Episode 402 — Spicy Reverse Engineering

In this episode of Hak5 Matt shows us how to map our networks with Spiceworks, an open source infrastructure mapping tool. Chris Gerling breaks down reverse engineering, Shannon talks about OpenDNS, and Christine has a Windows utility for everyone running multiple monitors.
[ MP4 | XviD | WMV ]

Production Note

This episode was plagued by the cabling mistake that made episode 4×01 dark and fuzzy. On a brighter note I’m happy to say episodes 4×03 and on look sharp and prettier.

Show Notes

Matt reviews SpiceWorks, a full featured open source infrastructure mapping suite. Grab a copy at spiceworks.com or check out Matt’s full review at MattLestock.com.

Chris Gerling dives into Reverse Engineering basics

In part 1 of Reverse Engineering I go over some basic theory and demo some tools associated with the Crackme scene of reverse engineering. This is not hardcore reverse engineering that will get you on the RELOADED team, but it’s a nice peek into things.

Tools of the trade (there are MANY MANY more):

WINDASM (W32DASM): I cannot link you to anything official as it’s no longer obtainable from the original vendor, so you’ll have to google for it. Be wary of any copy you download, virus scan it, and run it in a VM or on an isolated machine first. No guarantees.

IDA Pro: Industry standard. Extremely useful for almost any kind of file. We demo the older free version for lack of $500.
OllyDbg: Debugger similar to IDA Pro
PEiD: Detects packers, cryptors, and compilers.
.NET Reflector: Typically used for disassembling .NET applications.

Big Endian is akin to SONAR being sent as SON AR
Little Endian is akin to SONAR being sent as AR SON

Registers = Variables
32 bit = e
16 bit = different size, ax, bx, cx, dx, di, si, sp, bp
8 bit: al, ah, bl, bh, cl, ch, dl, dh. l means lower 8 bits of 16 bit reg, h means higher
Flags = boolean values, 1 or 0. Zero flag can get 0 or non zero (1) values.

The idea is to debug and disassemble to find out exactly how a program works, thereby enabling you to modify characteristics of that program to suit your needs.

In Part 2 we finish these notes and actually show you how to navigate through code.

Shannon talks about OpenDNS, a more secure and featureful alternative to your ISP provided DNS available at OpenDNS.com

Christine‘s software pick this week is Calibrize, a nifty tool for simple color calibration.


  • DigiP

    Open dns is great. I have been using it for over a year now and have noticed it increases my speed of my surfing as well as have less problems with mistyped thing ssinc eyou can put in error correction for something like cmo to com, etc. It’s also nice because it has a larger cache than my ISP, so when I can’t find or get to a site with my ISP, it usually comes up with OpenDNS(Given the site is actually live) Phishtank is nice and having the ability to go in and block whole domains, kinda like you would with your HOSTS file on windows is cool because you don’t have to go to each machine on you network to hardcode redirects or blocks in the HOSTS file, you can just point your networks router to OpenDNS and then configure it in one place on the OpenDNS site. Sh*T, I sound like an advertisement for OpenDNS, but yeah, they are worth taking the time to configure for your home networks DNS needs.

  • Thinkster

    The show was good, but prominently holding & displaying the beer was a bit cheesy! It just doesn’t look professional. Even if the beer maker is a sponsor, a commercial would be much more appropriate! If it’s just that you all enjoy beer, consider putting it in a coffee mug or something!

  • Tim Miller

    beer in a coffee mug? obviously not a beer drinker! i am just waiting for the bottle and the shot glasses to come out. I think it was toby that used to sport the mixed drink in season 2. Drink ON!

  • Paul Barnes

    OpenDNS works, BUT <— …. They store all DNS requests and pass them on to the Government, See their T&C

    There not to be trusted.

    P Barnes

  • Scorpion

    Video was there for me. I love that t-shirt Snubs lol. Great show and i’ve used SpiceWorks 3.0 very good and easy to setup. I think its great its on weekly as i wanna watch all now 🙁 . will The pineapple firmware be able to be changed in to working on another router?

  • Timmay313

    Spiceworks works great, is there a way to disable the prod key finder though? pops up on my machines as hacktools. damn AV anyways!
    if i could make the “pinnapple” out of an old linksys WRT router that would be great is it a possiblitly?

  • Kimmokor

    On the beer still: since that’s important to me too ;). Don’t keep the beer in your hand if you are not drinking since that looks a little stupid (and makes the beer warm). Any ways great show and the introduction to reverse engineering was pretty good though.

  • Forest


    I agree, I noticed they all pretty much seemed to be holding there beer excessively. Did look kind of corny, almost like they just turned 21, and were showing it off.

    Besides that, and the blurry issue that i heard is resolved as of episode 3, I am enjoying the show since the Rev3 team up.

  • Thinkster

    Not to go on & on about the beer thing, but I actually work in Television and the excessive holding of the beer wouldn’t fly with any director/producer as it looks abnormal on camera. Maybe if your at a party with young people, everyone holding beer bottles would probably be normal, but for a “TV” show in the likes of “The Scree Savers”, Come on!

  • ResDev

    It is fortunate that Shannon is so easy on the eyes. It helps counter-balance the blur from the video. Razzing aside, I’m grateful to have people like you producing such great content.

    Joyful and stimulated,


  • Paper Camera 3.2f

    This is the right Hak5 – Technolust since 2005 » Episode 402 — Spicy Reverse Engineering diary for anyone who wants to essay out out about this content. You respond so such its nigh wearying to contend with you (not that I truly would want…HaHa). You definitely put a new stunting on a content thats been cursive virtually for life. Fastidious force, just eager!

  • Antje

    We are a group of volunteers and opening a new scheme in our community.
    Your website offered us with valuable info to work on. You’ve done an impressive job and
    our whole community will be thankful to you.

  • pirate kings apk mod money

    For men the pirate shirt is a great crowd puller. Pirates of Black Cove marries those inspirations with some RTS
    elements somewhat similar to Paradox’s other games such as Kings’ Crusade and King Arthur II.
    With the economic downturn, the war and an uncertain future these are
    stressful times.

  • Auto Transport

    American Auto Shipping now makes it possible
    for many people searching for car shipping services to fill free quote request forms.
    Here again, abdominal muscles role of international car shipping company can’t be
    undermined anyways. They protect your automobile while shipping and help save money
    with the same time.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>