3 April 2008
“Process of analyzing a subject system to
create representations of the system at a
higher level of abstraction”
“Going backwards through the development
Discovering how a device works usually by
taking it apart.
REing Mechanical Devices
Not what you may think.
Actually the reverse of the
engineering process, going
from a finished product to
Used to “digitize” old parts
A famous example
Discovered in wreck
in 1900, dated
around 150-100 BC
The waterfall model
through this process
May not end up with
Analysis through observation of information
Analysis Through Observation
Very common for protocol reverse
Usually use a bus analyzer and or packet
Can be assisted through the use of low-level
role of operating
Sold for $386
Has a more windows feel
Latest production release on May 23, 2004
Latest alpha release on March 11, 2008
Only 32bit binaries available, but unlike
SoftICE, they're free
Most programs when compiled are turned
into architecture specific machine code.
Disassemblers just take the binary
executable and display it's assembly code.
Need a good understanding of assembly and
usually a hex editor.
No longer exists?
Can't edit program
! ATTENTION !
The following example is done for
educational purposes only.
Do not attempt similar types of reverse
engineering which is considered “cracking”
If it is a good program or one that you use
often, pay for it, software developers deserve
the money for creating the program.
Simple program that creates crosswords.
Program is a demo, won't let you save
puzzles greater than 10x10
However all the code is actually there, it is
10x10 Save check
Fixed save check
Pops up every time
the program starts
Does not exist in the
Serves no other
function than to nag
Nag screen fixed
Please don't ever do this, it makes children cry
Samba – Program for Unix like systems that
allows file sharing with Windows machines.
Wine – Program for Unix like systems that
attempts to emulate Windows API calls
OpenOffice – Open source program which
emulates Microsoft Office
Removal of access restrictions
Creation of duplicates
Getting a device / piece of software to work
on another platform.
Learning the protocols the device uses to
Similar to interoperability
Need to relearn how the device operates,
how the device communicates
Usually only done on antiquated devices or
To determine how the product works
Can be used to estimate product costs
Determine if a product is infringing on patent
An audit determines if systems are
safeguarding assets, maintaining data
integrity, and operating effectively.
The company usually knows about its own
Used to evaluate risk of new products it may
be creating itself or using from other
Access Restriction Removal
Possible legal issues
Usually done to demo programs, full version
released as warez
Sometimes it becomes legal when a program
or game becomes very old.
This can be very difficult, trying to reproduce
the entire system.
Reverse engineering of copy restrictions on
CDs and other media.
In certain cases the user is allowed a
Any device (usually embedded or integrated)
that stores critical information
Most common example is of credit cards /
Passwords and other information are often
stored on the card
The famous Engima machine from WWII
Jerry cans invented by the Germans in WWII
Tupolev Tu-4: American B-29 bombers are
forced to land in the USSR, within a few
years the Soviets created the Tu-4 an almost
A Taiwanese AIM-9B missile hit a Chinese
MiG without exploding, was later reproduced
by the Soviets.
Generally considered lawful if the system
was obtained legitimately.
"...[W]here disassembly is the only way to
gain access to the ideas and functional
elements embodied in a copyrighted
computer program and where there is a
legitimate reason for seeking such access,
disassembly is a fair use of the copyrighted
work, as a matter of law."
Chikofsky, E.J.; J.H. Cross II (January 1990).
"Reverse Engineering and Design Recovery: A
Taxonomy in IEEE Software". IEEE Computer
Sega v. Accolade, 203 F.3d 596 (9th Cir. 1993)
1) What is the definition of reverse
engineering in terms of software?
2) List three reasons to reverse engineer