[Noisebridge-discuss] Software Reverse Engineering Workshop

Sat May 2 10:12:36 UTC 2009

Didnt quite get how we're supposed to fill out the survey in this email
format. (Maybe use google docs, as they have survey making tools and you can
download to spreadsheet.)

Anyway, here it is:

[ ] Focusing on x86 only is fine with me.

> [ ] I would also to know about other processors:
>

x86 is great. normally use this.
also interested in embedded systems.

>
>
> [ ] Focusing on the Linux ABI only is fine with me.
> [ ] Focusing on the Windows ABI only is fine with me.
> [ ] Focusing on the Darwin (mac) ABI only is fine with me.
> [ ] I care about more than one of these:
>  (list combination of the above)

Linux ABI i am not so concerned with; its open source. maybe later

> Windows ABI -- definitely.

Darwin (Mac) don't really care, but wouldn't mind if others are really
interested

>
>
> [ ] I've written 0-day/asm demos and have skipped the rest of this
> questionnaire.
>

Negative

>
> [ ] I have an IDA Pro license of any flavor.

The Free one!

>
> [ ] I even paid cash money for it and I now know all about customs and
> Belgium.

Nope. but it would be cool if nb could get a license for us.

>
> [ ] And I've been paid for using my copy at least once.
>
Not yet.

>
> [ ] I belong to the church of free software and can't use non-libre
> software, including IDA.

bollocks. IDA can be free, if you get the free one and write your own
scripts to augment it.

>
> [ ] I sort of care about licensing politics, but I really just want the
> source code any way I can get it.

i want to know where to plug in and control, get data, inject data, etc.
proprietary software is ridiculous. programmers should not have to pay for
software. they make software and can extend software.

>
> [ ] I don't care about licensing politics as long as its cheap or free.
> [ ] I prefer commercial software because I have more money than time.

I have a little more time than money, but not much of either, and because of
that, I would not spend my money AND time learning someone's closed source
software.

>
> [ ] I have another opinion not covered above:

i want to make music, and my sound card sucks.

>
>  (your opinion)
>
> (by heart means you can reconstruct the relevant parts of the opcode's
> pages in the manual from memory, blindfolded, with one hand tied
> behind your back)
> [ ] My myspace is on the aol wireless dsl.

whats myspace?

>
> [ ] I have no programming experience.
> [ ] I have no assembly experience.
> [ ] I have some assembly experience, but I can't read it without a manual.
> [ ] I know more than 20 x86 opcodes by heart.

is that a challenge? consider it done.

>
> [ ] I know more than 40 x86 opcodes by heart.

maybe

>
> [ ] I know more than 100 x86 opcodes by heart.

pushing it.

>
> [ ] I have the IASDM memorized.
> [ ] I can read disassembly listings for another processor:
>  (list processor(s) here)
>
> [ ] I only care about application level reversing.

no

>
> [ ] I would also like to learn about x86 system programming in a longer,
> separate talk.

yes

>
> [ ] I would also like to learn about the x86 FPU / vector units in a
> longer, separate talk.

yes

>
>
> [ ] I can do ASCII <-> hex in my head.
> [ ] I even know why tolower and toupper might use 0x20.
>
> [ ] I can do two's complement arithmatic in my head.
> [ ] I also know what it means when someone says it saves a bit compared to
> the other way of representing sign.
> [ ] I also know the trick to avoid flipping all the bits when changing the
> sign of a small number.
>
> [ ] Numbers terrify me.
> [ ] My math is so-so.
> [ ] I finished algebra II.

yes

>
> [ ] I finished precalculus.

i got books at thriftstores and read them, somewhat.

>
> [ ] I completed a three semester calculus course.
> [ ] I survived linear algebra and group theory.

see "I finished precalculus"

>
> [ ] I've been admitted to graduate studies in a math program (and forgot
> how to do long division.)
> [ ] My fields medal is very shiny, let me show you it.
>
> [ ] I've passed a compiler course or written a compiler.
>
> [ ] I've passed a computer architecture course.  (SPIM or MMIX or equiv.)
>
> [ ] Off the top of my head, I know exactly what happens when I tell gcc
> __builtin_expect((x), 0).
> [ ] And I know why I should be thinking about page size when I do that.
> [ ] I know the MSVC version of this question as well as the answer.
> [ ] I know how to do this manually in C.
> [ ] Without an opcode chart.
>
> [ ] Without looking anything up, I can explain exactly what this program is
> doing and why it works:
> http://pastebin.com/m2f68dc27

give me a B+

> <http://pastebin.com/m2f68dc27>
> [ ] I sort of get it, but I had to google a few things.
> [ ] You can do that?!
>
> [ ] Off the top of my head, I know what mov edi, edi means on Windows.
> [ ] I even know what to do with that using windbg.
> [ ] I had to google it.
>
google!

>
> [ ] Off the top of my head, I know why scribbling on the 8237 compatibility
> registers on my mac doesn't cause it to asplode.
> [ ] I tried to google it and I still don't know.
> [ ] I tried it on my mac and figured it out.
> [ ] I also know why this may or may not apply to my PC.
>
macrosoft! blaw!

>
> [ ] Off the top of my head, I know what COFF means and the magic number.
> [ ] Off the top of my head, I know what MACH-O means and the magic number.

once upon a time

>
> [ ] Off the top of my head, I know what ELF means and the magic number.
> yes

>
> [ ] I can interpret at least one kind of symbol mangling without using a
> demangler.
>
> [ ] I know the correct response, including format, to the $100 trivia
> question from prequals.
>  (response goes here)
>
> Thanks, everyone.
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20090502/493d1772/attachment-0002.html>