Author Topic: What knowledge do I need to read “The IDA Pro Book”? (Read 2092 times)

0x01000 · « **on:** September 04, 2015, 03:06:42 pm »

I'm interested in vulnerability research and I want to get started in reading the book mentioned in the title. But the thing is that while I'm fairly confident in Python and PHP, I absolutely have no knowledge in low level programming in any low level languages. I was told that I need to have solid knowledge of assembly and C before even saying 'I'm starting learning reversing today'.
Speaking of that, what knowledge in programming or in computer science do I need before starting learning with the book?
Thanks!

TheWormKill · « **Reply #1 on:** September 04, 2015, 03:16:16 pm »

Well, to be honest, your question is wrong. It's focus is a bit off the things you should really care about.
I'll tell you why:

First off, you assume that this book, which I haven't read, will teach you everything about Reverse Engineering.
It won't. It will teach you to leverage the features of IDA Pro, which is an entirely different thing.

On the other hand, you seem to want to learn about RE itself, so I'd advise you to take a slightly different path
than the one you expect to take:
To understand disassembled binaries, you need to know Assembly for the Architecture(s) that you are interested in, as well as the format of those executables (PE on Windows and ELF on most UNIXes, as well as
some others). If you wish to understand programs written in a language built on top of the .NET framework, that's something entirely different, make some research. It will also help to nderstand and identify the tools
that were used to create a file you analyze. This includes compilers, the language involved, ....

So you probably want to learn assembly and C, but that depends on the things you want to do. Learn those
first, read books and articles on reverse-engineering, write your own tools, get a feel for the things you do, and you'll find yourself being able to do what you need without really bothering what tools to use.

On a final note, I could have included tons of material in this answer, but I chose not to, because it is freely
availible on the web, which you should search first.

DoctorT · « **Reply #2 on:** September 22, 2015, 06:02:51 pm »

As theWormKill already mentioned, you need to know the language you are going to RE itself. For example, (I have, too, not yet read this book but I assume it teaches IDA and little of RE itself) if you want to reverse-engineer a file on an "x86 IBM PC", you'd need to learn http://www.ibm.com/developerworks/library/l-ia/it.

As for the skills you actually need to learn Assembly (any type), would be....

A pretty good brain that should know some subjects like chemistry, physics, etc. but a lot of fourteen year olds can do it, so can you, without a lot of academic qualification.
Enthusiasm in computer science. Intermediate (preferably advanced) knowledge in C programming.But you know, the C code printf function changes to
global start
start proc near
jmp near ptr 0x444
(valid Assembly code but I have no idea what it does) so even an advanced C programmer may have trouble writing small Assembly programs.

There is an old joke in computer programming, "Why did the chicken cross the road," where the Assembly programmer says the chicken had to built the road before crossing it. There is also a "finding the elephant" joke over Stackoverflow where the "Assembly programmer gets on his knees, and searches the entire African continent for an elephant." In the "How to kill a dragon with a programming language," "the Assembly programmer builds his mighty sword with a tens of thousands of needles."

Imagine reversing the code of a script kiddy who wrote his keylogger in Python. In Assembly. There comes a lot of obsufication. And coffee.
[/list]

ram1r3z0 · « **Reply #3 on:** September 22, 2015, 06:33:25 pm »

Well you need to know

how is executable working
little bit about assembly
principles of computer science (how computers works, memory, CPU and so on)

Everything else is just training

Trevor · « **Reply #4 on:** September 24, 2015, 06:28:35 pm »

Solid knowledge of assembly and C is not required. I would want to share my experience here.

When I started RE, I almost knew nothing about assembly. I knew C, but did not knew how C maps to the compiled executable that runs on the processor. Using a debugger and understanding what the various instructions do taught me assembly. It was a bit difficult at first, but always manageable.

Talking about IDA Pro, it is a different beast. It takes a quite a bit of time to master and truly speaking, I have not fully mastered it even now. However there is no bar to start learning IDA. Even by spending some time with the software, you will learn something new.

Hence, you can start learning at any point.
If you maintain your enthusiasm you are bound to get good results.

bolzano_1989 · « **Reply #5 on:** October 04, 2015, 05:14:29 pm »

You could start from this book, it has the basic things for you to learn: http://beginners.re/Reverse_Engineering_for_Beginners-en.pdf

i7.Strix · « **Reply #6 on:** November 18, 2015, 12:28:32 am »

If you want to learn anything related to reverse engineering. You should read at least 4-5 books on it.

Why? Because you will get a better insight from many books.

EvilZone

News:

Author Topic: What knowledge do I need to read “The IDA Pro Book”? (Read 2092 times)

0x01000

What knowledge do I need to read “The IDA Pro Book”?

TheWormKill

Re: What knowledge do I need to read “The IDA Pro Book”?

DoctorT

Re: What knowledge do I need to read “The IDA Pro Book”?

ram1r3z0

Re: What knowledge do I need to read “The IDA Pro Book”?

Trevor

Re: What knowledge do I need to read “The IDA Pro Book”?

bolzano_1989

Re: What knowledge do I need to read “The IDA Pro Book”?

i7.Strix

Re: What knowledge do I need to read “The IDA Pro Book”?