Boost Fertility New Invention Ups Success Rates.pdf
Glasgow Reversing Club
1. Glasgow Reversing Club
Are you an experienced reverser?
Do you want to learn how to reverse?
You even don't know what reversing is?
JOIN the Glasgow reversing club:
send an empty email to: revinkilt-subscribe@quebbyworld.com
If you want to know more:
A short introduction to reversing
Club activities
Subscribe to the mailing list
About me
2. Reversing in brief
Reverse Engineering is also known as RE or RCE
RE: Reverse Engineering
RCE: Reverse Code Engineering
RE is the process of understanding an existing
product
Malware analysis and security research often
involves RE
The next step of RE is patching: modifying the
existing product
Product: any software program or hardware
device
3. Uses of Reverse Engineering
Malware analysis
Security / vulnerability research
Driver development
Compatibility fixes
Legacy application support
4. Legal use of REV
Recovery of own lost source code
Recovery of data from legacy formats
Malware analysis and research
Security and vulnerability research
Copyright infringement investigations
Finding out the contents of any database
you legally purchased
5. Illegal use of REV
Illegal to reverse engineer and sell a
competing product
Illegal to crack copy protections
Illegal to distribute a crack/registration for
copyrighted software
Illegal to gain unauthorized access to any
computer system
Copyright protected software is off-limits
in most cases
Spyware/Adware with companies behind
them are included
6. An easy example:
Banload Malware analisys
Banload is a malware that was spreading on
Msn Messanger.
Banload's main purpose: steal spanish bank
accounts and of course replicates!
Reverse engineering it with a debugger
(OllyDbg) you discover that Banload:
it's packed with UPX (binary compression)
it deletes the icpldrvx.js from the system directory
it downloads the real malware icpldrvx.exe
set the registry key for autorun
and then find existing msn opened windows and
inject malicious url to download the malware
7. Debugger snippet of code
Run time string decrypt Malware exe download by
URLMON.DLL!URLDownloadToFileA
Execute the malware process and set the
registry key for autorun
8. Club work in progress
What we are doing now:
setting up an online wiki to share reversing
tutorials
setting up the forum
register to the SRC (session is october)
What has already done:
server setup
subdomain registration
9. Planned local activities
Online articles and tutorials
Live reversing tutorials
Seminars hold by experts of the reversing
panorama (which I personally know)
Antivirus companies (Symantec)
Hacking Security Teams
Reversing challenges (on the style of)
hacking jeopardy
hacker challenge
10. Social nerd activities
Social activities are a must for a nerd
community
lock 'a pick
brew your beer
multi player games
hack your favourite console and show off
example: I connected my wiimote to my lego nxt
via bluetooth (no really I did it ... )
hack your favourite something and show off
example: I connected my toaster online using a
webservice (I'm serious I did it ...)
11. European hack meetings
The most important hack meetings in
Europe:
Chaos Computer Club
What the hack
Moca
Cebit
And in USA:
Defcon
BlackHat
12. About epokh
Has spent his life in reversing hardware devices
and software programs and enjoyed it (still ...).
Grow in the top reverser community in europe:
quequero
Member of one of the best c******g team on the
net for release statistics.
Proud to be:
the first java bytecode cracker (it's actually a bit
lame ....)
the first skype filter logger (this is very lame )
... better to stop :-)