I've been on vacation this last week to celebrate my spouse's birthday and after a week of clearing my head with walks and solving murder mysteries , for the first time in maybe a few months my mind feels a little clearer. I hadn't noticed how draining my job has become over the past few years. Recently I've noticed myself getting stuck and befuddled, paralyzed by either too many e-mails to answer or simply no gumption to start any new tasks. Of course it's once I've started feeling a little better that I have to once again head off to the office.
I thought I'd use the last few moments of my vacation to write something as I'm pretty sure that once I get back to work I will be faced with distraction after distraction and put off writing a post for another few months at least. So I'm going to take this opportunity to put into writing some thoughts I've been having on my way to and from work about what kinds of skills I want to develop over the course of the coming year.
I'm known to jump around a lot with the things I get interested in. One month I want to deep-dive into the mathematics of cryptography, then the next I'm trying to develop my OSINT skills and on it goes until that familiar question creeps up: what am I doing with my life? That question stops me in my tracks a lot of the time. For the most part I don't really have much to show for the time I put into researching various topics and that bothers me a great deal. I want to be someone who does things and although I like knowing a lot about various topics, I want to be able to imagine some scenario where the knowledge I have can be applied.
That was one of the main reasons I started this blog in the first place; I wanted a place to create at the very least a written record of the time I spend. I also had a fairly vague notion in my head that the very task of writing blog posts would guide me to choose topics that are more clearly defined and also help me narrow down what I want to look into. For instance, "cryptography" is a broad topic, however a very specific cryptographic implementation or a cryptography CTF challenge, on the other hand, is something that I could fit neatly into a short blog post. Writing would hopefully keep me from wondering around.
This plan hasn't gone quite as I've hoped, partly due to my own poor writing abilities. Writing takes me a lot of time and even when I have the time to write, the text I produce is, in my opinion, of poor quality. Even writing this "short" blog post is going to push my bedtime well past midnight and leave me exhausted tomorrow. This places a severe limitation to what I write about or if I am going to write anything at all. Planning blog posts is fun, writing them isn't. I wish I was one of those people who loves to write, but I've come to learn that I'm not.
Getting back to what this post is supposed to be about, over the past few months I've been reading a lot about modern cryptography. I wanted to know how modern cryptography actually works and what kinds of things I could do with it. Regarding the former, I've learned a fair amount and I think I have a fairly basic grasp of how basic cryptographic schemes function along with some understanding of the mathematics underpinning them. The latter however, as in what I can do with this information, has left me pretty disheartened. There isn't a whole lot I've found I can do with knowing the ins and outs of how, for instance, RSA works. It's slowly dawned on me that any meaningful contribution to modern cryptographic systems is going to require trained mathematicians with PhD-level expertise. This is not to say that I have not gained valuable insights into how I can use cryptography. I feel that I have a fairly strong understanding of how to implement cryptographic solutions and know how to look for basic mistakes in how crypto systems are implemented, all of which are important skills. (You can even find a list of cryptographic best practises online now) They aren't just all that interesting to write about though. I wanted to find something to do with this information.
It was with this in mind that I began thinking about reverse engineering. Reverse engineering is basically about cracking open programs and seeing how they work. Knowing how to do it is a pretty sought after skill as it's a key component of malware analysis. One of the most devastating types of malware is ransomware, where a program encrypts all your files and only offers the decryption key after paying a ransom paid in cryptocurrency. Reading about this misuse of cryptography led me to the realization that I could maybe I could apply the things I learned about cryptography to open up and understand computer programs.
However going from general cryptography to reverse engineering is a major leap. I can barely write C programs and my knowledge of Assembly mostly comes from the games Human Resource Machine and TIS-100. I was in the grasp of panic as I began to think about the 5-10 years of programming experience that is usually considered the bare basic essentials to even break into this field. Despite this, I said 'fuck it' and started to look into how I could learn anything about RE.
I took a few course I found on Coursera that were helpful in the beginning and I was able to set up some of the tools I needed to start reversing. I began getting my footing, figuring out how Ghidra works and finding encouraging articles online . There's a lot to take in and this is just the very start. After a few months though, I have begun to feel like I am learning something. There are times when I catch myself actually reading and understanding Assembly code inside a disassembled program like a freaking robot. I feel like I'm getting closer to understanding what computers actually do, getting closer to those actual 1's and 0's. It's not like that every day and I find myself running into the safe havens video games offer many nights, but I try to keep myself coming back to the decompiler every chance I get.
Almost as if the Universe Itself wanted me to understand the mysteries of the processor, a YouTuber I follow called @jeFF0Falltrades began a new series called master0Fnone that goes over the basics of reverse engineering. It has everything I've been searching for in terms of content and materials and he presents it in a way that makes me think that I might actually have a chance at learning this. The thing that taught me the most though was the crackme program he created for the series. As he mentions in the video, the only way to learn reversing is to actualy do it and this crackme program focused my attention in a way I haven't experienced in many years. The program had a secret that I wanted to find and for weeks I couldn't let it go, every evening I thought about hitting the decompiler to try to look for it.
As I looked for more time to spend searching for the simple string of secret characters inside this program, the autopilot my brain has been on for so long disengaged and I began to see what I have actually been doing with my life; how I fill time with activities like video games or scrolling Reddit, or now that COVID restictions are mostly lifted, I now meet people more. These are good things and I have no plans to make any radical changes to my life schedule. I just want to balance it out with developing and applying myself more and that requires that I take more time out to prioritize this new interest of mine.
I also gained a new appreciationg fo how quickly time passes. I was hoping to solve the crackme within a week of the first videos being released, but days and weeks pasted me by and the Question started to haunt me again. It came to a head on Sunday and I forced myself to drop everything else and focus solely at this task at hand.
I am hoping to write more about the actual technical side of solving the crackme, but suffice to say I made it to the Wall of Fame. I wasn't sure I was going to make it at all, I spent so many hours going down stray paths that did not give me any answers but in the end I found what I was looking for. It was so rewarding I can't really put it into words. I found the secret.
Last week I read this funny post of Reddit about how the closest thing we have to magic in the modern world is electricity. For instance, if you put electricity into special rocks they begin to think, etc. What I've come to like about RE is that it has a magical quality to it, it's finding out how all these program we take for granted actually work and finding the secrets they might hold. Cracking them opening and finding the glowing magical energy they hold. I hope to soon have more to write about here in this blog of mine as more programs offer to relinquish their secrets.