Product Description

Beginning with a basic primer on reverse engineering–including computer internals, operating systems, and assembly language–and then discussing the various
applications of reverse engineering, this book provides readers with practical, in–depth techniques for software reverse engineering. The book is broken into two parts, the first deals with security–related reverse engineering and the second explores the more practical aspects of reverse engineering. In addition, the author explains how to reverse engineer a third–party software library to improve interfacing and how to reverse engineer a competitor′s software to build a better product.
∗ The first popular book to show how software reverse engineering can help defend against security threats, speed up development, and unlock the secrets of competitive products
∗ Helps developers plug security holes by demonstrating how hackers exploit reverse engineering techniques to crack copy–protection schemes and identify software targets for viruses and other malware
∗ Offers a primer on advanced reverse–engineering, delving into "disassembly"–code–level reverse engineering–and explaining how to decipher assembly language

Product Details

• Amazon Sales Rank: #85486 in Books
• Published on: 2005-04-15
• Original language: English
• Number of items: 1
• Binding: Paperback
• 624 pages

From the Back Cover
Sometimes, the best way to advance is in reverse

If you want to know how something works, you take it apart very carefully. That′s exactly what this book shows you—how to deconstruct software in a way that reveals design and implementation details, sometimes even source code. Why? Because reversing reveals weak spots, so you can target your security efforts. Because you can reverse–engineer malicious code in order to neutralize it. Because understanding what makes a program work lets you build a better one. You′ll learn how here.

• Learn to read compiler–generated assembly language code for IA–32 compatible processors
• Decipher an undocumented file format or network protocol
• Understand when reverse engineering is legal, and when—and why—it may not be
• See how hackers use reversing to defeat copy protection technology
• Find out how to pull the plug on malicious code
• Determine how to prevent others from reversing your code, and find out how effective such steps can be
• Explore reverse engineering on the .NET platform and its assembly language, MSIL
• Observe the dissection of a real–world malicious program and see how the attacker used it to control infected systems

About the Author
Eldad Eilam is a consultant in the field of reverse engineering. He assists clients with operating system and in–depth software reverse engineering, and has devoted several years to developing advanced reverse engineering techniques.

Customer Reviews

Superb book
Written very well, and with great enthusiasm by someone who clearly loves the detective work of picking programs apart to see what they do. There must be many in IT with this sort of urge - to get "under the hood" of something and see how the internals work.

I learnt so much from this book, much of which you'd be hard-pressed to find anywhere else - except on some fairly crazy websites/forums. It covers Windows fundamentals (APIs, kernel, threads etc), how compilers work, getting to know IA-32 assembly code (and how to recognise compiler optimizations and arithmetic that might be perplexing at first), breaking protections, and how you can best protect a program yourself. There's also a wonderful chapter where he reverses a piece of malware that he received as an "attachment" in an email.

The book also has a chapter on reversing .NET IL code - like java bytecode there is much more meta-information in the .exe file so it's *much* easier to reconstruct the original code. But most of the book is about reverse engineering C/C++ compiled executables on Windows - nothing about UNIX/Linux here, which I'd be interested to see something on.

The last chapter addresses the possibility of "decompilers", and just how close you can get to the original C(++) source after losing so much info in the compilation stage. Also, and rather importantly, the author looks at legal implications of what you can achieve with reverse engineering.

I'm no expert on the subject - I can't tell what, if anything, he's missed in his subject area. But there's so much here I feel I can safely give 5 stars.

Outstanding introduction - 4.5 Star if such a rating was possible
This is a great book and I cannot give it less than 4 stars. It correctly assumes that the reader is a developer using native code tools and requires a hands on introduction to reverse engineering. Now, in similar volumes, Reverse Engineering (RE from now on), is only getting associated with nefarious activities, such as breaking copy protection schemes etc. The examples and pedagogical scope of this book go much further than that, introducing concepts such as RE of file formats (extremely useful), RE in order to locate undocumented functionality and RE in order to "de-armor" malicious code.

In order to keep up with the material presented within, your x86 assembly skills must be at least serviceable, as the author uses LONG uncommented ASM listings on purpose (this is what you expect from using any tool out there). The book includes a chapter on introducing the basics of assembler but I take it that if you have even cursory experience with it, things will be much easier.

Another great thing is that, while the focus of the book is Win32, it is not particularly tied to any given tool. A lot of competing titles on the market focus on (excellent) tools such as Ida Pro and SoftICE, but fortunately the author takes a more or less tool-agnostic approach.

Obviously, due to space and scope constraints, the coverage of the material varies and yes, the emphasis is on copy protection but this is to be expected.

Writing style is concise and informal, a "no-nonsense" approach if you prefer, which only helps the book.

The only fault is that the .Net section is very terse and not as useful as the C++ sections but this can be mitigated, as there are other volumes to cover J2EE and .Net reverse engineering.

Finally, as a personal testimony, after reading this book and practicing a bit with the examples given, I found out RE tasks required in my day job to seem much easier so give it a shot, it will be worth it.

A helpful and interesting book
This book gives an insight into some of the inner workings of the Windows system and is written in an easy to read style. It also helps with giving some advice about the ways to defeat spyware. I did not buy it with the intention of doing any actual reversing of software, a process which requires much knowledge and study, but to get a better understanding of some of the processes operating on my computer. In this respect it has been very helpful.