Reverse engineering challenge: I answered

Posted by: paradox

Reverse engineering challenge: I answered - 10/27/03 03:43 PM

reverse engineering is all about manipulating programs to do what you want.
e.g changing notepad to accept a bigger buffer and anything else you want..
What i've started you off on is serial fishing this is the best way to start
learning about debugging and deadlisting i'll explain it as we progress through
the tutorial..

w32dasm (debugger - good for deadlisting)
brain (not really required this time )
We begin by loading the program.. so we can check for error boxes and find
string refrences. Basically get a general idea of how the program works
and operates, in this case you just enter a serial and try register it..
Well we enter any random data we want '12t31t' for example..
then we click register an error box we write this down and then close the program
now we have a string refrence to work with..
So we load up w32dasm and then click on Dissasmbler in the menu you choose to
open a file to dissasemble
find your program and open it.. you will see it decompiling etc and giving you
asm instructions when its done, it should look like this
Disassembly of File: ugnuno.exe
Code Offset = 00001000, Code Size = 00002000
Data Offset = 00004000, Data Size = 00001000

Number of Objects = 0004 (dec), Imagebase = 00400000h

Object01: .text RVA: 00001000 Offset: 00001000 Size: 00002000 Flags: 60000020
Object02: .rdata RVA: 00003000 Offset: 00003000 Size: 00001000 Flags: 40000040
Object03: .data RVA: 00004000 Offset: 00004000 Size: 00001000 Flags: C0000040
Object04: .rsrc RVA: 00005000 Offset: 00005000 Size: 00028000 Flags: 40000040

if you dont see something like that and you see wingdings you will have to change your font
again click on Dissasmbler in the menu you choose to
font >
and just choose a font now that that is out of the way we want to get all the string refrences
to get these you click on the button next to the printer icon it says strn ref in blue text
click on that and a dialog pops up.. he what do you know the silly programmer has a string refrence
to the answer :| thats how simple it was just checking string refrences next i will go more indepth
and make it so you actually have to get the serial number out of the program.. and of course there
will be a tut at the end of the week to guide you through if you can't find the time to search for answers
Posted by: weeve

Re: Reverse engineering challenge: I answered - 11/25/03 05:32 PM

fun fun:) very informative. I was hoping this was on reverse social engineering, But there are many forms of engineering, and revere processes. Just as there are many names to a hacker, and many hackers who are un-named. Kinda like anyone on the human genome project is a hacker imo.