Log in

View Full Version : looking for tuts/books/useful links on RE under linux

jcyang
November 4th, 2009, 07:51
I need comprehensive introduction books/tuts on RE under Linux for referencing while I get stucked by such question,'whats the command to use for dumping the symbol table of one executable'.

So what are your recommendations?

thx in advance.
Silkut
November 4th, 2009, 12:34
Yo,
http://www.eresi-project.org/wiki/TheELFsh

Quote:
Full access in read/write mode to the ELF data structures from the scripting language, including but not limited to:
...
ELF dynamic and static symbol tables (.dynsym and .symtab)


It doesn't seem that you had a hard time searching...
jcyang
November 4th, 2009, 19:00
Quote:
[Originally Posted by Silkut;83582]
It doesn't seem that you had a hard time searching...


Sorry,but I am looking for comphrensive books and tutorialson Reverse Engineering dedicated to linux platform.Googled,searched the forum,later on searched the amazon.com but found nothing useful.I do think that everyone have his collection/favor of tuts/books,and experts would know good enough tuts/books and save the newbie's time searching.So asked here.

However,I obviously made a mistake.Sorry for that.I'll never do this again.
Woodmann
November 4th, 2009, 20:37
Howdy,

Linux and all nix platforms are pretty straight forward so there is not much available as far as linux RCE tutorials.

I hate to say it but if you cant find it here your probably not going to find it.

Why dont you tell us what you are trying to do so we can better help you.

Woodmann
Silkut
November 5th, 2009, 04:47
Yo,
Woodmann said it: not as popular as Windows RE and therefore no mainstream solution, however a lot of RE books covers Linux basics. A lot of tools exists and several ppl published their findings on the subject: ELF specs, Linux (anti)-debugging trickery, Linternals, Distros (DVL), crackme's tuts, forensics, malware experimentation..
So don't forget all ELF-related materials (official specs, phrack's and 29A's digging, tools and their documentation => consult the CRCETL)
There is also some efforts put in hardware hacking and software interop...

http://www.linuxsa.org.au/meetings/reveng-0.2.pdf
http://home.pages.at/f001/ (sorry folks, but his page on woodmann is down)
http://www.eccentrix.com/members/mammon/tales/linux_re.txt
http://oreilly.com/catalog/9780596005450
http://www.woodmann.com/collaborative/tools/Category:Linux_Tools
http://www.reversing.be/article.php?story=20051203194931893&query=linux
..

By the way there is a Linux area on this forum, where 0xf001 started a topic similar with answers, however since those materials are quite old, links starts to die slowly..
Aimless
November 7th, 2009, 10:51
Alternatively, try and see if you can get Mammon's email id and email him... If he decides, you're in for gold.

Have Phun