back

Cyber Necromancy

Reverse Engineering Dead Protocols

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:55:55
Language
English
Abstract
Reverse engineering is not all binaries and byte-code. The black art also extends to networks and unobtainable game servers. In this talk we go into the gruesome details of how we dug through the graveyards of console binaries and mausoleums of forgotten network protocols in order to stitch together the pieces necessary to bring our favorite game Metal Gear Online back to life.

We will be examining the process of reverse engineering the games custom network protocols in all angles from packet logs to low level disassembly of client code.

In this presentation we will be discussing the path we took to successfully develop our own private server for Metal Gear Online on the Sony PlayStation 2 and PlayStation 3 video game consoles. Interestingly enough this was a private server that was developed after the original was already taken offline, so we did not have a live active server to help with the reverse engineering. Due to this we ran into some issues but ultimately succeeded. We believe that the details of the techniques that we used will prove useful for anyone attempting similar actions in the future. The topics that we will discuss in this talk will cover a wide range of high and low level issues related to network protocol and binary reversing.

We will begin with an overall survey of the general problems faced by anyone attempting this type of work. The talk will quickly delve from the high-level and simple issues into the more technical aspects of reverse engineering in the blind. We will be including the techniques we used to determine the protocol and payload responses that the client was expecting. Describing in detail how we honed in on common traits that we expected to see on the network, using open source knowledge and binary level reverse engineering of client code to determine the expected response.

We expect the attendees of this talk to walk away with knowledge that will help them in the future when working on similar projects or any activities related to protocol reverse engineering.

Talk ID
5956
Event:
31c3
Day
2
Room
Saal 2
Start
2 p.m.
Duration
01:00:00
Track
Security & Hacking
Type of
lecture
Speaker
Joseph Tartaro
Matthew Halchyshak
Talk Slug & media link
31c3_-_5956_-_en_-_saal_2_-_201412281400_-_cyber_necromancy_-_joseph_tartaro_-_matthew_halchyshak
English
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%
  

Work on this video on Amara!

English: Transcribed until

Last revision: 9 months, 3 weeks ago