Updates / Information
This is a four session course that covers the basics of reverse engineering software with Ghidra. For each session there are exercises to be completed that can be found on the project github page.
Exercises and materials can be found here.
- 8GB RAM
- Download Ghidra from here
- Download the exercises / Docker container from here
git clone https://github.com/wrongbaud/hackaday-u
- Build the docker container (Note: You can also use an Ubuntu 18.04 VM if you're doing this, skip to step 5)
cd hackaday-u/docker docker build . -t hackaday
- Test the Docker container (If using Ubuntu 18.04, skip to step 5!)
docker run --rm -it hackaday /bin/bash
- Run a challenge binary as a test!
root@522471199b16:/home/hackaday# ./hackaday-u/session-one/challenges/c1 Please supply the password! root@522471199b16:/home/hackaday# ./hackaday-u/session-one/challenges/c1 test Wrong answer, we'd never use test as the password!
The goal of these challenges is to bypass or provide a proper password. Over the course of the sessions the amount of information that you have to provide will change and the complexity of the passwords will increase.
- Familiarize students with the basic concepts behind software reverse engineering
- x86_64 Architecture Review
- Identifying C constructs in assembly code
- Disassembly vs Decompilation
- Teach students how to use the Ghidra SRE tool to reverse engineer Linux based binaries
- Basic navigation and usage
- How to identify and reconstruct structures, local variables and other program components
- Demonstrate and explain the methodologies used when approaching an unknown program with Ghidra
- Where to start when looking at an unknown binary
- How to quickly gain an understanding of an unknown program
- Provide challenges and "crackme" exercises so that students gain hands on experience with Ghidra
- The course starts Monday, June 22 at 6:00 PM (EDT)
- Class sessions will occur weekly on Mondays at 6:00 PM (EDT)
- Office hours will be Thursday at 6:00 PM (EDT)
- There will be a total of four class sessions and office hour sessions