On your feet soldier!

Welcome back to the second blog post on reverse engineering... Lets get into the meat of it shall we? In this post we're going to take an executable and disassemble it. We're then going to examine it to see if we can figure out what the program flow is, and come up with a very good idea of what the original source code looked like. If you missed the first one, you can find it here .

An example pack for this scenario is attached to this blog post. I'm not going to give you the IDA file because frankly, I want you to follow along and do this as an exercise :). You learn this stuff by doing, not only by reading.

I suggest you get IDA, MASM32, and WinDBG along with it's associated symbol package. You should also download the example pack and Notepad++ with the hex editor plug-in (available on the download page) as you will want to view the CPP files and the binaries.