HN Books @HNBooksMonth

Start here. Start with the second one - 'From n00b to l33t: An Introduction to Reverse Engineering'.

"This workshop is a 1-2 hour introduction to what reverse engineering is. It assumes no knowledge of assembly and is done on paper worksheets rather than a computer setup for accessibility and to make the most efficient use of time."

It's by Maddie Stone, who's a Security Researcher at Google Project Zero.

She also has Android app reverse engineering

https://www.ragingrock.com//pages/tutorials.html

Later, check out this book:

Reversing: Secrets of Reverse Engineering by Eldad Eilam

https://www.amazon.com/Reversing-Secrets-Engineering-Eldad-E...

I'm by no means an expert but these are some of the links/books I've found informative.

Smashing The Stack For Fun And Profit [1] Reversing: Secrets of Reverse Engineering [2] The IDA Pro Book [3]

The iOS Hacker's Handbook [4] was interesting as a sort of case study on exploiting and hacking embedded hardware.

Mostly what I've found, though, is just starting with a question and googling the answer yield the most results. For example, see mention of a stack overflow attack google how and why stack overflow attacks work (or don't) and once that side of things is understood the thought process behind finding them becomes easier to understand, although not really easier to do (for me, at least).

[1] http://insecure.org/stf/smashstack.html

[2] http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Ei...

[3] http://www.amazon.com/IDA-Pro-Book-Unofficial-Disassembler/d...

[4] http://www.amazon.com/iOS-Hackers-Handbook-Charlie-Miller/dp...

Agreed. My standard recommendation to those interested is to read the book Reversing by Eldad Eilam (Amazon referral link warning: http://www.amazon.com/gp/product/0764574817/ref=as_li_ss_tl?... )

I'm also always willing to help people out here -- if anyone is interested in reversing, feel free to email me.

http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Ei...

I loved this book as a kid: http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Ei...

It's probably a bit out of date now, but my dog-eared copy is still a good read. Ah, nostalgia. There once were days when I dreamed that a CS degree would make me as a god; the silly thoughts of a child. Now I know that it is a _PhD_ which makes gods of men.

⬐ lowglow

Can I get a Reverse Engineering PhD?

⬐ bigmac

I've looked into this a bit. There are three programs that I'm aware of:

The BitBlaze project at UC Berkeley. http://bitblaze.cs.berkeley.edu/

There's also http://www.cs.kent.ac.uk/people/staff/amk/ which offers a PhD studentship in "Reverse Engineering for Security."

CERIAS at Purdue will definitely have some RE related courses, e.g. http://www.cerias.purdue.edu/site/projects/detail/malware_re...

⬐ mechanical_fish

You can study molecular biology and become an expert at reverse-engineering the most amazing machines in existence.

Though the Kinect is apparently a lot more tractable.

⬐ vault_

I've been writing some code for people working in bioinformatics recently. It's pretty similar.

⬐ mechanical_fish

Now I know that it is a _PhD_ which makes gods of men.

I know you're joking, but...

When I was halfway through my Ph.D. I formulated a hypothesis: The proximate challenge that keeps you from graduating is that you have to write a thesis. But the ultimate challenge to getting your Ph.D. is this: You somehow have to learn to understand, deep down, that all your romantic notions about the Ph.D. are bunk, that you will be exactly the same person on the day after you get it that you were the day before, and that you need to stop waiting for the day when you feel like a god and just write something down and get on with life.

It may take you years to accept this, and it may drive you to drink, but after you get to that point you can graduate.

Only then will you be able to live with the fact that your thesis looks like crap to you. Your thesis will always look like crap to you. Either you will have figured out absolutely everything and your thesis will look incredibly boring to you, because you've moved on, or -- vastly more likely -- your thesis will look woefully incomplete because, geez, there is so much that you couldn't figure out, and you're just so stupid!

Or, most likely of all, you will think both of these things at the same time.

Similarly: Being the world's foremost expert on a particular scientific problem is a lot less exciting in real life than it seems in the movies. In fact, being on the frontier of science feels like being totally, hopelessly lost and confused. Why this came as a surprise to me I'll never know.

⬐ boredguy8

It came as a surprise because up to that point, someone had the answer. Even if you had great teachers and even if you're a problem solver...at the end of the day, someone had done what you were doing.

I think that's why most people I know that are on "the cutting edge" are very humble: either they got "it" right and know 40 people just as smart that went in one of 40 equally promising directions and got it wrong. Or they're one of the 41 people still trying to figure out just where the heck they can go from this apparent dead-end.

Then along comes 42...

⬐ bricestacey

The hopelessness and confusion that comes at the frontier of science is precisely why I stopped studying biochemistry for my bachelors degree. By the first 300 level course, people begin to start asking relatively simple questions that are not yet known to mankind. It freaked me out. I couldn't imagine ever discovering new knowledge and subsequently dropped out and into computer science...

⬐ troutwine

Ah, but the spice of life is staring into the Abyss of Unknowing and recognizing your very self in it! The most beautiful questions of mathematics and computer science so very often start out "Does there exist..." and we are left with no answer other than, "Who knows!" The world is wide and strange and we are very small indeed. That is beautiful to me.

⬐ mikeryan

hmmm... maybe thats the upside of a masters degree. You have that "come to jebus" moment the day after you graduate, but without all the nasty research and writing.

⬐ shrikant

All of your hypothesis is in total agreement with this: http://matt.might.net/articles/phd-school-in-pictures/

⬐ troutwine

When I went to do mathematics at Chicago I figured I was the smartest person alive. There I was, facing the gargoyles of my dreams; a poor kid aspiring to a better life by shrugging off the accent I was born into and the mentality of defeat so common among the poor. But I had gone too far, became too confident and failed horribly. I was sure that the world had failed--I was too good--and that everything was bullshit. I left, walked away from a full scholarship because I had overcome the constrains of my life before and Mathematics and University were no different. I took a job at a small software shop in Portland, OR instead, enrolling part time at PSU doing computer science.

I failed at both, as you might expect. The world wasn't wrong, I was. While I could program, I had no discipline. While I had intellect, I had no ability to learn. The world was not wrong, I was. All of my anger and suffering and frustration were my fault. From the defeat of my new University and my new job I learned that my romantic notions of most things were not reality. Enrico Fermi, on whose stairway I bounded up, did not simply decide to conjure nuclear fission under what is now a library. He worked for years, a thing which I had never done.

The novice says to the master, "Coal is black." The master replies, "No, it is not."

The intermediate says to the master, "Coal is not black." The master replies, "Of course it is."

The masters say among themselves, "It is coal."

I hold no romantic notions as I held when I were a boy; I have not become a cynical man. Life is suffering and pain. Life is joy and love. I have built a business from nothing and sold it for a profit. I am now very poor. Life is life and that is beautiful. What we learn, what we truly learn, we so incorporate into our being that we cannot perceive it as unknown to all. We are the streams into which a man steps: never the same, yet always the same.

To gain mastery over the frontier of science is to gain mastery over nothing, over one's self. It is confusion and pain and truth and beauty.

⬐ rnho

The novice says to the master, "Coal is black." The master replies, "No, it is not."

The intermediate says to the master, "Coal is not black." The master replies, "Of course it is."

The masters say among themselves, "It is coal."

~~~~~~~~~~

By reading this alone I can say you failed because you are stupid. Makes me think the system sometimes works.

⬐ jasonkester

You wrote all that as a 3rd level reply to an offhand comment in a random thread? Wow. This is the reason I keep coming back here.

Just yesterday I saw so much negativity and pettiness on another thread that I had pretty much written off HN as a lost cause.

Your post brought me back. Thanks!

For learning reverse engineering, I would recommend the book Reversing: Secrets of Reverse Engineering[1] by Eldad Eilam.

I'm not sure what good beginner resources for learning assembly programming are, but either way, you'll probably want a copy of the Intel instruction set reference manuals[2] (and maybe the other Intel/AMD manuals[3]).

[1] http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Ei...

[2] vol1: http://www.intel.com/Assets/PDF/manual/253666.pdf vol2: http://www.intel.com/Assets/PDF/manual/253667.pdf

[3] Intel: http://www.intel.com/products/processor/manuals/ AMD: http://developer.amd.com/documentation/pages/default.aspx

Great article, it's rare that you see good introductory materials on binary patching (and other reversing-related subjects). If you're interested in learning more, I can't recommend this book enough: http://www.amazon.com/Reversing-Secrets-Engineering-Eldad-Ei...