Ethereum/EVM Smart Contract Reverse Engineering & Disassembly – Blockchain Security #3

­čôą Download the slides: https://academy.fuzzinglabs.com/introduction-to-ethereum-security?coupon=youtube

Today I’m showing how EVM disassembly works and how to reconstruct the control flow graph (CFG) of an Ethereum smart contract when you only have access to the bytecode (closed-source). It’s really useful when you’re looking to analyze in-depth a contract at the EVM assembly level.

#Reversing #Ethereum #EVM

00:00 Introduction
02:04 Introduction to EVM reversing
05:08 Bytecode disassembly
07:26 Control Flow Graph (CFG) reconstruction
13:26 Fonctions identification
16:55 Functions name recovery
19:54 Example with the Bored Ape (BAYC) contract
22:46 Why use reverse engineering on Ethereum smart contract?
24:46 Bytecode optimization
27:25 Smart contract Post-mortem analysis
28:46 Conclusion

Links:

Introduction to Ethereum: https://academy.fuzzinglabs.com/introduction-to-ethereum-security?coupon=YOUTUBE
Video Devcon4: https://archive.devcon.org/archive/watch/4/reversing-ethereum-smart-contracts-to-find-out-whats-behind-evm-bytecode/?playlist=Devcon%204&tab=YouTube
Bored Ape (BAYC) contract: https://etherscan.io/address/0xbc4ca0eda7647a8ab7c2061c2e118a18a936f13d#code
Ethereum Signature Database: https://www.4byte.directory/
https://ethervm.io/decompile/0xBC4CA0EdA7647A8aB7C2061c2E118A18a936f13D#0175

==== ­čĺ╗ FuzzingLabs Training ====

C/C++ Whitebox Fuzzing: https://academy.fuzzinglabs.com/c-whitebox-fuzzing?coupon=youtube
Rust Security Audit and Fuzzing: https://academy.fuzzinglabs.com/rust-security-audit-and-fuzzing-training?coupon=youtube
WebAssembly Reversing and Dynamic Analysis: https://academy.fuzzinglabs.com/wasm-security-reversing-dynamic-analysis?coupon=youtube
Go Security Audit and Fuzzing: https://academy.fuzzinglabs.com/go-security-audit-and-fuzzing?coupon=youtube

==== ­čŽä Join the community ====

https://academy.fuzzinglabs.com/fuzzing-labs-community

==== ­čôí Socials ====

Twitter: https://twitter.com/FuzzingLabs
Telegram: https://t.me/fuzzinglabs

Keywords: Reversing, Reverse Engineering, EVM, Ethereum Smart contract, Solidity, Disassembly, Decompilation, EVM bytecode, opcode
Link to this video: https://youtu.be/I6VDBvX9Pkw

(Visited 36 times, 1 visits today)

You might be interested in

LEAVE YOUR COMMENT

Your email address will not be published. Required fields are marked *

eos
EOS (EOS) 0,855716 ÔéČ 0,23%
aave
Aave (AAVE) 58,92 ÔéČ 0,97%
the-graph
The Graph (GRT) 0,118720 ÔéČ 1,20%
kusama
Kusama (KSM) 26,21 ÔéČ 3,68%
waves
Waves (WAVES) 1,63 ÔéČ 1,04%
dash
Dash (DASH) 40,25 ÔéČ 0,59%
bitcoin
Bitcoin (BTC) 25.370,18 ÔéČ 0,02%
ethereum
Ethereum (ETH) 1.775,74 ÔéČ 0,17%
cardano
Cardano (ADA) 0,355155 ÔéČ 0,95%
tether
Tether (USDT) 0,932297 ÔéČ 0,01%
xrp
XRP (XRP) 0,500337 ÔéČ 2,94%
solana
Solana (SOL) 20,52 ÔéČ 3,98%
polkadot
Polkadot (DOT) 4,98 ÔéČ 1,11%
usd-coin
USD Coin (USDC) 0,932202 ÔéČ 0,02%
dogecoin
Dogecoin (DOGE) 0,067931 ÔéČ 0,09%
uniswap
Uniswap (UNI) 4,69 ÔéČ 1,08%
terra-luna
Terra Luna Classic (LUNC) 0,000097 ÔéČ 21,94%
litecoin
Litecoin (LTC) 89,08 ÔéČ 1,02%
chainlink
Chainlink (LINK) 6,07 ÔéČ 1,28%
bitcoin-cash
Bitcoin Cash (BCH) 108,68 ÔéČ 1,31%
algorand
Algorand (ALGO) 0,142589 ÔéČ 0,13%
matic-network
Polygon (MATIC) 0,840072 ÔéČ 0,30%
stellar
Stellar (XLM) 0,086507 ÔéČ 0,26%
cosmos
Cosmos Hub (ATOM) 10,06 ÔéČ 1,25%
filecoin
Filecoin (FIL) 4,47 ÔéČ 2,26%
tron
TRON (TRX) 0,076281 ÔéČ 1,28%
ethereum-classic
Ethereum Classic (ETC) 16,97 ÔéČ 0,01%
dai
Dai (DAI) 0,932238 ÔéČ 0,08%
tezos
Tezos (XTZ) 0,861239 ÔéČ 1,40%
monero
Monero (XMR) 139,28 ÔéČ 1,56%