FLARE Script Series: Reverse Engineering WebAssembly Modules Using the
idawasm IDA Pro Plugin
This post continues the FireEye Labs Advanced Reverse Engineering
(FLARE) script series. Here, we introduce idawasm, an IDA Pro plugin
that provides a loader and processor modules for WebAssembly modules.
idawasm works on all operating systems supported by IDA Pro, and can
be obtained from the idawasm GitHub project.
You may have competed in this year’s Flare-On
challenge and reached the fifth level only to discover a new file
format: a WebAssembly (“wasm”) module. In order to proceed, you had to
reverse engineer the key check logic contained in this...