Cyber Necromancy: Reverse Engineering Dead Protocols

Presented at 31C3 (2014), Dec. 28, 2014, 2 p.m. (60 minutes).

Reverse engineering is not all binaries and byte-code. The black art also extends to networks and unobtainable game servers. In this talk we go into the gruesome details of how we dug through the graveyards of console binaries and mausoleums of forgotten network protocols in order to stitch together the pieces necessary to bring our favorite game Metal Gear Online back to life.

We will be examining the process of reverse engineering the games custom network protocols in all angles from packet logs to low level disassembly of client code.

In this presentation we will be discussing the path we took to successfully develop our own private server for Metal Gear Online on the Sony PlayStation 2 and PlayStation 3 video game consoles. Interestingly enough this was a private server that was developed after the original was already taken offline, so we did not have a live active server to help with the reverse engineering. Due to this we ran into some issues but ultimately succeeded. We believe that the details of the techniques that we used will prove useful for anyone attempting similar actions in the future. The topics that we will discuss in this talk will cover a wide range of high and low level issues related to network protocol and binary reversing.

We will begin with an overall survey of the general problems faced by anyone attempting this type of work. The talk will quickly delve from the high-level and simple issues into the more technical aspects of reverse engineering in the blind. We will be including the techniques we used to determine the protocol and payload responses that the client was expecting. Describing in detail how we honed in on common traits that we expected to see on the network, using open source knowledge and binary level reverse engineering of client code to determine the expected response.

We expect the attendees of this talk to walk away with knowledge that will help them in the future when working on similar projects or any activities related to protocol reverse engineering.


Presenters:

  • Joseph Tartaro
    Joseph Tartaro is an experienced Senior Security Consultant at IOActive, where he proves his talents working with clients on network and application penetration tests. Tartaro is highly experienced with a wide range of security practices, passionate about hardware hacking, programming and all manners of exploitations. As a member of telephreak, he helps manage a VoIP PBX system for free public conferencing and communication. In his off time he enjoys working on emulations and ROM hacking of retro-video games.
  • Matthew Halchyshak
    Matthew Halchyshak is a security technician for Security Innovation with experience performing penetration tests and code reviews on applications ranging from mobile to server-side applications. Though having been interested in computer security from his youth he has moved through a number of career paths before finally getting into the security field including work as a magician and a field artillery soldier with the Canadian Army Reverse. In his off-time he enjoys the challenge of breaking captchas and writing bots for various applications and services.

Links:

Similar Presentations: