Abstract 

Reverse Programming.

 The purpose of study: to provide theoretical training for the study and repair of the software in use; to acquire practical skills of correcting errors in the running processes (software in running state); creation of new functionality using implicit software in running state of x32/x64 platform for professional and system software use.

List of main topics: Reverse Engineering of Simple Programs. Calling Conventions. Portable Executable. Code Injection. Anti-debugging. Obfuscation and Self-modifying Code. Encryption in Self-modifying Code. Executable Inspection and Win32 Constructs. Introduction to IDA. Interactive Use of IDA. C and C++ Constructs. Resources. JVM Disassembly. Java Code Injection. CLR Disassembly. Network Sniffing.

  The discipline consists of two modules: Securing and Attacking Software  (1) and Managed and High-Level Code Examination  (2).

The Course Syllabus (PDF)

List of Exam Questions

1. Reverse Engineering of Simple Programs.

2. Calling Conventions.

3. Portable Executable.

4. Code Injection.

5. Anti-debugging.

6. Obfuscation and Self-modifying Code.

7. Encryption.

8. Executable Inspection and Win32 Constructs.

9. Search and navigation in IDA. Cross-referencing in IDA. Disassembly.

10. Interactive Use of IDA. Marking code and data. Changing operand type.

11. C and C++ Constructs. Low-level OOP. C++ name mangling.

12. Organization of resources inside of a PE file. Dialog window research engineering.

13. JVM Disassembly. Java class file disassembly. Java decompilation.

14. Java Code Injection.

15. CLR Disassembly. IL disassembly. .NET decompilation. Modification of IL code.

16. Capture and Display Filtering. Networking protocols (IPv4, TCP, UDP, HTTP).

Proceeding for Laboratory Work