Reversing for dummies – x86 assembly and C code

I tried reversing a medium-complexity program, but after a long time of digging through seemingly nonsensical data structures, it seemed very clear to me that it was a C++ program and the pointery mess I was seeing was likely a result of classes and inheritance.<p>Has Ghidra gotten better at dealing with those, and is there a good tutorial how to best handle it?

If you haven’t tried it already, Compiler Explorer (<a href="https:&#x2F;&#x2F;godbolt.org&#x2F;" rel="nofollow">https:&#x2F;&#x2F;godbolt.org&#x2F;</a>) is a great way to “cheat” at learning reverse engineering. Why? Because you can control what the C code looks like, and it’ll show you the assembly to compare. Eventually you’ll get a feel for how compilers generate code for various operations.

I just for the life of me don&#x27;t think I&#x27;d ever be able to understand the x86 instruction set and truly get into reverse engineering. Most RE&#x27;s I&#x27;ve known have seemingly had immeasurably deep knowledge about everything from the x86 platform to OS API&#x27;s and their weird quirks (looking at you Windows)

Could someone add some references to more advanced reverse engineering resources? I was sold a bot that was closed source and ran it in a VM and then recompiled it using Ghidra. It ended up being malware because it tried to execute a function called sendToEmail() which basically just sent decrypted wallet info to the malware writers email address (hardcoded, of course).<p>I wasn&#x27;t able to arrive at this conclusion by reverse engineering the code - it only happened to crash suddenly when it started to execute the sendToEmail() function. (Lucky me!)

This is an excellent article with great simple tips, like highlighting most Calculator apps&#x27; hex mode and the mile-counter analogy. Great work by the author.