Case on Reverse Engineering
TASK:Using the ASM code below describe all items in section "It is requested".There is no need for introductory part, please, get right to the analysis.Good quality and readable screenshots with description are a must.Attached document is a course material on Reverse Engineering for your convenience. In the end of the document there are practical cases examples.STATEMENTAn executable binary file has been obtained that, after its execution, shows a text with a numeric code. This code is generated from a text string stored in the binary itself.After listing the ASM code, the binary file was deleted and it is not possible to access it, only the ASM code copied at the end of the exercise.It is necessary to be able to reuse said code generation algorithm, which is why reverse engineering work is required to analyze the binary and reconstruct the source code in such a way that it can be modified and recompiled correctly.It is requested:1. Divide the code into basic blocks.Take into account the existing breaks within the function and divide the lines into basic blocks of code.2. Make the flow diagram with the basic blocks.Once the basic blocks of the previous exercise have been obtained, carry out the flow diagram by joining the basic blocks with arrows.3. Is there any control structure? Indicates which basic blocks are involved in it.4. Convert the complete code of the function to code C.With what you learned about code reconstruction, convert this main () function to C code.In <+36> the address of the string indicated in bold is loaded in eax ."3jd9cjfk98hnd"In <+110> the address of the string indicated in red is loaded in eax"[+] Generated code:% i \ n"5. Compile the generated code and indicate the resulting code after its execution. Compile in 32bits by adding the option -m32 as indicated in the following command:$ gcc source.c -o source.c -m32Once executed, a text will appear on the screen, indicating the complete text.6. Modify the source code in C, so that it generates a new code from another string.Modify the string <+36> in the C code, by the following string:"Congratulations!"Compile the C code, execute and indicate the complete text obtained.ASM code -x86 32 bitsDump of assembler code for function main:0x0000054d <+0>: read ecx, [esp + 0x4]0x00000551 <+4>: and esp, 0xfffffff00x00000554 <+7>: push DWORD PTR [ecx-0x4]0x00000557 <+10>: push ebp0x00000558 <+11>: mov ebp, esp0x0000055a <+13>: push ebx0x0000055b <+14>: push ecx0x0000055c <+15>: sub esp, 0x100x0000055f <+18>: call 0x450 <__ x86.get_pc_thunk.bx>0x00000564 <+23>: add ebx, 0x1a9c0x0000056a <+29>: mov DWORD PTR [ebp-0x10], 0x00x00000571 <+36>: read eax, [ebx-0x19a0]; "3jd9cjfk98hnd"0x00000577 <+42>: mov DWORD PTR [ebp-0x14], eax0x0000057a <+45>: sub esp, 0xc0x0000057d <+48>: push DWORD PTR [ebp-0x14]0x00000580 <+51>: call 0x3e0 <strlen @ plt>0x00000585 <+56>: add esp, 0x100x00000588 <+59>: mov DWORD PTR [ebp-0x18], eax0x0000058b <+62>: mov DWORD PTR [ebp-0xc], 0x00x00000592 <+69>: jmp 0x5ad <main + 96>0x00000594 <+71>: mov edx, DWORD PTR [ebp-0xc]0x00000597 <+74>: mov eax, DWORD PTR [ebp-0x14]0x0000059a <+77>: add eax, edx0x0000059c <+79>: movzx eax, BYTE PTR [eax]0x0000059f <+82>: movsx eax, al0x000005a2 <+85>: imul eax, DWORD PTR [ebp-0x18]0x000005a6 <+89>: add DWORD PTR [ebp-0x10], eax0x000005a9 <+92>: add DWORD PTR [ebp-0xc], 0x10x000005ad <+96>: mov eax, DWORD PTR [ebp-0xc]0x000005b0 <+99>: cmp eax, DWORD PTR [ebp-0x18]0x000005b3 <+102>: jl 0x594 <main + 71>0x000005b5 <+104>: sub esp, 0x80x000005b8 <+107>: push DWORD PTR [ebp-0x10]0x000005bb <+110>: read eax, [ebx-0x1992]; "[+] Generated code:% i \ n"0x000005c1 <+116>: push eax0x000005c2 <+117>: call 0x3d0 <printf @ plt>0x000005c7 <+122>: add esp, 0x100x000005ca <+125>: mov eax, 0x00x000005cf <+130>: read esp, [ebp-0x8]0x000005d2 <+133>: pop ecx0x000005d3 <+134>: pop ebx0x000005d4 <+135>: pop ebp0x000005d5 <+136>: read esp, [ecx-0x4]0x000005d8 <+139>: retEnd of assembler dump.