Using your Work Against you – Reverse Engineering

There are many types of cyber attacks in our world, but what makes Reverse Engineering unique? Why is it considered to “Using your Work Against you”?

Reverse engineering is the process of discovering the technological and engineering principles of a product through the analysis of its structure and understanding how it works. In Reverse engineering you basically try to decipher the function of a certain product, its functionality and structure based on its behavior or based on cracking the code that activates it. This is a reverse process to a normal product development process.

A “normal” product development process has the following steps :

  1. Initialization – the “permission to go”, The beginning of the product’s journey.
  2. Marketing requirements – defining the marketing requirements, who will buy? Why should the customers buy? What is special about the product?
  3. Technical requirements – defining the technical requirements, How will the product work? How can we make it work? What are the challenges in production?
  4. Development – detailed planning of the project and production of a prototype of the product.
  5. Tests – the QA’s reason to live, since the product is new, we need to test and check every aspect of it to verify its functionality and to prevent failures.
  6. Release and Support – once the product has been released, ongoing customer support must be provided while also releasing updates and newer versions of it.

Since the development process of a product progresses as described in the steps above, we will understand that the reverse engineering process will work exactly the opposite.

Firstly, the person interested in Reverse Engineering the product will find out about it after its release. Then, he will go through all the stages it went through, understanding the challenges the manufactures dealt with and the testes they’ve made.

How does Reverse Engineering relate to Information Security?

Now, this is the part you’re probably here for.

A product is not always something “tangible” or physical, and in the field of Information Security (or Cyber Security for the advanced people among us) there are 2 main purposes for reverse engineering :

1. The “Good” reason – Information security researchers will attempt to reverse engineer a product/website to try and find any security-related flaws. The researcher actually uses reverse engineering to identify how attackers might “hack” the system’s defenses to prevent it from happening in the future.

2. The “Bad” reason – Attackers and people with malicious motives will do the same, only this time, it’s for their own interests. Whether they try to “copy” the product creating competition, or sell the discovered algorithms and other secrets at a high price. They will also use reversing methods to try and find Vulnerabilities and ways to Exploit them in websites and other softwares.

Other common uses :

  • Anti-virus companies: analysis of malware such as Trojan horses, computer viruses, spyware, etc.
  • Software developers: analysis of certain technologies and their adaptation to other platforms. For example, the reverse engineering project of the NTFS file management mechanism in the Windows operating system, for the purpose of adding support for this technology in the Linux operating system.
  • Crackers: hacking computer games and software protected from illegal use. One main use is to find Application Cracks.
  • Intelligence organizations: discovering security loopholes in order to exploit them for intelligence purposes.
  • Data recovery: data recovery of damaged disks.

Did you know?

Armies often use reverse engineering to copy other countries’ technologies, devices or information, obtained by ordinary soldiers in the field or by technological intelligence.

During World War II and during the Cold War, reverse engineering was widely used. A well-known example from World War II is the jerrycan – British and American forces noticed that the Germans had oil tanks of excellent design. They used reverse engineering to copy from these tools. They called them “Jerry-can” (Jerry can, “canisters of Germans”).

It’s important to Identify and Prevent the potential for such attacks. The main solution is to always be “one step ahead of the enemy”.
For example, Kayran’s Web Application Vulnerability Scanner can detect Weaknesses in our web applications and thereby helping us to “plug these holes” so that we prevent attackers with malicious motives from carrying out attacks against our assets.

Stay safe, choose Kayran.

Servers 101

Let’s have a “quick” Servers 101 Course. Courtesy of Kayran! If you’ve been on the internet for over an hour, you probably already heard of

Read More »

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 30,000+ vulnerabilities.Kayran’s mission is to make

Read More »

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »