Summary
In this chapter, our discussions revolved around reverse engineering tools that are already built into Linux systems. Debian-based operating systems, such as Ubuntu, are popular for reverse engineering purposes because of the wide community and tools available. We have focused more on how to analyze Linux' native executable, the ELF file. We started off by using GCC to compile a C program source into an ELF executable. We proceeded to analyze the executable using static info-gathering tools, including ls
, file
, strings
, and objdump
. Then we used ltrace
and strace
to carry out a dynamic analysis. Then we used gdb
to debug the program, showing us Intel assembly language syntax.
We also introduced and explored the radare2
toolkit. We used rahash2
and rabin2
to gather static information, and used radare2
for disassembly and debugging in an interactive view. Network analysis tools were not left behind either, as we used tcpdump
and Wireshark
.
In the information security world, most files...