X hits on this document

509 views

0 shares

0 downloads

0 comments

52 / 120

7.5 Wintel Machine Code Anti-Reversing Exercise

Apply the anti-reversing techniques Eliminating Symbolic Information and

Obfuscating the Program, both introduced in Sections 6 and 7, to the C/C++ source code

of the Password Vault application with the goal of making it more difficult to disable the

trial limitation. Rebuild the executable binary for the Password Vault application from

the modified sources using the GNU compiler collection for Windows. Show that the

Wintel machine code reversing and patching animated solution in Section 4.4 can no

longer be carried out as demonstrated.

7.6 Solution to the Wintel Anti-Reversing Exercise

The solution to the Wintel machine code anti-reversing exercise is given through

comparisons of the original and obfuscated source code of the Password Vault

application. As each anti-reversing transformation is applied to the source code,

important differences and additions are explained through a series of generated diff

reports and memory dumps. Once the anti-reversing transformations have been applied,

the impact they have on the machine code and how reversing the Password Vault

application becomes more difficult is covered; these obfuscations make it difficult to find

a good starting point and hinder live and static analysis. The obfuscated source code for

the Password Vault application is located in the password_vault_cpp_obfuscated

directory of the archive located at http://reversingproject.info/repository.php?

fileID=4 1 2.

__

44

Document info
Document views509
Page views510
Page last viewedSat Jan 21 15:23:30 UTC 2017
Pages120
Paragraphs2913
Words25794

Comments