Table of Contents for
Reversing: Secrets of Reverse Engineering

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Reversing: Secrets of Reverse Engineering by Eldad Eilam Published by John Wiley & Sons, 2005
  1. Copyright
  2. Credits
  3. Foreword
  4. Acknowledgments
  5. Introduction
  6. I. Reversing 101
  7. 1. Foundations
  8. 2. Low-Level Software
  9. 3. Windows Fundamentals
  10. 4. Reversing Tools
  11. II. Applied Reversing
  12. 5. Beyond the Documentation
  13. 6. Deciphering File Formats
  14. 7. Auditing Program Binaries
  15. 8. Reversing Malware
  16. III. Cracking
  17. 9. Piracy and Copy Protection
  18. 10. Antireversing Techniques
  19. 11. Breaking Protections
  20. IV. Beyond Disassembly
  21. 12. Reversing .NET
  22. 13. Decompilation
  23. A. Deciphering Code Structures
  24. B. Understanding Compiled Arithmetic
  25. C. Deciphering Program Data
  26. D. Citations

Appendix D. Citations

Table D.1. Table D.1

[Aleph1]

Aleph One, Smashing The Stack For Fun And Profit, Volume 7, Issue 49, http://www.phrack.org.

[anonymous]

anonymous, Once upon a free(), Phrack Volume 0x0b, Issue 0x39, http://www.phrack.org.

[Best]

Best; Robert, M., Microprocessor for executing enciphered programs, United States Patent 4,168,396, Filed October 31, 1977.

[blexim]

blexim, Basic Integer Overflows, Phrack Volume 0x0b, Issue 0x3c, http://www.phrack.org

[BSA1]

Business Software Alliance and IDC, BSA and IDC Global Software Piracy Study, July 2004, www.bsa.org/globalstudy

[Bulba]

Bulba and Kil3r, Bypassing StackGuard and StackShield, Phrack Volume 0xa, Issue 0x38, http://www.phrack.org.

[Červeň]

Pavol Červeň, Crackproof Your Software - The Best Ways to Protect Your Software Against Crackers, No Starch Press, 2002.

[Cifuentes1]

Cristina Cifuentes and Mike Van Emmerik, Recovery of Jump Table Case Statements from Binary Code, Proceedings of the International Workshop on Program Comprehension, May 1999.

[Cifuentes2]

C. Cifuentes, Reverse Compilation Techniques, PhD dissertation, Queensland University of Technology, School of Computing Science, July 1994.

[Cifuentes3]

C. Cifuentes, A Structuring Algorithm for Decompilation, In Proceedings of the XIX Conferencia Latinoamericana de Informatica, pages 267 – 276, Buenos Aires, Argentina, August 1993.

[Collberg1]

Christian Collberg, Clark Thomborson, Douglas Low, Manufacturing Cheap, Resilient, and Stealthy Opaque Constructs, Principles of Programming Languages 1998, POPL'98, San Diego, CA.

[Collberg2]

Christian Collberg, Clark Thomborson, and Douglas Low, A Taxonomy of Obfuscating Transformations, Technical Report 148, Department of Computer Science, University of Auckland, July 1997.

[Collberg3]

Christian S. Collberg, Clark D. Thomborson, and Douglas Low, Breaking Abstractions and Unstructuring Data Structures, IEEE International Conference on Computer Languages, ICCL'98, Chicago, IL, May 1998.

[Cowan]

Crispin Cowan, Calton Pu, David Maier, Heather Hinton, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang, Automatic Detection and Prevention of Buffer-Overflow Attacks, the 7th USENIX Security Symposium, San Antonio, TX, January 1998.

[Designer]

Solar Designer, Getting around non-executable stack (and fix), Bugtraq mailing list, http://www.securityfocus.com/archive/1/7480, Aug. 1997.

[ECMA]

Common Language Infrastructure (CLI), 2nd Edition, European Computer Manufacturers Association (ECMA), 2002.

[Emmerik1]

Mike Van Emmerik, Identifying Library Functions in Executable Files Using Patterns, Proc. Australian Software Engineering Conference, pages 90–97, Adelaide, Australia, Nov 1998. IEEE-CS Press.

[Emmerik2]

Mike Van Emmerik, Trent Waddington, Using a Decompiler for Real-World Source Recovery, 11th Working Conference on Reverse Engineering (WCRE'04), Delft, Netherlands. November, 2004.

[Guilfanov]

I. Guilfanov, A Simple Type System for Program Reengineering, Proceedings of the Eighth Working Conference on Reverse Engineering (WCRE'01), IEEE Computer Society, 2001.

[Intel1]

Intel Corporation, IA-32 Intel® Architecture Software Developer's Manual, Volume 1: Basic Architecture, Intel Corporation, http://developer.intel.com/design/pentium4/manuals/index_new.htm, 2004.

[Intel2]

Intel Corporation, IA-32 Intel® Architecture Software Developer's Manual, Volume 2A:Instruction Set Reference, A-M, Intel Corporation, http://developer.intel.com/design/pentium4/manuals/index_new.htm, 2004.

[Intel3]

Intel Corporation, IA-32 Intel® Architecture Software Developer's Manual, Volume 2B:Instruction Set Reference, N-Z, Intel Corporation, http://developer.intel.com/design/pentium4/manuals/index_new.htm, 2004.

[Intel4]

Intel Corporation, LaGrande Technology Architectural Overview, Intel Corporation, http://www.intel.com/technology/security/downloads/LT_Arch_Overview.pdf

[Johnstone]

Johnstone, Richard, Computer software security system, United States Patent 4,120,030, Filed March 11, 1977.

[jp]

jp, Advanced Doug lea's malloc exploits, Phrack Volume 0x0b, Issue 0x3d, http://www.phrack.org.

[Kaempf]

Michel "MaXX" Kaempf, Vudo malloc tricks, Phrack Volume 0x0b, Issue 0x39, http://www.phrack.org.

[Knuth2]

Donald E. Knuth, The Art of Computer Programming - Volume 2: Seminumerical Algorithms (Second Edition), Addison Wesley.

[Knuth3]

Donald E. Knuth, The Art of Computer Programming - Volume 3: Sorting and Searching (Second Edition), Addison Wesley.

[Kocher]

Paul Kocher, Joshua Ja_e, and Benjamin Jun Paul Kocher, Joshua Jaffe, and Benjamin Jun, Differential Power Analysis, Proc. Advances in Cryptography (CRYPTO'99), pp. 388-397, 1999.

[Koziol]

Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan Eren, Neel Mehta, Riley Hassell, The Shellcoder's Handbook, John Wiley & Sons, 2004.

[Kruegel]

Christopher Kruegel, William Robertson, Fredrik Valeur, Giovanni Vigna, Static Disassembly of Obfuscated Binaries, Proceedings of the 13th USENIX Security Symposium, San Diego, CA, USA, August 9–13, 2004.

[Kuhn]

Markus, G. Kuhn, Cipher Instruction Search Attack on the Bus-Encryption Security Microcontroller DS5002FP, IEEE Transactions on Computers, Vol. 47, No. 10, October 1998.

[Lie]

David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, Mark Horowitz, Architectural Support for Copy and Tamper Resistant Software, in Proc. ACM Architectural Support for Programming Languages and Operating Systems (ASPLOS), pp. 168–177, 2000.

[Linn]

Cullen Linn and Saumya Debray, Obfuscation of Executable Code to Improve Resistance to Static Disassembly, Proceedings of the 10th ACM conference on Computer and Communication Security, Washington D.C., USA, 2003.

[McCabe]

Thomas J. McCabe, A Complexity Measure, IEEE Transactions on Software Engineering, Volume SE-2, No. 4, December 1976.

[Memon]

Nasir Memon and Ping Wah Wong, Protecting Digital Media Content, Communications of the ACM, Vol. 41, No. 7, July 1998.

[Misra]

Jayadev Misra, Strategies to Combat Software Piracy, The University of Texas at Austin, 1999.

[Mycroft]

Alan Mycroft, Type-Based Decompilation (or Program Reconstruction via Type Reconstruction), European Symposium on Programming, Volume 1576 of Lecture Notes in Computer Science, pages 208–223. Springer-Verlag, 1999.

[Nagra]

J. Nagra, C. Thomborson, and C. Collberg. A Functional Taxonomy for Software Watermarking, Twenty-Fifth Australasian Computer Science Conference (ACSC2002).

[Nebbett]

Gary Nebbett, Windows NT/2000 Native API Reference, Macmillan Technical Publishing, 2000.

[obscou]

obscou, Building IA32 'Unicode-Proof' Shellcodes, Phrack Volume 0x0b, Issue 0x3d, http://www.phrack.org.

[Schneier1]

Bruce Schneier, Beyond Fear: Thinking Sensibly About Security in an Uncertain World, Copernicus Books, 2003.

[Schneier2]

Bruce Schneier, Applied Cryptography – Second Edition, John Wiley & Sons, 1996.

[Schwarz]

Benjamin Schwarz, Saumya Debray, and Gregory Andrews, Disassembly of Executable Code Revisited, Proceedings of the Ninth Working Conference on Reverse Engineering, 2002.

[Skoudis]

Ed Skoudis and Lenny Zeltser, Malware: Fighting Malicious Code, Prentice Hall, 2004.

[Russinovich]

Mark E. Russinovich, David A. Solomon, Microsoft Windows Internals, Fourth Edition: Microsoft Windows Server 2003, Windows XP, and Windows 2000, Microsoft Press, 2004.

[Tanenbaum1]

Andrew S. Tanenbaum, Computer Networks, Third Edition, Prentice Hall, 1996.

[Tarjan]

Robert Endre Tarjan, Daniel Dominic Sleator, Self-adjusting binary search trees, Journal of the ACM (JACM), Volume 32, Issue 3 (July 1985).

[Wang]

Chenxi Wang, Jonathan Hill, John Knight, and Jack Davidson, Software Tamper Resistance: Obstructing Static Analysis of Programs, Report CS-2000-12, University of Virginia, December 2000.

[Wojtczuk]

Rafal Wojtczuk, Defeating Solar Designer non-executable stack patch, http://www.securityfocus.com/archive/1/199801301709.SAA12206@galera.icm.edu.pl

[Wroblewski]

Gregory Wroblewski, General Method of Program Code Obfuscation, PhD Dissertation, Wroclaw University of Technology, Institute of Engineering Cybernetics, 2002, (under final revision).

[Young]

Dr. Adam L. Young and Dr. Moti Yung, Malicious Cryptography: Exposing Cryptovirology. John Wiley & Sons, 2004.

[Craver]

Scott A. Craver, Min Wu, Bede Liu, Adam Stubblefield, Ben Swartzlander, Dan S. Wallach, Drew Dean, Edward W. Felten, Reading Between the Lines: Lessons from the SDMI Challenge, Proceedings of the 10th USENIX Security Symposium, Washington, D.C., USA, August 13–17, 2001.

[Muchnick]

Steven S. Muchnick, Advanced Compiler Design and Implementation, Morgan Kaufmann Publishers, 1997.

[Cooper]

Keith D. Copper and Linda Torczon, Engineering a Compiler, Morgan Kaufmann Publishers, 2004.