$$ Notes\ by\ Davide\ Scarrà $$
Slides:
We will study the life cycle of programs, the low-level kernel interface, how to reverse them, vulnerability and exploit, and how to produce secure programs.
I should solve some optional parts to obtain lode.
What are binaries?
In Windows knows extensions aren’t shown e.g. file.txt~~.exe~~
The parsing of the zip file begins from the end, in order to parse a bitmap you have to start from the beginning.
The same sequence of bytes can be parsed as different formats. A file can be built to meet different specifications to be executed in different formats. e.g. .pdf that can be also executed as a .exe. It basically has many headers. It has the .pdf header after the .exe header.
In a zip file, the signature can be everywhere so it can be seen by Windows as a zip but it can also be an executable.
File extensions are immaterial. Files with certain extensions specify only the program to read them.
File that meets the specifications of multiple file formats. they are called polyglots.
We can see inside a binary with a .exe editor.
hte can parse the file format: it can recognize if a file is an elf, and highlight headers.
Examples of .exe editor that knows how to parse format are 010 editor and imhex.
hte can parse Linux and Windows file formats. pe is Windows file format and elf is Linux file format.
gdb ./a.out.
disass to see the called function.