Chapter 6. RE in Linux Platforms
A lot of our tools work great in Linux. In the previous chapter, we introduced a few Linux command-line tools that are already built-in by default. Linux already has Python scripting installed, as well. In this chapter, we are going to discuss a good setup for analyzing Linux files and hosting Windows sandbox clients.
We are going to learn how to reverse an ELF file by exploring the reversing tools. We will end this chapter by setting up a Windows sandbox client, running a program in it, and monitoring the network traffic coming from the sandbox.
Not all of us are fond of using Linux. Linux is an open source system. It is a technology that will stick with us. As a reverse engineer, no technology should be an obstacle, and it is never too late to learn this technology. The basics of using Linux systems can easily be found on the internet. As much as possible, this chapter tries to detail the steps required to install and execute what is needed in a way that you can follow.
In this chapter, you will look at the following
- Understanding of linux executables
- Reversing an ELF file
- Virtualization in Linux – an analysis of a Windows executable under a Linux host
- Network traffic monitoring