Chapter 7. Walkthrough Four
The Protocol Problem
It’s not uncommon to be presented with an executable where the protocol is either partially unknown or completely unknown. As a reverse engineer, it’s your job to either figure out the protocol for compatibility or to check a program for any hidden features that may cause security problems. In this chapter we’ll cover tracking a protocol through a binary and recovering its message structure.
Most protocols are streams of discrete messages meant to be interpreted ...