Reverse Engineering of a Rust program?

Hello,
Is it true that reverse engineering of a program that written in Rust-lang is easy because of Rust-lang product many debugging information?

Thank you.

Much of this debug info would goes away when you compile in release mode. The only debug info that doesn't go away in release mode are panic messages and symbol names. You have to manually run strip to remove the symbol names, just like with C and C++.

You can certainly turn off much debugging information, but I do not know how Rust compares to e.g. C++ in this area.

Who as said such a thing?

Given that one is releasing builds that are optimized (cargo build --release) and stripped, as one would do in C or C++, then I'm pretty sure reverse engineering the binary is going to be as hard as it is for C++ or C. After all the code is generated by LLVM as it is with Clang/LLVM.

It might even be harder. There is all kind of information in Rust source that disappears on the road to a binary. All the functional style constructs for a start. Not to mention everything to do with data aliases.

2 Likes

I'd assume macros like assert! result in a lot more source code visibility, even in release builds, than you'd get out of a similar C++ code.

Compiler output looks pretty impenetrable to me, might as well be C/C++. For example see here:

I must be crazy - for some reason I thought that assert would output the expression that failed.

That's not too weird - I've written assert-like macros that do exactly that, along with the values that appear in the expression.

Yeah, I think C assert implementations tend to do that. I'm not sure why I thought Rust did that.

Sorry, but to anyone experienced in reverse engineering, every program is easy to reverse engineer.

There was a similar thread a long time ago that regressed to something like discussion of cryptographic obfuscation. And if that sounds like a good idea, you might want to just stick with SaaS for both privacy and performance reasons.

2 Likes

The assert! macro does output the expression that failed. That gets optimized out in the example program above, however, because the optimizer can easily see that the assertion never fails.

3 Likes

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.