Introduction to Reverse Engineering and Software Cracking
Reverse Engineering has actually been the main reason why i first began learning more about computers. The days when i would go about opening up hiew editor in order to change that little 74 opcode to 90 seem hilarious at the time of writing this text, but i can understand all those people who just begin learning more about software cracking.
In this little post, i will be explaining some of the important aspects of the trade. In the next posts to come at this blog, i will also be taking some hands on approach, showing you how to crack real protections. For starters, though, i want to make a short introduction to the history of this fascinating scene and then i will describe the tools needed in order to crack efficiently and also what knowledge you would need to obtain to do so.
A brief History About Reverse Engineering on My Time
I started learning reverse engineering about 10 years ago. At that time, the scene was pretty much scarce due to the fact that the awesome +Fravia website has been frozen. In case you don’t know about it, +Fravia was one of the most important figures in the reverse engineering world (sadly he died some months ago). He created what was the greatest reverse engineering website with tons of information about reverse engineering and really transformed this trade to an art. After some years of worldwide success, one of the contributors and creators of this community, +ORC, vanished from the scene and +Fravia froze his website and created a new one about online searching techniques. Luckily, you can still find the incredibly knowledge of the +Fravia’s website as a mirror, courtesy of Woodmann.
Some years later, professor Thorsten Schneider (aka Zero), along with other great reversers like +Q and Daemon, created REA, the reverse engineering academy that was actually a contest of incredible crackmes and reversemes that crackers would solve to gain points in a hall of fame system. I must admit that this academy was really a state of the art creation and taught me many things along the way and also gave me the chance to work along these great people in order to prepare the Reverse Engineering Academy 2. Unluckily, a sudden turn on profit didn’t really allow REA 2 to be a hit.
How to Begin to Learn Reverse Engineering – Knowledge You Need
Learning to reverse engineer is a long going process. Do not expect to learn every possible technique in a couple of months. Becoming a good reverser takes lots of time and practise and would definately need more than a couple of years before you feel really confident with any protection scheme.Luckily for new reversers, there are some steps that they can follow in order to start on the right track.
1. The First and Most Important Thing is to Master The Assembly Language
You will be doing lots of assembly debugging and you need to know the ins and outs of assembly code. As you learn more things about it, you will be more efficient in understanding the flow of code and thus more easily reversing protection schemes. A great online resource that you can use to learn more about assembly is the incredible Art of Assembly Language Programming by Randall Hyde.
2. You Will Need to Know How to Program
You may be wondering why you need to know how to program in order to be a reverser. The truth is that the more things you know about computer programming, the more competent a reverser you will be. This is mainly true because a programmer knows about the logical structure of programs and easily recognizes the important API functions that are responsible for protecting a certain binary.
3. You Need to Learn Windows Internals
If you will be reversing in the Windows operating system(which is highly likely the case), you will need to have a deep understanding of Windows internals in order to bypass some protections. For instance, in order to unpack an executable, you would need to know about the PE file format and Import Table Rebuilding (an advanced technique used to reconstruct a broken import table, usually dumped from memory). Then, you would also need to know about Structured Exception Handling (a trend in today’s protections). The list can keep growing easily with more generic knowledge such as cryptography or genetic algorithms. The more you know, the more efficient you will become.
The Tools of The Trade
In order to begin, you need to get a hand on the tools needed to do the job. There are literally dozens of tools that you can use for your reversing deeds, but luckily only a handful of them are really important. What you definately need is 4 things. A debugger, a disassembler, a pe editor and a hex editor.
1. The Debugger
When it comes to debugging there are actually 2 choices. Softice or OllyDbg. When i started learning more about reversing, Ollydbg was not created and the only choice was Softice, the popular system level debugger. While it still is a pretty good choice, people have turned to Ollydbg for lots of reasons. First of all, it is a GUI based user level debugger that is much easier to handle and is more convenient for usage from the reverser’s point of view.
2. The Disassembler
Again, the first disassembler that a new reverser uses, is most times Win32Dasm by Peter Urbanik. Then, as you begin to learn more, you need to use something more powerful. And when it comes to power, there is nothing better than the Interactive DisAssembler, the so called Datarescue’s IDA.
3. PE editor
For a PE editor, you can just choose to use whichever you like. Just make a search for “PE editors” and suit yourself.
4. Hex Editor
There are two popular choices for this. Hiew and Hex Workshop. The first is a command line based one, while the second one is a GUI based one. At my times, Hiew was the hex editor of choice but Hex Workshop is increasingly popular nowadays.
This concludes this introduction about reverse engineering. Hope that i managed to tell you some of the important things you will need to know in order to start learning about this fascinating art. If you feel like asking anything, please drop a comment below.
Loading ...
what if you’re on linux
well, linux is a totally different story. You’d have to be acquainted with gdb. While it’s not particularly difficult, working with a shell debugger is not my best. Even a simple stack overflow can be quite weird to analyze with gdb. For instance, disassembling the actual injected shellcode can go as much as “disas startoffset endoffset”. It is generally a quite tedious procedure and there have actually been times that i thought of writing a gui port for gdb.
Please help me about software cracking.
National Memory Screening DayFree, confidential mmeory screenings for anyone concerned about mmeory loss and early Alzheimer’s disease detection and intervention, sponsored by Visiting Angels in cooperation with the Alzheimer’s Foundation of America.WHEN:Tuesday November 13 2012Noon 4pmWHERE:Avalon Missionary Church. 1212 Lower Huntington Rd. Fort Wayne IN 46819INFO:National Memory Screening Day is an annual initiative of the Alzheimer’s Foundation of America (AFA). Visiting Angels is proud to be a partner in this important first step in finding out if someone has a mmeory problem, and in helping patients and families become aware of the resources and assistance that is available.While a mmeory screening is not a substitute for a consultation with a physician, it can help to determine whether additional testing is warranted. With as many as 5.1 million Americans living with Alzheimer’s disease, and many more with mild cognitive impairment and dementia, early detection and intervention can be critical to making informed decisions for greater health and quality of life.For more information on mmeory screening and resources to assist with ageing in place, cognitive impairment, mild dementia, or Alzheimer’s disease, contact Visiting Angels at 260-482-CARE (2273).
Sure, i’d love to help, but do you have any particular question ?
Try securitytube.net It has some great Assembly Primer videos for linux and windows.
Can you plz help me cracking tridef 3d softwares?
Niladri, i can help with some particular question but not crack something for you, sorry.
i need help. i see lots of things about image base ,some kernel32.dll ,offsets etc etc. where can i extract all these information? windows internals? PE? you have any book to recommend?
Hello nore, yes all this information is specific to a PE file. You should get a PE Editor and checkout those values and i would also suggest that you take a close look at the portable executable specification and more importantly understand how the import table works.
thanks a lot Spyros.and if you are greek : Euxaristo poli.
and something else.i read that book “art of assembly” (some parts, not all) but i dont recommend it so much because its some high lvl version of assembly and its only usefull to those that will program with assembly and they want to make a faster application with less code writing but of course i have not read it all so i dont know how this will help much better than any else book in “pure” assembly for reverse engineering. for example we extract a dissassembly representation of a binary code and we taking a look inside to all those details, function prologues/epi.. , switch statements , loops and all that and is not so similar to the assembly of randall’s books with macros. i know many ppl recommend this book in forums and all that but i saw a specific article in stack overflow that this is book is just another flavor of assembly with macros ,nasm,tasm.
so my question is : are you sure that we need to read this book?have you read it?is it better than others in the subject?
and again thanks a lot for this usefull information.
Hello nore yes i’m greek
Parakalo !
I know what you say about high level assembly. However, i am not talking about this book. Randall Hyde has previously written an older about that is plain assembly. I wouldn’t recommend HLA for any reason, i agree with you. I don’t really know if the older Art of Assembly is available, but this one was a masterpiece.
I’m talking about this one : http://maven.smith.edu/~thiebaut/ArtOfAssembly/artofasm.html
If you have the time and want to learn more about assembly, by all means read it. I’ve actually read like 3/4 of AOA when i was a kid ( i was kinda passionate about asm and reversing).
And when you feel competent with asm and an assembler like nasm or masm, be sure to check +Q’s article about dynamic lock and unlock of functions using masm macros. It will inspire you a lot
It would be nice to have this discussion in a separate place, i really have to create a forum to discuss such interesting matters.
you ROCK mate. thanks a lot for replying.im already on my way for reverse engineering so if you are about to create a forum on the subject plz let me know.
what programming language is good for crack?
@masoud :
Assembly programming is a must for reversers. It’s definitely a language that you will have to master. Then, C++ is also a good addition in a reverser’s arsenal, because it helps you to better understand the structures of well known compilers like VC++.
I once made a C++ in chemistry class. I asked teach … hell why dont you just gimme a good B. HAha.
No seriously … I’ve always been interested in reverse engineering and played with softice application. Thats a tuff program. But I did learn and actually made a few jumps.
Looking forward too learning more here and back in the game.
Hi admin. I am new to reverse engineering & I’m trying to crack a software using ollydgb.But my effort is in vain cause I don’t even understand the coding in hexas & also I have no knowledge of software development.I think you can Help & teach me to crack this software.Waiting for your response.
Hello admin I was wondering if you take projects as a freelancer? If so please email me and I will fill you in with the details …its a $500 project.
@dbeezer99 : Not really but thank you for the offer
Hello admin can u suggest me where i can find some software to crack it ,it will be of great help..
Hello admin,
How do I learn the windows internal, can you suggest some books…
Thanks
@Abhishek : Petzold’s book on Windows Programming is probably the best resource that I would definitely suggest.
hey im living in guyana that south america they block us from certain part of the internet and they dont teach about any of these stuff………. but i met up with a friend from England and the guy was talking but cracking and those stuff im really interested in it since i learn how to used those puny debugger like fiddler and those think iv’e been so excited but learning more if u can help me im be really great….so plz hit me up as soon as possible
Hello Admin,
The post was awesome. I know I am replying to a three year old post but i guesss it is better to start late than never. I would like to know in more detail about all the stuff presented here so do you have any site that you can recommend or any books that helps me keep up with the current development?
Thanks in advance
@John Rodriguez : It’s important to learn assembly first. Randall Hyde’s first Art of Assembly book(NOT HLA) is in my opinion the best source. Then study basic protection systems by studying the +Fravia website or looking for Krobar’s frozen pages and more in Woodmann (http://www.woodmann.com/)
hi
well i need to learn cracking .. but i am confused where to start from .mean to say i know 0 about cracking NULL. but i have intrest in this field can ya let me know atleast where to start and what stuff do i need
cracking softwares protected with enigma protector and other things
ty
I am a new cracker i have cracked some small softwares and they are working.
i am having some problems in cracking a new software plz inbox me bcz complete brief disussion is required and i will also be able to ask whenever i have any problem.
i have cracked(extracted some keys for it) luxand blink pro(latest)
and also cracked some crackmes and small softwares.
plz help me and contact me ANY CRACKER and specially spyros at ziarehmaan[at]live.com!
Hey Admin , I am from lebanon and i was wondering where can i study Reverse Engeneering because here in lebanon we dont have this domain … So plz if anyone knows where can i learn this domain plz reply to my msg and how much does it cost
Pls,what publication can i use in learning about cracking
I remember REA. I joined and solved some of the first. then I got a job and forgot about it.
I was looking for it now many years later and I find nothing. so much has changed of course, x64, android, I guess those stuff are antiques now just like orcs dos stuff was back then.
do tell more about what happened to REA, and REA2. what does sudden turn on profit mean?
It was a really fun site and I think there should be one uptodate site like that!