Reverse Engineering Malware on Linux with IDA Pro
The brief method. If I get good response to this post, I will put up a more detailed and in-depth look at malware reversing on Linux.
* Download IDA Pro (freeware)
* Install wine
* Install IDA Pro
* Start reversing
Download IDA Pro (freeware):
$ cd /tmp
$ wget http://22.214.171.124/files/idafree49.exe
$ sudo aptitude install wine
Install IDA Pro:
$ wine /tmp/idafree49.exe
$ wine "~/.wine/drive_c/Program Files/IDA Free/idag.exe"
-> Now open the malware binary and select the option for ELF executables
This post is a stub for a future longer version if anyone shows interest. I don't even know how many Linux Journal readers actually reverse malware on Linux...
- Smoothwall Express
- Machine Learning Everywhere
- Bash Shell Script: Building a Better March Madness Bracket
- Own Your DNS Data
- Simple Server Hardening
- Understanding OpenStack's Success
- From vs. to + for Microsoft and Linux
- The Weather Outside Is Frightful (Or Is It?)
- Understanding Firewalld in Multi-Zone Configurations
- Ensono M.O.