Condividi tramite


The Reverse Engineering Mindset – Hello World

Header-Binary __asm int 3

Hello friends – Welcome to the INT 3 blog. According to the Intel 64 and IA 32 Architecture Software Developer’s manual, “the INT 3 instruction explicitly calls the breakpoint exception (#BP) handler.” It gives a task or program the ability to call the exception handler to halt execution of a program or system. Much like the INT 3 is used to ‘break’ (or halt) code execution to give the debugger an opportunity to examine the execution state, it is our intent on the INT 3 blog to ‘break in’ and examine debugging techniques, debugger automation (debug scripts and extensions), kernel architecture, reverse engineering techniques, and a lot more. Our plan is to post a series of recurring articles on these topics.

 

C:\>hostname
My name is Ron Stock and I’m one of the three contributors to the INT 3 blog. I spend the majority of my day reviewing crash dumps, live debugging, code reviewing Windows bugs, and instrumenting source to troubleshoot issues for Enterprise customers. Dan Mattson is a fellow Senior Escalation Engineer and developer on my Support Escalation team at Microsoft. Trey Nash is a developer and consultant from our Cyber Security team who spends a lot of his time reverse engineering, debugging and writing books. We all look forward to publishing on INT 3. We will occasionally sneak in other personal passions such as my ‘guitar talk’, Dan’s diversions and Trey’s ‘synthesizer chats’.

 

0: kd>g
-Ron

Comments

  • Anonymous
    August 09, 2016
    I'm looking forward to this!
    • Anonymous
      August 09, 2016
      Thanks, Hilderman74. Looking forward to the dialog with the debug community. -Ron
  • Anonymous
    August 10, 2016
    Ron, thank you for bringing your superior reverse debug skills to the public debug community and for teaming up with Trey to allow his distinguished debug and security expertise to be showcased to debug enthusiasts seeking to learn new debug tips and techniques. Thank you for all you do relating to the transfer of debugging knowledge to professionals seeking to learn more debugging skills.
    • Anonymous
      August 16, 2016
      Thanks for the kind words, Boyd.
  • Anonymous
    August 26, 2016
    Ron, a debugging subject matter expert, such as you, sharing real world debugging skills for specific technical scenarios is helpful. Thanks for the time and effort you have spent and will spend producing technical relevant debug/reverse engineering material.Boyd