1
00:00:00,810 --> 00:00:02,490
Hello and welcome back.

2
00:00:03,030 --> 00:00:13,530
In this video, as in I'm going to outline the workflow, so the workflow is like this, I will provide

3
00:00:13,680 --> 00:00:23,910
the files for you to practice on and you can download the file after you download the file.

4
00:00:23,910 --> 00:00:35,410
You have their files name, see one C2C, three C4 and Seifi, and they will be more as we go along.

5
00:00:37,800 --> 00:00:42,660
We will then copy all these files, every one of them.

6
00:00:47,090 --> 00:01:05,810
Cut it and increase create a folder you see right inside the head and say here he can't hold a session

7
00:01:05,810 --> 00:01:06,050
one

8
00:01:11,060 --> 00:01:15,740
and then say he based on the premise.

9
00:01:17,210 --> 00:01:25,010
Next, we head over to this country and then go to the shareholder.

10
00:01:30,090 --> 00:01:34,980
Visconti says anyone he would then cut.

11
00:01:37,450 --> 00:01:43,860
A whole folder and put it in a home directory here, you see here.

12
00:01:45,610 --> 00:01:51,480
So now we have one, you know, free and you can close the whole.

13
00:01:55,320 --> 00:02:11,250
So this false claim is written by somebody called wrong by an EU website where I got it from Romba and

14
00:02:12,450 --> 00:02:15,980
he's had it fast and I downloaded from his get.

15
00:02:20,020 --> 00:02:28,750
So to Sara, we are going to try to reverse C1 before we reverse anything you want to track.

16
00:02:28,960 --> 00:02:29,360
Right.

17
00:02:30,340 --> 00:02:35,110
So you can click here or open terminal and in the end.

18
00:02:35,110 --> 00:02:35,350
Right.

19
00:02:36,400 --> 00:02:37,780
You can try to run C1.

20
00:02:41,940 --> 00:02:55,860
If you tell me that you can see the five Farzaneh to Runcie one just you see one person to another to

21
00:02:55,860 --> 00:02:56,910
supply the password.

22
00:02:59,910 --> 00:03:07,290
So this is a command line program to submit a password in a taxi, one followed by a password.

23
00:03:09,630 --> 00:03:11,070
And you get the answer.

24
00:03:11,070 --> 00:03:11,800
Wrong answer.

25
00:03:12,220 --> 00:03:19,680
We never use one, two and two and do has a password, so you have to keep on going until you get the

26
00:03:19,680 --> 00:03:20,300
right password.

27
00:03:23,560 --> 00:03:36,640
Still would say so now we are going to reverse it, so to privacy when we open our Kyra creepy terminal,

28
00:03:39,130 --> 00:03:46,180
go to the Gaja folder, which is Hoppity Dietary.

29
00:03:59,380 --> 00:04:08,190
And you can see he just could stay in the forest, Nash Gaja, right?

30
00:04:11,430 --> 00:04:17,650
And press enter and you fire nature once you get a start.

31
00:04:17,670 --> 00:04:21,210
He came close to me leaving his to me open

32
00:04:24,270 --> 00:04:24,980
and close.

33
00:04:26,130 --> 00:04:34,290
Now we create a new project, file new project, create and launch project.

34
00:04:36,980 --> 00:04:48,560
Click on Next in the Project Home Directory, click on and treat us and navigate to our home.

35
00:04:49,810 --> 00:04:57,280
Click on Home Penalization one celebrity dietary session.

36
00:04:57,290 --> 00:05:05,570
One is our everyday dietary going to give a name with only one refurnish.

37
00:05:08,420 --> 00:05:14,510
Now we can put the files in together, so the first file you and to try, you see one.

38
00:05:14,700 --> 00:05:25,040
So we just go to the location to see one dry and I've been here in Cairo, but you had detected that

39
00:05:25,040 --> 00:05:37,250
it is an alpha alfandary surliness binary similar to Windows Peafowl, and he was detected this alpha.

40
00:05:38,390 --> 00:05:42,580
And you want to be clear, OK?

41
00:05:45,170 --> 00:05:46,010
And he will.

42
00:05:48,820 --> 00:05:57,610
He will probably after anybody, he will show you a summary and even the file if you want to program

43
00:05:58,780 --> 00:05:59,740
in language.

44
00:06:02,470 --> 00:06:04,840
And then over here, Professor.

45
00:06:06,400 --> 00:06:07,060
And so on.

46
00:06:10,380 --> 00:06:23,780
Quick to dismiss this summary, next thing we need to analyze it using the code browser so we can double

47
00:06:23,780 --> 00:06:28,430
click on this or drag it and drop it in your browser.

48
00:06:35,230 --> 00:06:38,590
He wouldn't try to analyze Tafa.

49
00:06:41,340 --> 00:06:46,270
So you want his number in the light, would you like NORAD, you know, click on.

50
00:06:46,270 --> 00:06:46,720
Yes.

51
00:06:49,350 --> 00:06:54,030
And he will use your scripts in this list here to analyze.

52
00:06:55,020 --> 00:06:58,050
So no need to change anything, just clean, analyze

53
00:07:00,990 --> 00:07:07,290
and you can see on the bottom right the process and yes, finish analyzing.

54
00:07:09,150 --> 00:07:18,150
Now, this is the Ghidorah called browser, and you have a few panelists left in the program, trees.

55
00:07:19,080 --> 00:07:26,880
The program tree shows you the entire summary of the Pinery cell and the various sections.

56
00:07:29,060 --> 00:07:38,520
The second Bengalese Yoshimori, which contains all the functions as well as other symbols, libraries,

57
00:07:38,730 --> 00:07:48,270
important libraries, export to libraries, functions, LeBeau's classes, even spaces.

58
00:07:52,710 --> 00:08:00,630
And the bottom panel shows you don't get attacked and you can use this to make sense of the very structures

59
00:08:00,870 --> 00:08:08,960
inside the binary cell and in the center panel, we have to assess disassembly listing.

60
00:08:10,230 --> 00:08:11,880
And this is what it looks like.

61
00:08:13,000 --> 00:08:16,010
This is only for their binary self.

62
00:08:18,090 --> 00:08:29,190
And you will notice that it contains a first column will be your memory address, followed by the bite's.

63
00:08:32,030 --> 00:08:37,990
And then you have other information like symbolist as well as you can see in.

64
00:08:41,970 --> 00:08:45,070
And all of this came renamed as you analyze it.

65
00:08:45,360 --> 00:08:48,800
He will name so that it makes more sense and easier, certainly.

66
00:08:51,540 --> 00:08:59,850
On the right panel decompiled, we know this will try to compile the courtroom here into see language,

67
00:09:01,380 --> 00:09:07,370
Higginbottom is a counsel for scripting to Istana.

68
00:09:07,680 --> 00:09:14,060
We want to look for a main function, so we go to the functions.

69
00:09:14,730 --> 00:09:24,180
Sematary functions for the next painting and then we scroll down and start looking for a function,

70
00:09:24,570 --> 00:09:29,810
main function and click on and you will disassemble.

71
00:09:29,810 --> 00:09:32,730
They show you the result here and function.

72
00:09:33,930 --> 00:09:37,530
You even give you a C function name.

73
00:09:38,310 --> 00:09:43,740
And on the right here is a corresponding combat mission in C language.

74
00:09:44,810 --> 00:09:53,910
This media refers to this mission which refers to entire starting from here until the written.

75
00:09:54,170 --> 00:10:04,640
And then you start another new function here all the way to return to the end of the code here.

76
00:10:05,220 --> 00:10:08,280
This time the function in here and on and on.

77
00:10:08,940 --> 00:10:14,370
So he function that he has detected, you can click on it.

78
00:10:14,370 --> 00:10:14,850
And you.

79
00:10:16,580 --> 00:10:18,260
In this part of you.

80
00:10:19,340 --> 00:10:23,240
So basically, this is how you used use.

81
00:10:25,040 --> 00:10:28,390
And on top, here are the features you should be using.

82
00:10:28,650 --> 00:10:29,040
Go on.

83
00:10:30,260 --> 00:10:32,370
So that's all for this lesson.

84
00:10:32,390 --> 00:10:41,670
I just want to introduce you to the workflow that could be using then doing reversing in after doing

85
00:10:41,670 --> 00:10:42,410
the analysis.

86
00:10:42,680 --> 00:10:51,260
If you want to close it, you can click on the exit to close it is to ask you whether you want to see

87
00:10:51,980 --> 00:10:54,590
the poncy I say is up to you.

88
00:10:55,580 --> 00:10:59,260
So you'll see it now.

89
00:10:59,540 --> 00:11:01,020
Yeah, I see.

90
00:11:02,720 --> 00:11:04,810
So this is how we use mirror.

91
00:11:05,720 --> 00:11:11,150
So we will continue with reversing in this house here in.