Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Reverse Engineering Armv8-A Systems
  • Table Of Contents Toc
Reverse Engineering Armv8-A Systems

Reverse Engineering Armv8-A Systems

By : Austin Kim
Buy this Book
close
close
Reverse Engineering Armv8-A Systems

Reverse Engineering Armv8-A Systems

By: Austin Kim
Buy this Book

Overview of this book

Unlock the secrets hidden in binary code without needing the source! Written by a Linux kernel engineer and author with over 14 years of industry experience, this book lays a solid foundation in reverse engineering and takes you from curious analyst to expert. You’ll master advanced techniques to dissect kernel binaries, including kernel module files, vmlinux, and vmcore, giving you the power to analyze systems at their core. This practical, three-part journey starts with the essentials of reverse engineering, introducing the key features of Armv8-A processors and the ELF file format. The second part walks you through the reverse-engineering process, from Arm environment setup to using static and dynamic analysis tools, including innovative methods for analyzing kernel binaries and the powerful debugging tool uftrace. The final part covers security, exploring TrustZone and the latest security techniques to safeguard Arm devices at the hardware level. By the end of this reverse engineering book, you'll have comprehensive Armv8-A expertise and the practical skills to analyze any binary with confidence while leveraging advanced security features to harden your systems.
Table of Contents (22 chapters)
close
close
close
Preface
Icon
Preface
Lock Free Chapter
1
Part I: Fundamentals of Armv8-A Architecture
Icon
Part I: Fundamentals of Armv8-A Architecture
2
Learning Fundamentals of Arm Architecture
Icon
Learning Fundamentals of Arm Architecture
Icon
Technical requirements
Icon
Introduction to the Arm architecture
Icon
Registers
Icon
Procedure Call Standard for the Arm Architecture (AAPCS)
Icon
Exception levels
Icon
Exceptions
Icon
Summary
3
Understanding the ELF Binary Format
Icon
Understanding the ELF Binary Format
Icon
Technical requirements
Icon
Introduction to ELF
Icon
ELF header
Icon
Section headers
Icon
Sections
Icon
Program headers
Icon
Summary
4
Manipulating Data with Arm Data Processing Instructions
Icon
Manipulating Data with Arm Data Processing Instructions
Icon
Technical requirements
Icon
Move operations
Icon
Arithmetic operations
Icon
Bit-shift operations
Icon
Logical operations
Icon
Practicing data processing instructions
Icon
Summary
5
Reading and Writing with Memory Access Instructions
Icon
Reading and Writing with Memory Access Instructions
Icon
Technical requirements
Icon
The LDR instruction
Icon
The STR instruction
Icon
Extension: Memory access operation
Icon
Practicing memory access instructions
Icon
Summary
6
Controlling Execution with Flow Control Instructions
Icon
Controlling Execution with Flow Control Instructions
Icon
Technical requirements
Icon
Branch instructions
Icon
Comparison operations
Icon
Conditional branch operations
Icon
System control operations
Icon
Summary
7
Part II: Background Knowledge for Binary Analysis
Icon
Part II: Background Knowledge for Binary Analysis
8
Introducing Reverse Engineering
Icon
Introducing Reverse Engineering
Icon
Technical requirements
Icon
Why reverse engineering is necessary
Icon
Methods of reverse engineering
Icon
Compilation process
Icon
Assembly instructions and machine code
Icon
Background knowledge of reverse engineering
Icon
Summary
9
Setting Up a Practice Environment with an Arm Device
Icon
Setting Up a Practice Environment with an Arm Device
Icon
Technical requirements
Icon
Raspberry Pi
Icon
QEMU
Icon
Summary
10
Unpacking the Kernel with Linux Fundamentals
Icon
Unpacking the Kernel with Linux Fundamentals
Icon
Technical requirements
Icon
Architecture overview
Icon
Process management
Icon
Memory management
Icon
Key security hardening features
Icon
Summary
11
Part III: Unlocking Key Binary Analysis Skills for Reverse Engineering
Icon
Part III: Unlocking Key Binary Analysis Skills for Reverse Engineering
12
Understanding Basic Static Analysis
Icon
Understanding Basic Static Analysis
Icon
Technical requirements
Icon
Introducing static analysis
Icon
Identifying binaries
Icon
Analyzing the control flow with if statements
Icon
Analyzing the control flow with for loops
Icon
Identifying log output patterns
Icon
Summary
13
Going Deeper with Advanced Static Analysis
Icon
Going Deeper with Advanced Static Analysis
Icon
Technical requirements
Icon
Methodology for static analysis
Icon
Introducing advanced static analysis
Icon
Structure of kernel binaries
Icon
Key features of kernel binaries
Icon
Understanding the pattern of struct data structures
Icon
Summary
14
Analyzing Program Behavior with Basic Dynamic Analysis
chevron up
Icon
Analyzing Program Behavior with Basic Dynamic Analysis
Icon
Technical requirements
Icon
Introducing dynamic analysis
Icon
Exploring the GDB program
Icon
Understanding the virtual address range
Icon
Analyzing stack memory content
Icon
Return-oriented programming analysis
Icon
Memory corruption: buffer overflow case study
Icon
Summary
15
Expert Techniques in Advanced Dynamic Analysis
Icon
Expert Techniques in Advanced Dynamic Analysis
Icon
Technical requirements
Icon
Introducing advanced dynamic analysis
Icon
vmcore and the Crash utility
Icon
Stack area of the process
Icon
Tracking the start address for a struct using the address
Icon
Identifying a structure using a function pointer
Icon
Summary
16
Tracing Execution with uftrace
Icon
Tracing Execution with uftrace
Icon
Technical requirements
Icon
Introducing log-based debugging
Icon
Introducing uftrace
Icon
Basic features of uftrace
Icon
Practical features of uftrace
Icon
Summary
17
Part IV: Security Features in Armv8-A Systems
Icon
Part IV: Security Features in Armv8-A Systems
18
Securing Execution with Armv8-A TrustZone
Icon
Securing Execution with Armv8-A TrustZone
Icon
Technical requirements
Icon
Introducing TrustZone
Icon
Key concepts of TrustZone
Icon
Secure monitor call
Icon
Implementation of TrustZone in real systems
Icon
Analyzing Arm Trusted Firmware
Icon
Hardware features related to TrustZone
Icon
Summary
19
Building Defenses with Key Security Features of Armv8-A
Icon
Building Defenses with Key Security Features of Armv8-A
Icon
Technical requirements
Icon
Privileged Access Never (PAN)
Icon
Pointer Authentication Code (PAC)
Icon
Branch Target Identification (BTI)
Icon
Memory Tagging Extension (MTE)
Icon
Summary
20
Other Books You May Enjoy
Icon
Other Books You May Enjoy
21
Index
Icon
Index

Return-oriented programming analysis

Return-oriented programming (ROP) is a commonly used technique to execute a specific function without directly calling it in C code. This method is often exploited in security attacks by corrupting the stack area with specific addresses to redirect execution flow.

Key concept of ROP

Consider the following assembly snippet:

01 ldp x30, x29, [sp]
02 ret

When the ret instruction is executed, the PC is updated with the value stored in the x30 register. This is because the ret instruction copies the return address from x30 into the PC, branching execution to the specified address.

This section provides an example of how a function can be executed without explicitly calling it in the source code. The following shows the content of the example code:

#include <signal.h>
#include <stdio.h>
__attribute__((noreturn)) void call_empty() {
    printf("call_empty() called!\n");
}
void sig_handler(int signum) {
 ...
Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Reverse Engineering Armv8-A Systems
End of Section 14
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon