April 2011
Intermediate to advanced
328 pages
6h 56m
English
It’s not uncommon to be presented with an executable where the protocol is either partially unknown or completely unknown. As a reverse engineer, it’s your job to either figure out the protocol for compatibility or to check a program for any hidden features that may cause security problems. In this chapter we’ll cover tracking a protocol through a binary and recovering its message structure.
Most protocols are streams of discrete messages meant to be interpreted ...