TLS Callbacks (2012)

The author discusses the challenges faced by reverse engineers in patching apps, often requiring low-level understanding and reverse engineering of unknown packers. The tutorial focuses on Thread Local Storage (TLS) callbacks, explaining how threads access shared memory and the benefits of concurrency in applications. The tutorial includes analysis of binaries with TLS directories, demonstrating how TLS callbacks can be used for anti-debugging measures. Multiple TLS callbacks and dynamically created callbacks are also explored, showcasing complex scenarios and challenges for reverse engineers. The tutorial provides insights into investigating and understanding TLS callbacks, culminating in steps for creating a custom binary with a TLS callback for further exploration.

https://legend.octopuslabs.io/archives/2418/2418.htm

To top