall, there is one shortcut, that is to have a degree in Computer Science.
@FurqanHun
@FurqanHun Жыл бұрын
I didn't thought I'd understand someone using c this early for a program like this 💀 though i still haven't gotten used to it but I've taken few steps ig 🚶 trying to understand programs just by looking at codes, reading documentations and trying to recreate the stuff i learn really did helped more than taking lectures or watching video tutorials 👾
@nixielee
@nixielee Жыл бұрын
You should do this for real malware, YT needs more of this stuff
@jaybhanushali8559
@jaybhanushali8559 Жыл бұрын
Hey, thanks for the amazing video. I have a small question. At 7:47 you labeled the variable as "buffer" because you know the code already that it was a buffer that you had created and will be storing password. But in real scenario we will not have that C code but will only have access to the IDA generated assembly code then how will I know wat that variable stores and why was it defined. Here you knew its buffer but in real cases while rev. engineering software I would never have a dream about where, what and why was that variable defined.
@kebien6020
@kebien6020 Жыл бұрын
You kinda look around to see how it is being used, and pick whatever name makes sense for you. In this case you can see that it is being passed as the second parameter to scanf, which reads data from stdin (in this case user input) into the passed pointer. So it makes sense to call it a buffer. Personally, I would have called it user_input or input_buffer.
@Rakesh37187
@Rakesh37187 Жыл бұрын
I am confused. This obviously requires skills in programming and the underlying working of things. As someone studying CS I get most of it. How is it then that I see so many people on internet advertising Cyber Security with no programming skills required?
@benjaminrich9396
@benjaminrich9396 Жыл бұрын
I love videos like this. Keep 'em coming. :)
@LowLevelTV
@LowLevelTV Жыл бұрын
Thanks! Will do!
@Themisterfly85
@Themisterfly85 5 ай бұрын
asm is mainly used for cracking software (at least that's how i learnt it) and it is well demonstrated in this video. thanks for the memories i should say, this brought me back to me teenager times.
@citricdolphin
@citricdolphin Жыл бұрын
Great tutorial, but DEFINITELY not suitable for people with "no programming experience." I know a lot of computer science and software engineering students that would be completely lost with this. It's easy to forget that even lines like "only the case for 64-bit Intel" mean little to complete beginners.
@AnshulRanjan14
@AnshulRanjan14 11 ай бұрын
That's like saying, you can go anywhere if you know how to pick locks. Sure you can do that, doesn't mean you should do that. What makes open source, open source is the licence under which they make the source code available. Not that you can reverse engineer a code.
@nachosncheez2492
@nachosncheez2492 Жыл бұрын
nice, more of these
@gjermundification
@gjermundification 11 ай бұрын
RTFB = reverse engineering - like we did back in the day with VIC-20, C64, and Amiga
@Hossimo
@Hossimo Жыл бұрын
@LowLevelLearning FYI, Your github link in the description is a 404
@SunsetGraffiti
@SunsetGraffiti 5 ай бұрын
Oh wow... I think I'm in love. This makes me feel like I'm a kid again, tearing apart my dad's old VCR trying to figure out how it works.
@EditorKody
@EditorKody Жыл бұрын
Any reason why you're choosing to use IDA over Ghidra? I know IDA has a nice decompiler, but it's prohibitively expensive to use the non-cloud version and some of its other better features.
@scootergirl3662
@scootergirl3662 Жыл бұрын
He may happen to have it for work or something
@EditorKody
@EditorKody Жыл бұрын
@@scootergirl3662 He’s using IDA freeware version, so that’s not likely.
@noxwellix
@noxwellix 4 ай бұрын
> selecting ELF's program header table > reverse engineering is going from *this* to what the code does You could have scrolled down to the .text section with machine code at least :)
@norielgames4765
@norielgames4765 11 ай бұрын
Being open source doesn't mean you get the code. It's a type of license. Doesn't matter how you obtain the code, be it reversing or stealing it somehow, if the code has a closed license you can't use it in any way shape or form.
@abdulrahmanelawady4501
@abdulrahmanelawady4501 Жыл бұрын
That was quite simple to understand. despite the fact that it will need you to understand the basic terminologies of computer science in order to fellow along. but overall, it was nice to watch. hey maybe you can make a video covering those basic terminologies and link it to your future videos, so people would be able to understand easier. but hey what do I know~
@pskry
@pskry Жыл бұрын
FYI, your github link in the description is broken (404)
@adlsfreund
@adlsfreund Жыл бұрын
He probably forgot to make it public.
@yomajo
@yomajo 8 ай бұрын
How many years of C, C++, assembly and general computer science years does it take to dig through binaries like that?
@diegomasotti7517
@diegomasotti7517 Жыл бұрын
404 on the github link
@samjohn1098
@samjohn1098 Жыл бұрын
One of the video to get started for reverse engineering
@webrevolution.
@webrevolution. Жыл бұрын
1:20 That is not binary data, it's HEX. Binary data is only 1s and 0s.
@jonnyphenomenon
@jonnyphenomenon Жыл бұрын
My favorite trick is to change the jnz to a jmp. It's much quicker. Just one bit flipping from a 74 to a 75 or something. Of course, this only works if you have write permissions on the file, but it's a pretty good demonstration of what can be done.
@mutexin
@mutexin Жыл бұрын
Misleading title, misleading claims.
@meestyouyouestme3753
@meestyouyouestme3753 9 ай бұрын
“no coding experience required.” *requires past programming participation *
@ezekieljills
@ezekieljills Ай бұрын
garbage content
@KvapuJanjalia
@KvapuJanjalia 5 ай бұрын
When I write performance-critical C# code, I usually disassemble it to make sure JIT optimizes it properly.
@amroelkhodrai3048
@amroelkhodrai3048 13 күн бұрын
Videos like this is why I like youtube, keep up the good work!
@agucci
@agucci Жыл бұрын
I am not the best reverse engineer in the world, but IDA is so much fun for the entire family and friends... The Cyber research of the Law.
@charles-y2z6c
@charles-y2z6c Жыл бұрын
Nice, takes me way back to my 6502 days, writing decompilers. Subscribed and Looking forward to seeing what else you have.
@astrovicis
@astrovicis Жыл бұрын
This was awesome. Also the first time I feel like I’ve genuinely followed a video like this. Thank you!!
@luizmeier
@luizmeier Жыл бұрын
Don't get me wrong. If you've never disassembled an application before, consider the course. However, know that most "interesting" systems have cryptography and methods that perform differently if they are at debug speed instead of running freely (among other methods). Even people with years of experience can take weeks to really disassemble the area of interest.
@Neodynium.the_permanent_magnet
@Neodynium.the_permanent_magnet 11 ай бұрын
Reverse engineering requires knowledge, but, more importantly, the right tools. It would be hard to rev eng with only 'strings' for instance (and who wants to read machine code )
@hdufjwif6fjjgkf943
@hdufjwif6fjjgkf943 Жыл бұрын
Nice timing! Just installed Ghidra to learn rev eng and binary exploitation and your video came out
@sunofabeach9424
@sunofabeach9424 Жыл бұрын
I use Cutter for reverse engineering, highly recommend
@austinsharpe8157
@austinsharpe8157 3 ай бұрын
"Wow! I just went from zero programming experience to knowing how to reverse-engineer and decompile binary by watching this 14 minute video!" - No one
@icaromartins_asic
@icaromartins_asic Ай бұрын
I really want to improve the architecture of a software made in Java but it seems to me material for a computer's science master's degree.
@eljuano28
@eljuano28 Жыл бұрын
You're a cyber treasure, dude. Don't ever forget that.
@jonathansung8197
@jonathansung8197 7 ай бұрын
This is how you used to change to the dark theme for Unity a few years ago back when the free version of Unity was restricted to the light theme only. You would open the Unity.exe with a hex editor and manually change a particular value.
@vladislavkaras491
@vladislavkaras491 11 ай бұрын
Thanks for showing, how tedious is reverse engineering! :P
@danser_theplayer01
@danser_theplayer01 Жыл бұрын
With one liiitle exception, *it will be a lawsuit worthy copyright infringement* if you "just reverse engineer it" and then use it even as only a small part of your overall big code.
@NotGarbageLoops
@NotGarbageLoops 7 ай бұрын
Wish I had this 10 years ago. Did so much learning the wrong way around.
@LiamStojanovic
@LiamStojanovic Жыл бұрын
Dude this video is awesome. You should do more of these!
@hodolski
@hodolski 11 ай бұрын
From my own experience a good reverse engineer is also a good programmer. I, a BBA graduate just learned how to code, tried RE but never surpassed my colleague with years of programming experience. You DO need some knowledge and experience to read reversed code, and the more the better. Computational thinking is a thing.
I Reverse Engineered this Program Automatically.
16:53
Low Level
Рет қаралды 77 М.
new critical linux exploit has been hiding for 10 years.
9:32
Low Level
Рет қаралды 122 М.
Noodles Eating Challenge, So Magical! So Much Fun#Funnyfamily #Partygames #Funny
00:33
За кого болели?😂
00:18
МЯТНАЯ ФАНТА
Рет қаралды 3 МЛН
The Ultimate Sausage Prank! Watch Their Reactions 😂🌭 #Unexpected
00:17
La La Life Shorts
Рет қаралды 8 МЛН
Learn Reverse Engineering (for hacking games)
7:26
cazz
Рет қаралды 1,1 МЛН
how Google writes gorgeous C++
7:40
Low Level
Рет қаралды 951 М.
AI Automations 101: Reverse Engineer Any API
16:16
Hichem's Journey
Рет қаралды 1,7 М.
Comparing C to machine language
10:02
Ben Eater
Рет қаралды 5 МЛН
before you code, learn how computers work
7:05
Low Level
Рет қаралды 516 М.
They keep trying to backdoor Open Source
7:19
Eric Parker
Рет қаралды 179 М.
How to Crack Software (Reverse Engineering)
16:16
Eric Parker
Рет қаралды 714 М.
Noodles Eating Challenge, So Magical! So Much Fun#Funnyfamily #Partygames #Funny
00:33