SlideShare a Scribd company logo

Reverse Engineering v/s Secure Coding

A
amiable_indian

The document discusses the differences between reverse engineering and secure coding, and provides tips to help secure software against reverse engineering attacks. It notes that cryptography and protectors in registration routines can be easily defeated. Packers may help but are still simple to overcome. Decompilation of .NET and Java applications is easy due to reliance on runtime environments. The author suggests using techniques like spaghetti code, polymorphism, and thinking like a reverse engineer to help tackle reverse engineering and secure software.

Technology
1 of 8
1
2
3
4
5
6
7
8
Reverse Engineering v/s Secure Coding.
What is Secure Coding? Is Secure Coding simply avoiding certain already discovered vulnerable functions? What about Tons of Commercial applications that are released everyday? Software Crackers (Reverse Engineers) causing Millions of Dollars of loss Globally due to Software Piracy. Are you Programmers taking your Job seriously?
Cryptography?...Hmm… Cryptography in Application Registration routines don’t make sense. Cryptographic Algorithm adds to the applications’ size & is Processor intense. Cryptographic Algorithm in Registration routines can be either completely ripped off or totally bypassed and they pose no challenge to a Cracker.
Packers & Protectors? What are Packers? What are Protectors? Packers make Sense but Protectors don’t ! Packers == very easy to defeat. Protectors == who cares to defeat ? Virtual Machines?.... Not again!
.Net & Java == Not Cool? Decompilation & not Disassembling. .Net is M$’s take on Java. .class files & .net executables rely heavily on Runtime Environment Components. Damn easy to break code and Damn tough to prevent us from Tampering with your App.
Mobile Devices…. Yeah! Sony Ericsson’s “.Sest” Feature talked about for the first time ever! J2me applications built for Mobile Devices should be “Freewares”. J2me Trojans can be very easy to code. Don’t even want to talk about Sony Ericsson & Siemens’ “Phone Modding”.
Can I Tackle R.E ? Technically Speaking? No you Can’t! Logically ? Bore us to Death! How? a] Use spaghetti Code. b] Jump all over the Place. c] Learn Polymorphism. d] Learn to use your “Imagination” as a tool. e] Think like a Reverse Engineer!
“ Thinking Before Writing, saves the time spent in Editing.” –Pirated. Thank You. Atul Alex Cherian, www.OrchidSeven.com . Ph:9860056788. [email_address]

More Related Content

PPTX
George - Computer Bug
beacondaytech
 
PDF
ASFWS 2011 : Code obfuscation: Quid Novi ?
Cyber Security Alliance
 
PPTX
Software Protection Techniques
Chaitanya Anpat
 
PDF
Appsec obfuscator reloaded
Cyber Security Alliance
 
PPTX
Reverse engineering power point!
foy8447
 
PDF
uBox Point of Sale
Mohamed abdelbary
 
PPT
Obfuscator
Mohamed abdelbary
 
PPT
Code obfuscation
bijondesai
 
George - Computer Bug
beacondaytech
 
ASFWS 2011 : Code obfuscation: Quid Novi ?
Cyber Security Alliance
 
Software Protection Techniques
Chaitanya Anpat
 
Appsec obfuscator reloaded
Cyber Security Alliance
 
Reverse engineering power point!
foy8447
 
uBox Point of Sale
Mohamed abdelbary
 
Obfuscator
Mohamed abdelbary
 
Code obfuscation
bijondesai
 

Similar to Reverse Engineering v/s Secure Coding (20)

PPTX
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
Shellmates
 
PDF
Software potential code protector
InishTech
 
PDF
Software Reverse Engineering in a Security Context
Lokendra Rawat
 
PPTX
Reverse Engineering .NET and Java
Joe Kuemerle
 
PPTX
Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
PDF
Cracking the mobile application code
Sreenarayan A
 
PDF
Smart Phones Dumb Apps
Denim Group
 
PPT
Reverse engineering
Saswat Padhi
 
PPTX
Reverse Engineering.pptx
Sameer Sapra
 
PDF
V4I5201571
krishan8018
 
PPTX
Reverse Engineering: Protecting and Breaking the Software
Satria Ady Pradana
 
PPTX
(Workshop) Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
PDF
Secure .NET programming
Ante Gulam
 
PPTX
Reverse Engineering: Protecting and Breaking the Software (Workshop)
Satria Ady Pradana
 
PDF
Demystifying dot NET reverse engineering - Part1
Soufiane Tahiri
 
PPTX
Keynote Rockford Lhotka on the Microsoft Development Platftorm
Code Mastery
 
PPTX
Introduction to Software Reverse Engineering
Teodoro Cipresso
 
PPT
Csharp dot net
Revanth Mca
 
PDF
IRJET- Obfuscation: Maze of Code
IRJET Journal
 
PDF
Software cracking and patching
Mayank Gavri
 
BSides Algiers - Reversing Win32 applications - Yacine Hebbal
Shellmates
 
Software potential code protector
InishTech
 
Software Reverse Engineering in a Security Context
Lokendra Rawat
 
Reverse Engineering .NET and Java
Joe Kuemerle
 
Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
Cracking the mobile application code
Sreenarayan A
 
Smart Phones Dumb Apps
Denim Group
 
Reverse engineering
Saswat Padhi
 
Reverse Engineering.pptx
Sameer Sapra
 
V4I5201571
krishan8018
 
Reverse Engineering: Protecting and Breaking the Software
Satria Ady Pradana
 
(Workshop) Reverse Engineering - Protecting and Breaking the Software
Satria Ady Pradana
 
Secure .NET programming
Ante Gulam
 
Reverse Engineering: Protecting and Breaking the Software (Workshop)
Satria Ady Pradana
 
Demystifying dot NET reverse engineering - Part1
Soufiane Tahiri
 
Keynote Rockford Lhotka on the Microsoft Development Platftorm
Code Mastery
 
Introduction to Software Reverse Engineering
Teodoro Cipresso
 
Csharp dot net
Revanth Mca
 
IRJET- Obfuscation: Maze of Code
IRJET Journal
 
Software cracking and patching
Mayank Gavri
 
Ad

More from amiable_indian (20)

PDF
Phishing As Tragedy of the Commons
amiable_indian
 
PDF
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
 
PDF
Secrets of Top Pentesters
amiable_indian
 
PPS
Workshop on Wireless Security
amiable_indian
 
PDF
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
 
PPS
Workshop on BackTrack live CD
amiable_indian
 
PPS
Reverse Engineering for exploit writers
amiable_indian
 
PPS
State of Cyber Law in India
amiable_indian
 
PPS
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
 
PPS
Network Vulnerability Assessments: Lessons Learned
amiable_indian
 
PPS
Economic offenses through Credit Card Frauds Dissected
amiable_indian
 
PPS
Immune IT: Moving from Security to Immunity
amiable_indian
 
PPS
Reverse Engineering for exploit writers
amiable_indian
 
PPS
Hacking Client Side Insecurities
amiable_indian
 
PDF
Web Exploit Finder Presentation
amiable_indian
 
PPT
Network Security Data Visualization
amiable_indian
 
PPT
Enhancing Computer Security via End-to-End Communication Visualization
amiable_indian
 
PDF
Top Network Vulnerabilities Over Time
amiable_indian
 
PDF
What are the Business Security Metrics?
amiable_indian
 
PPT
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
amiable_indian
 
Phishing As Tragedy of the Commons
amiable_indian
 
Cisco IOS Attack & Defense - The State of the Art
amiable_indian
 
Secrets of Top Pentesters
amiable_indian
 
Workshop on Wireless Security
amiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
amiable_indian
 
Workshop on BackTrack live CD
amiable_indian
 
Reverse Engineering for exploit writers
amiable_indian
 
State of Cyber Law in India
amiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
amiable_indian
 
Network Vulnerability Assessments: Lessons Learned
amiable_indian
 
Economic offenses through Credit Card Frauds Dissected
amiable_indian
 
Immune IT: Moving from Security to Immunity
amiable_indian
 
Reverse Engineering for exploit writers
amiable_indian
 
Hacking Client Side Insecurities
amiable_indian
 
Web Exploit Finder Presentation
amiable_indian
 
Network Security Data Visualization
amiable_indian
 
Enhancing Computer Security via End-to-End Communication Visualization
amiable_indian
 
Top Network Vulnerabilities Over Time
amiable_indian
 
What are the Business Security Metrics?
amiable_indian
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
amiable_indian
 
Ad

Recently uploaded (20)

PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PDF
Transforming Manufacturing operations through Intelligent Integrations
TGH Software Solutions Pvt. Ltd.
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
madgavkar20181017ppt McKinsey Presentation.pdf
georgschmitzdoerner
 
PDF
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
PDF
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Sensors and Actuators in IoT Systems using pdf
jeffinmathew654
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
KodekX | Application Modernization Development
KodekX
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Transforming Manufacturing operations through Intelligent Integrations
TGH Software Solutions Pvt. Ltd.
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Cloud computing and distributed systems.
kkkkkhan
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
madgavkar20181017ppt McKinsey Presentation.pdf
georgschmitzdoerner
 
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
solutions_manual_-_materials___processing_in_manufacturing__demargo_.pdf
AbdullahSani29
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Sensors and Actuators in IoT Systems using pdf
jeffinmathew654
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 

Reverse Engineering v/s Secure Coding

  • 1. Reverse Engineering v/s Secure Coding.
  • 2. What is Secure Coding? Is Secure Coding simply avoiding certain already discovered vulnerable functions? What about Tons of Commercial applications that are released everyday? Software Crackers (Reverse Engineers) causing Millions of Dollars of loss Globally due to Software Piracy. Are you Programmers taking your Job seriously?
  • 3. Cryptography?...Hmm… Cryptography in Application Registration routines don’t make sense. Cryptographic Algorithm adds to the applications’ size & is Processor intense. Cryptographic Algorithm in Registration routines can be either completely ripped off or totally bypassed and they pose no challenge to a Cracker.
  • 4. Packers & Protectors? What are Packers? What are Protectors? Packers make Sense but Protectors don’t ! Packers == very easy to defeat. Protectors == who cares to defeat ? Virtual Machines?.... Not again!
  • 5. .Net & Java == Not Cool? Decompilation & not Disassembling. .Net is M$’s take on Java. .class files & .net executables rely heavily on Runtime Environment Components. Damn easy to break code and Damn tough to prevent us from Tampering with your App.
  • 6. Mobile Devices…. Yeah! Sony Ericsson’s “.Sest” Feature talked about for the first time ever! J2me applications built for Mobile Devices should be “Freewares”. J2me Trojans can be very easy to code. Don’t even want to talk about Sony Ericsson & Siemens’ “Phone Modding”.
  • 7. Can I Tackle R.E ? Technically Speaking? No you Can’t! Logically ? Bore us to Death! How? a] Use spaghetti Code. b] Jump all over the Place. c] Learn Polymorphism. d] Learn to use your “Imagination” as a tool. e] Think like a Reverse Engineer!
  • 8. “ Thinking Before Writing, saves the time spent in Editing.” –Pirated. Thank You. Atul Alex Cherian, www.OrchidSeven.com . Ph:9860056788. [email_address]