Practical Reverse Engineering
Updated May 6, 2005
Check out Breaking Eggs And
Making Omelettes, a blog devoted to the discussion of reverse engineering
theories and practice, as well as multimedia technology.
Welcome to a series of esoteric articles on the topic of reverse
Eventually, I would like for this page to be home to practical advice
about software reverse engineering. For now, it is a repository of my random
thoughts and experiments regarding the subject.
For brevity, note these abbreviations:
- RE = reverse engineer
- RE'ing = reverse engineering
- RE'd = reverse engineered
Reverse Engineering Articles
- Introduction: Why is this site here?
- Experiments in Software RE: This
article discusses some basic RE ideas and speculates on some better
approaches. Topics include basic binary disassembly, finding function
boundaries and generating call trees for binaries, and execution profiling
without debug information.
- Case Study: Xan Video Codec: This article
applies some RE ideas towards an older video codec named Xan.
- Case Study: Microsoft Windows Media Video 9:
This article applies some RE ideas towards a more modern video codec,
- Using strace(1) on Linux: strace(1) is a
Linux tool that traces system calls and can provide intelligence in RE
efforts. This article also includes a case study with RadGameTools'
standalone Bink video player for Linux.
- gen-calltree-dumpbin.pl: This is
a Perl script that takes the output of a "dumpbin.exe /disasm <file.lib>"
command (part of Microsoft's developement suite) and organizes a shallow
call tree. Here are some of examples of the script in action dissecting a
series of multimedia-related libraries available for free as part of
Embedded Evaluation Software:
For more information, see this blog entry:
Seeing The Forest For The Call Trees
- Subverting Retroguard: This article
deals with subverting a popular Java obfuscator program to be a partial Java
Other RE Sites Of Note
mike at multimedia.cx