Episode 402 — Spicy Reverse Engineering
In this episode of Hak5 Matt shows us how to map our networks with Spiceworks, an open source infrastructure mapping tool. Chris Gerling breaks down reverse engineering, Shannon talks about OpenDNS, and Christine has a Windows utility for everyone running multiple monitors.
[ MP4 | XviD | WMV ]
Production Note
This episode was plagued by the cabling mistake that made episode 4×01 dark and fuzzy. On a brighter note I’m happy to say episodes 4×03 and on look sharp and prettier.
Show Notes
Matt reviews SpiceWorks, a full featured open source infrastructure mapping suite. Grab a copy at spiceworks.com or check out Matt’s full review at MattLestock.com.
Chris Gerling dives into Reverse Engineering basics
In part 1 of Reverse Engineering I go over some basic theory and demo some tools associated with the Crackme scene of reverse engineering. This is not hardcore reverse engineering that will get you on the RELOADED team, but it’s a nice peek into things.
Tools of the trade (there are MANY MANY more):
WINDASM (W32DASM): I cannot link you to anything official as it’s no longer obtainable from the original vendor, so you’ll have to google for it. Be wary of any copy you download, virus scan it, and run it in a VM or on an isolated machine first. No guarantees.
IDA Pro: Industry standard. Extremely useful for almost any kind of file. We demo the older free version for lack of $500.
OllyDbg: Debugger similar to IDA Pro
PEiD: Detects packers, cryptors, and compilers.
.NET Reflector: Typically used for disassembling .NET applications.
Big Endian is akin to SONAR being sent as SON AR
Little Endian is akin to SONAR being sent as AR SON
Registers = Variables
32 bit = e
16 bit = different size, ax, bx, cx, dx, di, si, sp, bp
8 bit: al, ah, bl, bh, cl, ch, dl, dh. l means lower 8 bits of 16 bit reg, h means higher
Flags = boolean values, 1 or 0. Zero flag can get 0 or non zero (1) values.
The idea is to debug and disassemble to find out exactly how a program works, thereby enabling you to modify characteristics of that program to suit your needs.
In Part 2 we finish these notes and actually show you how to navigate through code.
Shannon talks about OpenDNS, a more secure and featureful alternative to your ISP provided DNS available at OpenDNS.com
Christine‘s software pick this week is Calibrize, a nifty tool for simple color calibration.
Open dns is great. I have been using it for over a year now and have noticed it increases my speed of my surfing as well as have less problems with mistyped thing ssinc eyou can put in error correction for something like cmo to com, etc. It’s also nice because it has a larger cache than my ISP, so when I can’t find or get to a site with my ISP, it usually comes up with OpenDNS(Given the site is actually live) Phishtank is nice and having the ability to go in and block whole domains, kinda like you would with your HOSTS file on windows is cool because you don’t have to go to each machine on you network to hardcode redirects or blocks in the HOSTS file, you can just point your networks router to OpenDNS and then configure it in one place on the OpenDNS site. Sh*T, I sound like an advertisement for OpenDNS, but yeah, they are worth taking the time to configure for your home networks DNS needs.
The show was good, but prominently holding & displaying the beer was a bit cheesy! It just doesn’t look professional. Even if the beer maker is a sponsor, a commercial would be much more appropriate! If it’s just that you all enjoy beer, consider putting it in a coffee mug or something!
lol, dont be too puritan Thinkster, i dont see any problem in beer showing
beer in a coffee mug? obviously not a beer drinker! i am just waiting for the bottle and the shot glasses to come out. I think it was toby that used to sport the mixed drink in season 2. Drink ON!
shakin tables are annoying ๐ please do something with them ;p ๐ awesome show thankyou for new shows ๐
OpenDNS works, BUT <— …. They store all DNS requests and pass them on to the Government, See their T&C
There not to be trusted.
P Barnes
cant see the video, give us the link pleaseeee
Video was there for me. I love that t-shirt Snubs lol. Great show and i’ve used SpiceWorks 3.0 very good and easy to setup. I think its great its on weekly as i wanna watch all now ๐ . will The pineapple firmware be able to be changed in to working on another router?
Loved this ep. I tried out spiceworks on my home network and am definitely going to roll it out at work. Good One MATT!
The podcast feed in iTunes is not working.
Spiceworks works great, is there a way to disable the prod key finder though? pops up on my machines as hacktools. damn AV anyways!
if i could make the “pinnapple” out of an old linksys WRT router that would be great is it a possiblitly?
Does the video seem extremely blurry to anyone else?
SPICEWORKS IS NOT OPENSOURCE!!
On this show you claimed that Spiceworks is opensource, but it’s not. It is a proprietary application!
Our apologies, we’ll make mention of it on a future episode correcting ourselves.
On the beer still: since that’s important to me too ;). Don’t keep the beer in your hand if you are not drinking since that looks a little stupid (and makes the beer warm). Any ways great show and the introduction to reverse engineering was pretty good though.
@kimmokor
I agree, I noticed they all pretty much seemed to be holding there beer excessively. Did look kind of corny, almost like they just turned 21, and were showing it off.
Besides that, and the blurry issue that i heard is resolved as of episode 3, I am enjoying the show since the Rev3 team up.
Thanks for the heads up Paul Barnes
http://www.opendns.com/privacy/
Iv been using OpenDNS for about 1yr now and never read there tos or Privacy Policy Now that I have I will no longer be using there services.
Anyone know any DNS providers that dont collect Personally-Identifying Information.
Not to go on & on about the beer thing, but I actually work in Television and the excessive holding of the beer wouldn’t fly with any director/producer as it looks abnormal on camera. Maybe if your at a party with young people, everyone holding beer bottles would probably be normal, but for a “TV” show in the likes of “The Scree Savers”, Come on!
It is fortunate that Shannon is so easy on the eyes. It helps counter-balance the blur from the video. Razzing aside, I’m grateful to have people like you producing such great content.
Joyful and stimulated,
Res
You guys had a little problem with the lines and the banter sounding canned.
This is the right Hak5 – Technolust since 2005 » Episode 402 — Spicy Reverse Engineering diary for anyone who wants to essay out out about this content. You respond so such its nigh wearying to contend with you (not that I truly would wantโฆHaHa). You definitely put a new stunting on a content thats been cursive virtually for life. Fastidious force, just eager!
We are a group of volunteers and opening a new scheme in our community.
Your website offered us with valuable info to work on. You’ve done an impressive job and
our whole community will be thankful to you.
Very neat blog post.Really thank you! Want more.
Great, thanks for sharing this blog article.Really looking forward to read more. Fantastic.
For men the pirate shirt is a great crowd puller. Pirates of Black Cove marries those inspirations with some RTS
elements somewhat similar to Paradox’s other games such as Kings’ Crusade and King Arthur II.
With the economic downturn, the war and an uncertain future these are
stressful times.
American Auto Shipping now makes it possible
for many people searching for car shipping services to fill free quote request forms.
Here again, abdominal muscles role of international car shipping company can’t be
undermined anyways. They protect your automobile while shipping and help save money
with the same time.