The aim of this assignment is to reverse-engineer a given Windows PE Executable. Every student is given her or his own executable. The archive with all the executables is attached to this assignment.
Download the executables.zip archive and unzip it somewhere. Inside you will find executable files with names like NNNNNNNN.exe, where NNNNNNNN is an 8-digit student ID number. Locate the EXE file with your student number - that is the file that you need to reverse engineer.
(For example if my student number was 13244589, I would need to choose file 13244589.exe)
You can use IdaPro Free, OllyDbg or any other software that you may find useful to accomplish reverse engineering.
Some .EXE files in the archive access an online repository. Pleae DO NOT try to access that service. The entire content of the repository is contained in the file online.zip attached to this assignment.
Expected outcomes:
You are expected to produce the report containing:
1. Summary of your approach to reverse engineering (1-2 pages max)
2. Variables defined in the program: their purpose, content, and structure
3. Overall algorithm of the program (a flow chart of the main() function).
4. Detailed de-obfuscation algorithm(s) of any data obfuscation function(s) that you may encounter, and the de-obfuscated data they produce. Here I need an equivalent C/Java code or detailed pseudo-code (at the byte manipulation level).
5. Algorithms of other (non-standard) functions comprising the program. This can be defined at the high level (i.e. a flow chart) in terms of what standard functions they call with what parameters and what effects these calls produce.
Attachment:- Assignment Files.rar