KEMBAR78
Lab 4 - Reverse Engineering Using A Debugger | PDF | Computer Science | Computer Engineering
Scribd
Upload
14 views3 pages

Lab 4 - Reverse Engineering Using A Debugger

Reverse Engineering using a Debugger

Uploaded by

2011Randres
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views3 pages

Lab 4 - Reverse Engineering Using A Debugger

Reverse Engineering using a Debugger

Uploaded by

2011Randres
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

9/5/25, 3:50 PM Lab 4 – Reverse Engineering using a Debugger

Lab 4 – Reverse Engineering using a Debugger


 Published  Assign To  Edit 

Equipped with a debugger, you're now skilled enough to approach an unknown binary from multiple
angles using a combination of static and dynamic techniques. This lab will put your skills to the test. You
have a single binary that you need to determine the correct password for. Use a combination of radare2
and a debugger to understand the flow of the program and the expected password. Following this, you'll
use ESIL to emulate a 'decryption' function.

Lab Objectives

By the end of this lab, you should be able to:

Use a debugger in conjunction with radare2 to reverse engineer binaries.


Use ESIL in radare2 to write and emulate snippets of assembly.
Automate tasks in radare2.

Lab Procedure: Click each accordion for more details.

Part 1: Environment Update

Complete the following steps:

1. Follow the instructions on the gdb-peda github page (https://github.com/longld/peda) to


install gdb-peda.
2. Start gdb and type `peda` - a list of peda available commands should be listed.

Part 2: Debugging

Complete the following steps:

1. Download the binary lab4


(https://udel.instructure.com/courses/1875953/files/148624736/download?wrap=1)
(https://udel.instructure.com/courses/1875953/files/148624736/download?download_frd=1)
and copy it to your virtual machine.
2. Using radare2 and gdb-peda, reverse engineer the binary to determine the password.

https://udel.instructure.com/courses/1875953/assignments/13627838 1/3
9/5/25, 3:50 PM Lab 4 – Reverse Engineering using a Debugger

Part 3: ESIL and Automation

Complete the following steps:

1. [decrypt.asm] lab4 (https://udel.instructure.com/courses/1875953/files/148624736/download?


wrap=1) (https://udel.instructure.com/courses/1875953/files/148624736/download?
download_frd=1) contains an 'encrypt' function. Reverse engineer this function to produce a
'decrypt' function in assembly.
2. Using radare2, write your 'decrypt' function in assembly to a memory file, and emulate it taking
an 'encrypted' input and producing a 'decrypted' output using ESIL.
3. [lab4.r2] Write a radare2 script file that would automate this process for all inputs, effectively
producing the password required for this lab.

In short, running your script file on my laptop should produce the password for lab4, in one or more
lines of output.

Lab Questions

1. What is the expected password? Describe how this password is generated by the program.
2. EXTRA CREDIT: What non-primitive data structure is being used in this program? How do you know
this? HINT: 'array' is not the correct answer.
3. What is the inverse of the following operations: XOR, NOT, ADD, SUB?
4. What is the purpose of the local variable located at `ebp - local_34h`?
5. What does the use of `malloc` indicate about the memory location of a given variable?

Deliverables

Code files: decrypt.asm, lab4.r2


Answers to all lab questions in either PDF, DOC(X) or MD

Points 16

Submitting a file upload

Due For Available from Until

Oct 5 Everyone - -

Lab Rubric CPEG671 (1)

https://udel.instructure.com/courses/1875953/assignments/13627838 2/3
9/5/25, 3:50 PM Lab 4 – Reverse Engineering using a Debugger

Criteria Ratings Pts

Delivery 4 pts 3 pts 2 pts 1 pts


Submitted Submitted lab late Submitted lab late Submits lab late
completed lab on by no more than by no more than by more than 5 full
time. Submission 24 hours or in an 72 hours. days.
and all of its incompatible
contents are well format. 4 pts
organized, and in
an acceptable
format (PDF, DOC,
Markdown).

Procedure 4 pts 3 pts 2 pts 1 pts


Properly Minor error or two Reasonable effort Fails to follow lab
and
implements implementing to follow procedure
Objectives
procedure. Clearly procedure. Meets procedure, but correctly. Fails to
meets all lab lab objectives; there is a meet any 4 pts
objectives; some minor flaws significant flaw in objectives.
flawless work. in work. the work, or fails
to meet several
objectives.

Questions 4 pts 3 pts 2 pts 1 pts


Answers all Misses a question Reasonable effort Incorrectly
questions or parts of to answer answers or fails to
accurately and questions, but questions with answer the 4 pts
completely. overall, answers varying levels of majority of the lab
are accurate. accuracy. questions.

Code 4 pts 3 pts 2 pts 1 pts


Applicable source Source code has Source code only Source code fails
code is clear, some minor flaws, partially meets the to run or compile,
concise, but generally given objective or or completely fails 4 pts
documented, and meets the is notably flawed. to meet the
meets the given objective. objective.
objective.

Total Points: 16

https://udel.instructure.com/courses/1875953/assignments/13627838 3/3

You might also like