Introduction to Reverse Engineering and Software Cracking
Reverse Engineering has actually been the main reason why i first began learning more about computers. The days when i would go about opening up hiew editor in order to change that little 74 opcode to 90 seem hilarious at the time of writing this text, but i can understand all those people who just begin learning more about software cracking.
In this little post, i will be explaining some of the important aspects of the trade. In the next posts to come at this blog, i will also be taking some hands on approach, showing you how to crack real protections. For starters, though, i want to make a short introduction to the history of this fascinating scene and then i will describe the tools needed in order to crack efficiently and also what knowledge you would need to obtain to do so.
A brief History About Reverse Engineering on My Time
I started learning reverse engineering about 10 years ago. At that time, the scene was pretty much scarce due to the fact that the awesome +Fravia website has been frozen. In case you don’t know about it, +Fravia was one of the most important figures in the reverse engineering world (sadly he died some months ago). He created what was the greatest reverse engineering website with tons of information about reverse engineering and really transformed this trade to an art. After some years of worldwide success, one of the contributors and creators of this community, +ORC, vanished from the scene and +Fravia froze his website and created a new one about online searching techniques. Luckily, you can still find the incredibly knowledge of the +Fravia’s website as a mirror, courtesy of Woodmann.
Some years later, professor Thorsten Schneider (aka Zero), along with other great reversers like +Q and Daemon, created REA, the reverse engineering academy that was actually a contest of incredible crackmes and reversemes that crackers would solve to gain points in a hall of fame system. I must admit that this academy was really a state of the art creation and taught me many things along the way and also gave me the chance to work along these great people in order to prepare the Reverse Engineering Academy 2. Unluckily, a sudden turn on profit didn’t really allow REA 2 to be a hit.
How to Begin to Learn Reverse Engineering – Knowledge You Need
Learning to reverse engineer is a long going process. Do not expect to learn every possible technique in a couple of months. Becoming a good reverser takes lots of time and practise and would definately need more than a couple of years before you feel really confident with any protection scheme.Luckily for new reversers, there are some steps that they can follow in order to start on the right track.
1. The First and Most Important Thing is to Master The Assembly Language
You will be doing lots of assembly debugging and you need to know the ins and outs of assembly code. As you learn more things about it, you will be more efficient in understanding the flow of code and thus more easily reversing protection schemes. A great online resource that you can use to learn more about assembly is the incredible Art of Assembly Language Programming by Randall Hyde.
2. You Will Need to Know How to Program
You may be wondering why you need to know how to program in order to be a reverser. The truth is that the more things you know about computer programming, the more competent a reverser you will be. This is mainly true because a programmer knows about the logical structure of programs and easily recognizes the important API functions that are responsible for protecting a certain binary.
3. You Need to Learn Windows Internals
If you will be reversing in the Windows operating system(which is highly likely the case), you will need to have a deep understanding of Windows internals in order to bypass some protections. For instance, in order to unpack an executable, you would need to know about the PE file format and Import Table Rebuilding (an advanced technique used to reconstruct a broken import table, usually dumped from memory). Then, you would also need to know about Structured Exception Handling (a trend in today’s protections). The list can keep growing easily with more generic knowledge such as cryptography or genetic algorithms. The more you know, the more efficient you will become.
The Tools of The Trade
In order to begin, you need to get a hand on the tools needed to do the job. There are literally dozens of tools that you can use for your reversing deeds, but luckily only a handful of them are really important. What you definately need is 4 things. A debugger, a disassembler, a pe editor and a hex editor.
1. The Debugger
When it comes to debugging there are actually 2 choices. Softice or OllyDbg. When i started learning more about reversing, Ollydbg was not created and the only choice was Softice, the popular system level debugger. While it still is a pretty good choice, people have turned to Ollydbg for lots of reasons. First of all, it is a GUI based user level debugger that is much easier to handle and is more convenient for usage from the reverser’s point of view.
2. The Disassembler
Again, the first disassembler that a new reverser uses, is most times Win32Dasm by Peter Urbanik. Then, as you begin to learn more, you need to use something more powerful. And when it comes to power, there is nothing better than the Interactive DisAssembler, the so called Datarescue’s IDA.
3. PE editor
For a PE editor, you can just choose to use whichever you like. Just make a search for “PE editors” and suit yourself.
4. Hex Editor
There are two popular choices for this. Hiew and Hex Workshop. The first is a command line based one, while the second one is a GUI based one. At my times, Hiew was the hex editor of choice but Hex Workshop is increasingly popular nowadays.
This concludes this introduction about reverse engineering. Hope that i managed to tell you some of the important things you will need to know in order to start learning about this fascinating art. If you feel like asking anything, please drop a comment below.