Updates / Information
For regular updates regarding class materials, follow wrongbaud and voidstarsec on twitter.
This is a four session course that covers the basics of reverse engineering software with Ghidra. For each session there are exercises to be completed that can be found on the project github page.
Session One Lecture
Session Two Lecture
Session Three Lecture
Session Four Lecture
Exercises and materials can be found here.
Docker (or an Ubuntu 18.04 VM)
The Ghidra SRE Tool
Requires JDK Version 11.0.2 - Windows, Linux, OSX
Download Ghidra from here
Download the exercises / Docker container from here
git clone [Hidden Content]
Build the docker container (Note: You can also use an Ubuntu 18.04 VM if you're doing this, skip to step 5)
docker build . -t hackaday
Test the Docker container (If using Ubuntu 18.04, skip to step 5!)
docker run --rm -it hackaday /bin/bash
Run a challenge binary as a test!
Please supply the password!
:/home/hackaday# ./hackaday-u/session-one/exercises/c1 test
Wrong answer, we'd never use test as the password!
The goal of these challenges is to bypass or provide a proper password. Over the course of the sessions the amount of information that you have to provide will change and the complexity of the passwords will increase.
Familiarize students with the basic concepts behind software reverse engineering
x86_64 Architecture Review
Identifying C constructs in assembly code
Disassembly vs Decompilation
Teach students how to use the Ghidra SRE tool to reverse engineer Linux based binaries
Basic navigation and usage
How to identify and reconstruct structures, local variables and other program components
Demonstrate and explain the methodologies used when approaching an unknown program with Ghidra
Where to start when looking at an unknown binary
How to quickly gain an understanding of an unknown program
Provide challenges and "crackme" exercises so that students gain hands on experience with Ghidra
Prerequisites / Resources
C Programming Language Review and Tutorials
Introduction to 64 Bit Assembly
NASM x86_64 Cheat Sheet
Excellent x86 Review
Intel Manual - Volume 1
Intel Manual - Volume 2
Online compiler with assembly output
Playlist for the Reverse Engineering with Ghidra series: