Sašo Pajntar (2011) Thwarting reverse engineering of machine code. EngD thesis.
Reverse engineering is a process in which we try to discover the details of software, while we do not have access to its source code. In the diploma thesis we present reverse engineering process on Microsoft Windows operating system. First, we describe PE format and structure of x86 assembler. Then we describe tools, which are used in process of reverse engineering. The focus is on debuggers, dissasemblers and system monitors. We describe functionality of such tools to detect and thwart reverse engineering process. We focus on the use of junk and self-modifying code, since the goal of the thesis was to develope a tool, which will use these methods to code and decode machine instructions. Finaly, we describe the use of the tool, its weaknesses and possible improvements for better protection of machine code.
Actions (login required)