IntroductionThis blog post is intended for folks who are interested in reverse engineering security patches, but don’t have access to expensive tools such as IDA Pro to perform such tasks. First off, we will create a program that introduces a common bug class such as buffer overflow and then patch said bug. Once done, we will use BinExport for Ghidra to export both versions of the program and then use BinDiff to analyze the patch. By the end of this blog post, you should be somewhat comfortable investigating patches using BinDiff.

IntroductionThis blog post is intended for folks who are interested in reverse engineering security patches, but don’t have access to expensive tools such as IDA Pro to perform such tasks. First off, we will create a program that introduces a common bug class such as buffer overflow and then patch said bug. Once done, we will use BinExport for Ghidra to export both versions of the program and then use BinDiff to analyze the patch. By the end of this blog post, you should be somewhat comfortable investigating patches using BinDiff.