This is static copy of The Legend of Random as it was on Thu, 19 Sep 2013. Some of the links are not functional. View the source code on GitHub.

Tag: cracking

Tutorial #7: More Crackmes

Introduction

Welcome to Part 7 of  of R4ndom’s tutorials on Reverse Engineering. This time, we will be cracking two crackmes; one to re-iterate last tutorial’s concepts, and one that we are going to have a little fun with :) In the download of this tutorial, you will find these two crackmes as well as the program “Resource Hacker” that we will be using on the second crackme. You can also download this tool on the tools page.

You can download the files and PDF version of this tutorial on the tutorials page.

(continue reading…)


Tutorial #5: Our First (Sort Of) Crack

Introduction

In this tutorial we will be finishing up some last minute Olly things as we review a crackme. Well, sort of a crackme. It’s really just the program we used before but changed to ask for a serial number and displays either a good message if you get the serial right, or bad message if you get it wrong. I chose to do it this way, as opposed to jumping into a completely different crackme, because I want you to be able to focus on the serial checking routine, and not get bogged down in all off the other superfluous code. Next tutorial we will be going over a real crackme (I promise).

In this tutorial, all you need is OllyDBG (either my version or the original), and a copy of my revised crackme, which, by the way, I am calling the “First Assembly Kracking Engine”, or F.A.K.E. It is included in the files download for this tut. (and yes, Gdogg, I know kracking does not start with a ‘K’ :)

You can download the files and PDF version of this tutorial on the tutorials page.

Let’s get started.

(continue reading…)


Cracking in a Sandbox

I wanted to mention a tool that has helped me in cracking a great deal, but one that may not be associated with cracking per se – a sandbox. A sandbox, for those that don’t know, is a ‘virtual’ area set up on a computer to run apps in. This virtual area is separated from the system, meaning nothing done in a sandbox can effect your system, even though the program running in the sandbox doesn’t know this; it thinks it has full control over your system. The nice thing about a sandbox is that you can install and run an app, play with it, and after you’re done you can simply ‘empty the sandbox’ and there will be no remnants left on your computer. Sandboxes also add other features, like surfing the web and being able to delete all traces when you’re done, and opening malicious looking emails.

I personally use Sandboxie , though there are others . Sandboxie is free, though after a month displays a timed nag and only allows one virtual box at a time, but I don’t suppose too many of you reading this will have to worry about that ;) . Sandboxes are generally used in virus and malware research in order to protect your system from the virus changing anything or doing any damage. In this regard, a sandbox is similar to a virtual machine.

You may wonder what a sandbox has to do with reverse engineering binaries other than malware. Let me give you a couple examples:

Looking for Targets

When learning reverse engineering, you need to do a lot of experimenting. In order to experiment, you need binaries. After downloading several potential targets, I use Sandboxie to quickly install them, see what kind of protection elements they have, and use this to decide if I want to try reverse engineering them. Maybe you want practice on timed nags? Serial boxes? Internet serial checks? Running the app quickly in a sandbox can give you a good idea of what protection schemes are used. Without a sandbox running, you would need to install all of these binaries on your system, frying your registry, start menu, and God knows what else.

Finding Specific Protections

Sandboxes make it very easy to check what kind of protector/packer has been used on a binary. The way I do this is to install the app through the sandbox, and then after it’s installed, I copy just the exe file from the sandbox onto my (real) desktop. I can now run this exe through any packer/protector detectors or PE editors and I know what I’m in store for. I can even load it in a disassembler and get a quick overview. Don’t like Themida? Find out quickly (and without installing the app) if it’s used. Want to learn more about ASProtect? This is a simple way to go through several binaries quickly looking for one using this packer.

Deciding If It’s Worth Cracking

Sometimes you need a specific type of program and you don’t necessarily want to pay for it ;) . Well, sandboxes are a great (and fast) way to sift through downloaded binaries to see 1) if they’re even worth cracking and 2) how tough the cracking is going to be. I usually find that when I am looking for a specific type of program, I may as well pick one without any protection or that has a protector/protection scheme that I am good at (or maybe one I’m bad at to learn how to unpack it :) ) and also a program actually worth owning. I find that I will download 10 trial applications. 5 will be useless pieces of crap. 2 Will not even do what the app says it’s supposed to. And the last 3 will use varying degrees of protection schemes. If I’m in a hurry, I’ll pick the easiest. If I want a challenge, I’ll pick a harder one. Can you imagine going through this without a sandbox, installing 9 applications that you will immediately uninstall? Yikes.

 

I hope I have talked you into at least trying a sandbox. They have truly made my reverse engineering life easier.

Random


Tutorial #2 : Intro To Olly Debug

What is Olly Debugger?

From the author, Oleh Yuschuk, “OllyDbg is a 32-bit assembler level analysing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable. ” Olly is also a “dynamic” debugger, meaning it allows the user to change quite a few things as the program is running. This is very important when experimenting with a binary, trying to figure out how it works. Olly has many, many great features, and that is why it is probably the number one debugger used for reverse engineering (at least in ring 3, but we’ll get to that later.)

(continue reading…)


Tutorial #1 : What is Reverse Engineering

What is reverse engineering?

Reverse engineering is the process of taking a compiled binary and attempting to recreate (or simply understand) the original way the program works. A programmer initially writes a program, usually in a high-level language such as C++ or Visual Basic (or God forbid, Delphi). Because the computer does not inherently speak these languages, the code that the programmer wrote is assembled into a more machine specific format, one to which a computer does speak. This code is called, originally enough, machine language. This code is not very human friendly,  and often times requires a great deal of brain power to figure out exactly what the programmer had in mind.

(continue reading…)


Copyright © 1996-2010 The Legend Of Random. All rights reserved.
Jarrah theme by Templates Next | Powered by WordPress