UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
Sponsored Links
Latest Postings
by Gremelin
10/05/15 06:01 PM
Latest Reviews
Topic Options
Rate This Topic
#26051 - 10/27/03 07:43 AM Reverse engineering challenge: I answered
paradox Offline

Registered: 08/28/03
Posts: 240
Loc: New Zealand
reverse engineering is all about manipulating programs to do what you want.
e.g changing notepad to accept a bigger buffer and anything else you want..
What i've started you off on is serial fishing this is the best way to start
learning about debugging and deadlisting i'll explain it as we progress through
the tutorial..

w32dasm (debugger - good for deadlisting)
brain (not really required this time )
We begin by loading the program.. so we can check for error boxes and find
string refrences. Basically get a general idea of how the program works
and operates, in this case you just enter a serial and try register it..
Well we enter any random data we want '12t31t' for example..
then we click register an error box we write this down and then close the program
now we have a string refrence to work with..
So we load up w32dasm and then click on Dissasmbler in the menu you choose to
open a file to dissasemble
find your program and open it.. you will see it decompiling etc and giving you
asm instructions when its done, it should look like this
Disassembly of File: ugnuno.exe
Code Offset = 00001000, Code Size = 00002000
Data Offset = 00004000, Data Size = 00001000

Number of Objects = 0004 (dec), Imagebase = 00400000h

Object01: .text RVA: 00001000 Offset: 00001000 Size: 00002000 Flags: 60000020
Object02: .rdata RVA: 00003000 Offset: 00003000 Size: 00001000 Flags: 40000040
Object03: .data RVA: 00004000 Offset: 00004000 Size: 00001000 Flags: C0000040
Object04: .rsrc RVA: 00005000 Offset: 00005000 Size: 00028000 Flags: 40000040

if you dont see something like that and you see wingdings you will have to change your font
again click on Dissasmbler in the menu you choose to
font >
and just choose a font now that that is out of the way we want to get all the string refrences
to get these you click on the button next to the printer icon it says strn ref in blue text
click on that and a dialog pops up.. he what do you know the silly programmer has a string refrence
to the answer :| thats how simple it was just checking string refrences next i will go more indepth
and make it so you actually have to get the serial number out of the program.. and of course there
will be a tut at the end of the week to guide you through if you can't find the time to search for answers
The wise make mistakes, the fools repeat them
When you have eliminated the impossible, that which remains, however improbable, must be the truth

Sponsored Links
#26052 - 11/25/03 09:32 AM Re: Reverse engineering challenge: I answered
weeve Offline
UGN Super Poster

Registered: 10/29/02
Posts: 616
Loc: The Beach
fun fun:) very informative. I was hoping this was on reverse social engineering, But there are many forms of engineering, and revere processes. Just as there are many names to a hacker, and many hackers who are un-named. Kinda like anyone on the human genome project is a hacker imo.
"Beware the Jabberwock, my son!
The jaws that bite, the claws that catch!
Beware the Jubjub bird, and shun
The frumious Bandersnatch!"


Featured Member
Registered: 04/29/15
Posts: 2
Forum Stats
2158 Members
46 Forums
41594 Topics
76769 Posts

Max Online: 1567 @ 04/25/10 02:20 AM
Top Posters
UGN Security 34756
Gremelin 7194
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Jan Havelles, Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit
2158 Registered Users
Who's Online
0 registered (), 241 Guests and 293 Spiders online.
Key: Admin, Global Mod, Mod
Latest News

  Get Firefox!
Get FireFox!