Ethereum/EVM Smart Contract Reverse Engineering & Disassembly – Blockchain Security #3

­čôą Download the slides: https://academy.fuzzinglabs.com/introduction-to-ethereum-security?coupon=youtube

Today I’m showing how EVM disassembly works and how to reconstruct the control flow graph (CFG) of an Ethereum smart contract when you only have access to the bytecode (closed-source). It’s really useful when you’re looking to analyze in-depth a contract at the EVM assembly level.

#Reversing #Ethereum #EVM

00:00 Introduction
02:04 Introduction to EVM reversing
05:08 Bytecode disassembly
07:26 Control Flow Graph (CFG) reconstruction
13:26 Fonctions identification
16:55 Functions name recovery
19:54 Example with the Bored Ape (BAYC) contract
22:46 Why use reverse engineering on Ethereum smart contract?
24:46 Bytecode optimization
27:25 Smart contract Post-mortem analysis
28:46 Conclusion

Links:

Introduction to Ethereum: https://academy.fuzzinglabs.com/introduction-to-ethereum-security?coupon=YOUTUBE
Video Devcon4: https://archive.devcon.org/archive/watch/4/reversing-ethereum-smart-contracts-to-find-out-whats-behind-evm-bytecode/?playlist=Devcon%204&tab=YouTube
Bored Ape (BAYC) contract: https://etherscan.io/address/0xbc4ca0eda7647a8ab7c2061c2e118a18a936f13d#code
Ethereum Signature Database: https://www.4byte.directory/
https://ethervm.io/decompile/0xBC4CA0EdA7647A8aB7C2061c2E118A18a936f13D#0175

==== ­čĺ╗ FuzzingLabs Training ====

C/C++ Whitebox Fuzzing: https://academy.fuzzinglabs.com/c-whitebox-fuzzing?coupon=youtube
Rust Security Audit and Fuzzing: https://academy.fuzzinglabs.com/rust-security-audit-and-fuzzing-training?coupon=youtube
WebAssembly Reversing and Dynamic Analysis: https://academy.fuzzinglabs.com/wasm-security-reversing-dynamic-analysis?coupon=youtube
Go Security Audit and Fuzzing: https://academy.fuzzinglabs.com/go-security-audit-and-fuzzing?coupon=youtube

==== ­čŽä Join the community ====

https://academy.fuzzinglabs.com/fuzzing-labs-community

==== ­čôí Socials ====

Twitter: https://twitter.com/FuzzingLabs
Telegram: https://t.me/fuzzinglabs

Keywords: Reversing, Reverse Engineering, EVM, Ethereum Smart contract, Solidity, Disassembly, Decompilation, EVM bytecode, opcode
Link to this video: https://youtu.be/I6VDBvX9Pkw

(Visited 6 times, 1 visits today)

You might be interested in

LEAVE YOUR COMMENT

Your email address will not be published.

eos
EOS (EOS) 1,22 ÔéČ 0,17%
aave
Aave (AAVE) 77,90 ÔéČ 1,43%
the-graph
The Graph (GRT) 0,104951 ÔéČ 1,25%
kusama
Kusama (KSM) 42,88 ÔéČ 2,33%
waves
Waves (WAVES) 4,01 ÔéČ 1,21%
dash
Dash (DASH) 42,74 ÔéČ 0,07%
bitcoin
Bitcoin (BTC) 19.743,37 ÔéČ 0,99%
ethereum
Ethereum (ETH) 1.366,46 ÔéČ 2,15%
cardano
Cardano (ADA) 0,458636 ÔéČ 0,84%
tether
Tether (USDT) 1,03 ÔéČ 0,03%
xrp
XRP (XRP) 0,487235 ÔéČ 5,88%
solana
Solana (SOL) 34,49 ÔéČ 2,62%
polkadot
Polkadot (DOT) 6,76 ÔéČ 5,26%
usd-coin
USD Coin (USDC) 1,03 ÔéČ 0,03%
dogecoin
Dogecoin (DOGE) 0,062936 ÔéČ 1,22%
uniswap
Uniswap (UNI) 6,06 ÔéČ 2,30%
terra-luna
Terra Luna Classic (LUNC) 0,000310 ÔéČ 42,25%
litecoin
Litecoin (LTC) 54,74 ÔéČ 0,96%
chainlink
Chainlink (LINK) 8,07 ÔéČ 0,27%
bitcoin-cash
Bitcoin Cash (BCH) 119,33 ÔéČ 1,21%
algorand
Algorand (ALGO) 0,377460 ÔéČ 5,49%
matic-network
Polygon (MATIC) 0,774185 ÔéČ 0,48%
stellar
Stellar (XLM) 0,117365 ÔéČ 4,15%
cosmos
Cosmos Hub (ATOM) 14,36 ÔéČ 2,46%
filecoin
Filecoin (FIL) 5,85 ÔéČ 1,99%
tron
TRON (TRX) 0,061450 ÔéČ 0,50%
ethereum-classic
Ethereum Classic (ETC) 29,15 ÔéČ 1,42%
dai
Dai (DAI) 1,03 ÔéČ 0,01%
tezos
Tezos (XTZ) 1,51 ÔéČ 0,83%
monero
Monero (XMR) 149,90 ÔéČ 2,29%