Finding and exploiting software flaws is always one of the most effective ways to breach the security of any computer system or network. Likewise, if you are going to defend against this sort of attack, you need to find these bugs first so they can be fixed. Finding bugs is relatively straightforward if you have the source code, but what about closed source binary programs? This class of software is very common on networks today. So how do you find these bugs even if the code is not available to you? You reverse engineer the binary.

I’ve always loved to play video games; only trouble is, I’m not very good at them. I’ve learned to make up for my gaming inadequacies by reverse engineering the games so I can cheat. Odd as it might seem, I think this is the best way to practice reverse engineering skills or learn how to use a new tool. For the rest of this chapter, I’m going to reverse engineer an open source video game, FreeCiv 2.0.8. You can get a copy of this game, complete with source code, from http://www.freeciv.org. To get the most out of this chapter, you might want to install FreeCiv and follow along as I rip it apart from the binary. Because it’s open source, you can even check your work as you go.