Reverse Engineering Malware on Linux with IDA Pro
The brief method. If I get good response to this post, I will put up a more detailed and in-depth look at malware reversing on Linux.
* Download IDA Pro (freeware)
* Install wine
* Install IDA Pro
* Start reversing
Download IDA Pro (freeware):
$ cd /tmp
$ wget http://188.8.131.52/files/idafree49.exe
$ sudo aptitude install wine
Install IDA Pro:
$ wine /tmp/idafree49.exe
$ wine "~/.wine/drive_c/Program Files/IDA Free/idag.exe"
-> Now open the malware binary and select the option for ELF executables
This post is a stub for a future longer version if anyone shows interest. I don't even know how many Linux Journal readers actually reverse malware on Linux...
Practical books for the most technical people on the planet. Newly available books include:
- Agile Product Development by Ted Schmidt
- Improve Business Processes with an Enterprise Job Scheduler by Mike Diehl
- Finding Your Way: Mapping Your Network to Improve Manageability by Bill Childers
- DIY Commerce Site by Reven Lerner
Plus many more.
- Handheld Emulation: Achievement Unlocked!
- Building a Multisourced Infrastructure Using OpenVPN
- Unikernels, Docker, and Why You Should Care
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- Happy GPL Birthday VLC!
- New Products
- Controversy at the Linux Foundation
- February 2016 Issue of Linux Journal
- diff -u: What's New in Kernel Development
- Giving Silos Their Due