As of 2024, most reverse engineers still struggle to statically reverse Rust binaries. Static RE tools are beginning to develop features for analyzing Rust, and tools for recovering Rust library function signatures now exist. However, even when function symbols and signatures are available, analyzing data flow in Rust binaries is not trivial. The Rust type system, standard library, and compiler differ in many ways from C and C++, making type recovery difficult even for experienced reverse engineers.
This workshop provides a guide for reverse engineers on reconstructing types in Rust binaries. We will cover the basic building blocks of the Rust type system, from both the Rust programmer's perspective and the Rust compiler's perspective. From the primitive types, we will move to constructing the layouts of common standard library types found in Rust binaries, including types used in string formatting and in error handling. We will also cover artifacts inside Rust binaries that give information about type layout - how to find them, how to use them, and where in the Rust toolchain they actually come from.
The goal for this workshop is to provide the audience with a solid mental model for the layouts of Rust types, and present bite-sized practical techniques for Rust structure recovery. The intended audience for this workshop is reverse engineers who are familiar with reversing C or C++ code, but who are unfamiliar with both developing and reversing Rust.