day1 week1
This commit is contained in:
60
README.md
Normal file
60
README.md
Normal file
@@ -0,0 +1,60 @@
|
||||
# 1-Month Integrated C & Reverse Engineering Course
|
||||
|
||||
Welcome to your intensive 1-month journey into the heart of software. This course is designed to teach you **C programming** and **Reverse Engineering (RE)** simultaneously by following a "Build and Break" philosophy.
|
||||
|
||||
## 🎯 Goal
|
||||
By the end of this month, you will not only be able to write robust C programs but also understand how they are transformed into machine code and how to analyze binaries without access to their source code.
|
||||
|
||||
## 🛠 Prerequisites & Tools
|
||||
We will be using a Linux-based environment (x64 architecture). Ensure the following tools are installed:
|
||||
- **Compiler:** `gcc`
|
||||
- **Debugger:** `gdb` (highly recommended to install [GEF](https://github.com/hugsy/gef) or [Peda](https://github.com/longld/peda))
|
||||
- **Static Analysis:** [Ghidra](https://ghidra-sre.org/)
|
||||
- **Binary Utilities:** `objdump`, `nm`, `strings`, `readelf`
|
||||
|
||||
---
|
||||
|
||||
## 📅 Curriculum Overview
|
||||
|
||||
### **Week 1: The Building Blocks (Variables & Memory)**
|
||||
* **Focus:** How data is stored.
|
||||
* **C:** Data types, variables, scopes, and basic arithmetic.
|
||||
* **RE:** CPU Registers, the Stack, and Memory Addressing.
|
||||
* **Task:** Write a math program and watch variables move through registers in GDB.
|
||||
|
||||
### **Week 2: Control Flow & Logic**
|
||||
* **Focus:** How decisions are made.
|
||||
* **C:** `if/else`, `for/while` loops, and `switch` statements.
|
||||
* **RE:** Jumps, Flags, and Branching logic in Assembly.
|
||||
* **Task:** Build a password validator and bypass it by patching the binary.
|
||||
|
||||
### **Week 3: Functions & Memory Management**
|
||||
* **Focus:** How programs are structured.
|
||||
* **C:** Functions, Pointers, Arrays, and Memory Allocation.
|
||||
* **RE:** Calling conventions, Stack Frames, and Pointer arithmetic.
|
||||
* **Task:** Create a sorting algorithm and trace the memory layout during execution.
|
||||
|
||||
### **Week 4: Data Structures & Vulnerabilities**
|
||||
* **Focus:** How complex systems work and fail.
|
||||
* **C:** Structs, Unions, and Dynamic Memory.
|
||||
* **RE:** Heap analysis and identifying security vulnerabilities.
|
||||
* **Task:** Build a small database and exploit a controlled buffer overflow.
|
||||
|
||||
---
|
||||
|
||||
## 🔄 Daily Workflow
|
||||
For every topic, we will follow this exact pattern:
|
||||
1. **The Lesson:** A conceptual deep-dive into a C concept and its RE counterpart.
|
||||
2. **3 Exercises:** Hands-on challenges where you write the code and analyze the binary.
|
||||
3. **The Correction:** We review your implementation and deconstruct the assembly together.
|
||||
4. **Documentation:** We generate a topic-specific `README.md` and a set of **Anki Cards** to ensure long-term retention.
|
||||
|
||||
---
|
||||
|
||||
## 🚀 Getting Started
|
||||
To begin, create your first program in the `week1/` directory:
|
||||
```bash
|
||||
mkdir -p week1/day1
|
||||
touch week1/day1/hello.c
|
||||
```
|
||||
Refer to the `plans/1-month-c-re-integrated.md` for the full detailed schedule.
|
||||
31
week1/day1/README.md
Normal file
31
week1/day1/README.md
Normal file
@@ -0,0 +1,31 @@
|
||||
# Day 1: Variables, Memory, and the Stack
|
||||
|
||||
## 📝 Concepts Covered
|
||||
Today we explored how high-level C variables are translated into low-level machine instructions and memory operations.
|
||||
|
||||
### 1. The Stack and RBP
|
||||
Local variables in C are stored on the **Stack**. The CPU uses the `RBP` (Base Pointer) register as a reference point to find these variables.
|
||||
- `int a = 123;` -> `mov DWORD PTR [rbp-4], 0x7b`
|
||||
|
||||
### 2. Register Basics (x64)
|
||||
Registers are small, fast storage locations inside the CPU.
|
||||
- `RAX`, `RBX`, `RCX`, `RDX`: General purpose 64-bit registers.
|
||||
- `EAX`, `EBX`, `ECX`, `EDX`: The lower 32-bit halves of the above (used for `int` in C).
|
||||
|
||||
### 3. Data Sizes
|
||||
The assembly instruction specifies how much data to move:
|
||||
- `BYTE PTR`: 1 byte (`char`)
|
||||
- `WORD PTR`: 2 bytes (`short`)
|
||||
- `DWORD PTR`: 4 bytes (`int`)
|
||||
- `QWORD PTR`: 8 bytes (`long` or pointers)
|
||||
|
||||
### 4. Arithmetic Pattern
|
||||
CPUs perform arithmetic using a **Load-Modify-Store** cycle:
|
||||
1. **Load** memory value into a register.
|
||||
2. **Add/Sub** the register value.
|
||||
3. **Store** the register result back into memory.
|
||||
|
||||
## 🛠 Exercises Completed
|
||||
- `exo_1.c`: Basic assignment and hex identification.
|
||||
- `exo_2.c`: Arithmetic deconstruction (The `add` instruction).
|
||||
- `exo_3.c`: Data type sizes and memory offsets.
|
||||
31
week1/day1/anki_cards.md
Normal file
31
week1/day1/anki_cards.md
Normal file
@@ -0,0 +1,31 @@
|
||||
# Day 1: C & Reverse Engineering Anki Cards
|
||||
|
||||
## Card 1
|
||||
**Front:** In x64 Assembly, what does `DWORD PTR` indicate about the size of the data?
|
||||
**Back:** It indicates a 32-bit (4-byte) value, typically used for an `int` in C.
|
||||
|
||||
## Card 2
|
||||
**Front:** Translate the C code `int x = 10;` into a conceptual x64 assembly instruction.
|
||||
**Back:** `mov DWORD PTR [rbp-offset], 0xa`
|
||||
|
||||
## Card 3
|
||||
**Front:** Why can't a CPU usually add two memory locations directly (e.g., `add [mem1], [mem2]`)?
|
||||
**Back:** Architecture constraints. It must follow the **Load-Modify-Store** pattern: move values into registers, perform the addition, and store the result back.
|
||||
|
||||
## Card 4
|
||||
**Front:** What is the relationship between `RAX` and `EAX`?
|
||||
**Back:** `EAX` is the lower 32-bit half of the 64-bit `RAX` register.
|
||||
|
||||
## Card 5
|
||||
**Front:** Match the C type to its Assembly size prefix:
|
||||
1. `char`
|
||||
2. `short`
|
||||
3. `int`
|
||||
**Back:**
|
||||
1. `BYTE PTR` (1 byte)
|
||||
2. `WORD PTR` (2 bytes)
|
||||
3. `DWORD PTR` (4 bytes)
|
||||
|
||||
## Card 6
|
||||
**Front:** What does the `RBP` register represent in the context of local variables?
|
||||
**Back:** The **Base Pointer**. It serves as a fixed reference point on the stack from which local variables are accessed via offsets (e.g., `[rbp-4]`).
|
||||
BIN
week1/day1/exo_1
Executable file
BIN
week1/day1/exo_1
Executable file
Binary file not shown.
7
week1/day1/exo_1.c
Normal file
7
week1/day1/exo_1.c
Normal file
@@ -0,0 +1,7 @@
|
||||
#include <stdio.h>
|
||||
|
||||
int main(){
|
||||
int a = 123;
|
||||
int b = 456;
|
||||
return 0;
|
||||
}
|
||||
BIN
week1/day1/exo_2
Executable file
BIN
week1/day1/exo_2
Executable file
Binary file not shown.
7
week1/day1/exo_2.c
Normal file
7
week1/day1/exo_2.c
Normal file
@@ -0,0 +1,7 @@
|
||||
|
||||
int main(){
|
||||
int a = 10;
|
||||
int b = 20;
|
||||
int sum = a + b;
|
||||
return 0;
|
||||
}
|
||||
BIN
week1/day1/exo_3
Executable file
BIN
week1/day1/exo_3
Executable file
Binary file not shown.
6
week1/day1/exo_3.c
Normal file
6
week1/day1/exo_3.c
Normal file
@@ -0,0 +1,6 @@
|
||||
int main(){
|
||||
char a = 1;
|
||||
short b = 22;
|
||||
int c = 123;
|
||||
return 0;
|
||||
}
|
||||
Reference in New Issue
Block a user