[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Software Reverse Engineering




Hi All -

I've recently been disassembling some software written by idiots who never
heard of operating systems other than messy-windows, so that I can
re-implement it on my favorite platform (and fix numerous bugs).
I know many of you have done work in this area so maybe you can give me a
few tips.

I ran the program and traced its execution, which quickly showed what parts
were significant, and it's pretty easy to figure out what the relevant
functions are and what they do.  I was able to recompile sections of the
code into my own program and make it work without too much difficulty.

What is bugging me is this:  The program contains huge amounts of 'junk 
code' such as the following (disassembled with gdb):

     movl   0x7c58c,%eax
     movl   %eax,0xffffffa8(%ebp)
     movl   0xffffffa8(%ebp),%eax
     movl   %eax,0x7c590
     movl   0x7c590,%eax
     movl   %eax,0xffffffa8(%ebp)
     movl   0xffffffa8(%ebp),%edx

This segment of code accomplishes nothing execpt to move the same value
around into different locations, which are never again read.  At least
half of the instructions consist of similiar garbage, writing data into
locations that are never read, duplicating constants, copying values that
are never used, and so on.  The only thing saving the program from
running out of memory is that the programmer mostly used static buffers,
only sparingly doing dynamic allocation.  I'm quite surprised that I
haven't found any buffer overruns or security holes yet.

So, does anyone have reccomendations of what is the best way to seperate
the wheat from the chaff, so to speak?  I can use the program as is, but
the sheer amount of junk tends to make it run slowly, so I'd much prefer
to completely rewrite it.