1
00:00:01,110 --> 00:00:11,130
Hello and welcome back, none that you have in start two versions of Ghidorah on your computer, one

2
00:00:11,130 --> 00:00:18,670
for Linux and one for Windows, which one should you use when you are reversing binaries?

3
00:00:19,740 --> 00:00:26,100
So this is like where I going to share with you reversing workflows?

4
00:00:31,000 --> 00:00:39,040
So for Linux and binaries, you have to run it on the Linux itself.

5
00:00:39,550 --> 00:00:43,510
So Linux binaries, also known as Alpha House.

6
00:00:44,860 --> 00:00:54,190
So to test the binary, you were running on Linux and then when you are reversing on the right is a

7
00:00:54,190 --> 00:01:03,070
diagram for everything you also represent on Linux using the same machine that you are using for running

8
00:01:03,070 --> 00:01:04,990
the binary files.

9
00:01:06,700 --> 00:01:13,710
However, when you are testing windows boundaries, you have a choice.

10
00:01:14,770 --> 00:01:25,810
You could run your XP on Windows and then reverse it on Linux.

11
00:01:29,100 --> 00:01:38,630
Or you could run it on windows and reverse it also on windows, so you have an option here.

12
00:01:42,290 --> 00:01:44,630
So coming back to this diagram.

13
00:01:47,150 --> 00:01:55,880
Windows binaries are executable files known as b B files dislike for Linux are known as Alphons.

14
00:01:57,140 --> 00:02:08,980
So on for Linux you need to run the binary only and then test it reversely on Linux to buy for Windows,

15
00:02:08,990 --> 00:02:09,680
you have a choice.

16
00:02:11,060 --> 00:02:18,860
You can reverse the Windows binary using Gaja, which is running on Linux.

17
00:02:22,330 --> 00:02:34,210
Similarly, for the case of binaries, you could also reverse the Linux bindery using Windows, which

18
00:02:34,210 --> 00:02:35,500
is running Giurgiu.

19
00:02:39,890 --> 00:02:49,730
Coming back to this in both situations, whether or not you are using ground Windows or Linux, you

20
00:02:49,730 --> 00:02:53,810
would typically use virtual machines.

21
00:02:54,920 --> 00:03:05,360
This is especially so for those executable running on Windows, because now malware typically targets

22
00:03:05,720 --> 00:03:06,430
Windows.

23
00:03:07,220 --> 00:03:10,310
So it is strongly advisable to run.

24
00:03:10,310 --> 00:03:19,640
He'll be business inside Windows with your machine and have already shown you how to do that in your

25
00:03:19,640 --> 00:03:21,170
previous lecture.

26
00:03:24,950 --> 00:03:36,690
So now you have an overview of the work flow, sometimes I will be running the reversing on Linux,

27
00:03:36,860 --> 00:03:40,640
sometimes I will run it on Windows.

28
00:03:46,360 --> 00:03:52,890
So this is how I want to share with you in this video.

29
00:03:53,530 --> 00:03:54,480
Thank you for watching.