In this lab, static and dynamic reverse engineering techniques were applied to the RoboAuth executable using tools such as Ghidra and Windows debugging utilities. The purpose of the analysis was to understand how the application validates user input and to identify the mechanisms used to protect or obscure sensitive data such as passwords.
During static analysis, the program structure and memory layout were examined by reviewing the .text, .data, and .rdata sections. Key imported functions such as scanf, strcmp, and puts were identified as part of the input-handling and validation process. The control flow revealed that user input is collected using scanf and then compared against an internally stored value using strcmp. A successful comparison results in the program printing a success message indicating that the first authentication level has been passed.
Further analysis showed that the program does not store all authentication data in plain text. Instead, certain values are referenced indirectly through pointers or are processed at runtime, demonstrating a basic anti-reverse engineering technique. This design makes it more difficult to extract sensitive information through simple string inspection alone.
Overall, this exercise provided hands-on experience with executable analysis, function tracing, and understanding how common C runtime functions are used in authentication logic, while also highlighting simple countermeasures against reverse engineering.
Requirements: 8 answers
Get this or a similar paper done in as fast as 4 hours, 24/7.
NB: We do not sell prewritten papers. All essays are written from scratch according to specific needs and instructions
Leave a Reply
You must be logged in to post a comment.