This article is dedicated to reverse engineer ie the art of cracking. Which is the form of the best known reverse. This article is adapted rather for beginners ...
Introduction:
In general, we define reverse engineering by the fact decompile a program, that is, which is translated
A language understandable by a machine-readable language and understandable by a human being.
In practice, reverse engineering is to analyze the operation of a program or device, or
Then stepping examining the results of its execution.
The rights of Reverse Engineering:
The right analysis:
A new right to analyze the software is provided by the law of 94. It is defined as one to observe, study or test the functioning of this software when the user performs any or all loading, displaying, execution, transmitting or storing the software.
It is therefore a right to reverse engineer, defined as the analysis of a system intended to seek its design principles. The analysis is allowed, as decompiling, if it does not cause prejudice the legitimate interests of the author, and does not affect normal operation of the program in accordance with international law .
Finally, the Act provides that any contractual provision contrary to that law is null and void. But the contract may determine the course of normal use of the software.
The right to decompilation:
Right to decompile the software, ie to try to find the source program from the object program is added to the condition that it is done for interoperability purposes. Decompilation should be used to interface the software with coordinating software, ie software allowing the joint between them. It should be limited to necessary parts for interfacing. Indeed, such decompilation raises significant concerns about the protection of the program.
While the law prohibits any stipulation that right the author may provide, by contract, to organize, in laying down a procedure for it, by the user, of his desire to decompile, followed by a communication useful interfaces and anchor points.
Since it is only permitted if the necessary information had not previously been readily available, it can not be considered indispensable within the meaning of the law in the case of a standardization of the software, d a publication or a response to an individual request.
What is reverse engineering:
Man is always very curious, he always wants everyone to know. Reverse engineering of this philosophy. The human being when software hands, he wants everyone to know it. Through reverse engineering, it will be able to understand how the software works.
Reverse engineering advances in programming. Through reverse engineering, the better we understand how our machine works, how to walk the software you use all the time. The reverse teach a large amount of information on programming.
Reverse engineering has no other use than teaching new knowledge. We use a lot of reverse engineering to avoid paying software. We call this technique cracking. That is to say that one unsealed software to find a way to bypass protections that have been taken by companies for their software that you pay. Protections can range from Serial (Code provides for purchase), or Nag-screnn (it is a window that displays to remind us to buy the software).
It can also be used reverse engineering to read file formats undocumented owners (we can quoted the MS-Word format) as well as to communicate through a secret protocol with a proprietary server (Samba software used to share files between different architectures via the SMB protocol is based entirely on reverse engineering).
By using reverse engineering techniques, we can understand the structure of such a document and convert it into an open format. Through this one can keep its documents even after obsolete systems used.
Many hardware manufacturers refuse to broadcast specifications of their equipment. Software developers must use reverse engineering to operate this equipment. These include graphics cards, the IBM BIOS ...
The Basics of reverse engineering:
And yes when you decompile a program, there was not a language such as C or Visual Basic. It's a little harder than that. When you decompile a program, the language that appears is the ASM, that is to say the assembler.
The assembly language is very similar to machine code (binary code 0 and 1). It therefore depends on the processor type. Thus there is no assembly language, assembly language but by processor type. But I'm not there to make you a yard on the assembly language. There is already a large number of site that is already done, so done a little research on the internet. For reverse engineering, we use many conditional jumps.
JNE Jump if not equal 75 or 85
J E Jump if equal 74 or 84
JMP Jumps EB or E9
JA Jump if above 0F87
JNA Jump if not above 0F86
JAE Jump if above or equal 0F83
JNAE Jump if not above or equal 0F82
JB Jump if below 0F82
JNB Jump if not below 0F83
JBE Jump if below or equal 0F86
JNBE Jump if not below or equal 0F87
JG Jump if greater 0F8F
JNG Jump if not greater 0F8E
JGE Jump if greater or equal 0F8D
JNGE Jump if not greater than or equal 0F8C
JL Jump if fewer 0F8C
JLE Jump if less than or equal 0F8D
JNLE Jump if not less than or equal 0F8E
NOP Do nothing 90 or 908F
Small table of assemblers jumps.
Tools:
The best disassembler is unequivocal Windasm, which runs on Windows.
You will also need a hex editor, so here I can not quote the name given the number there to you to make your choice.
Then you will need a debugger, the best is Soft Ice. But there are also OllyDbg.
These include lots of other very useful program in reversing as Procdump (detect when software is compressed), SmartCheck ...
And above all what it takes to succeed in the reverse engineering is not afraid to stay long, long time at your computer, trying to understand software.
In another article, we study further reverse engineering. I think we will study the Java reverse engineering that when you have the right tools is fairly simple.
Example of reverse engineering:
We will take all basic program coded in C by TheShade. That's what our program looks like, it sounds simple.
This program simply asks for a password. When our password is wrong, there are "Lost" that appears. If our password is right, then: "Congratulations!" That appears.
We will open our program W32Dasm which is one of the most powerful disassemblers. And we'll do a search of the word "Lost". For this you go to: Search> Find Text.
After doing research, we'll get here:
Here one can see something very interesting. We see that there is a jump address 004013DA happens here is to say that "Lost" will appear. We will go at 004013DA to see what looks like the jump.
We see at 004013DA the jump is a JNE ie if not equal and many jump at 00,401,413 (ie we jump to the display of "Lost"). Now what remains to do is change the JNE jump and J E. We will change the 7537 in 7437 with a hex editor. For this we will look at what offset with W32Dasm is our leap to change. You are going to look at the bottom of W32Dasm. This is what you should see:
What interests us is the offset, here it is: 000007DAh. We can therefore remove the 5 zero, and h. Our 75 change is therefore to offset 7DA. So we change the 75 to 74. With this change, we can return any password, "Well done!" Is always displayed.
Here is a simple example of reverse engineering, very basic.
Do not forget to share our Posts , it's the best support for us.
In general, we define reverse engineering by the fact decompile a program, that is, which is translated
A language understandable by a machine-readable language and understandable by a human being.
In practice, reverse engineering is to analyze the operation of a program or device, or
Then stepping examining the results of its execution.
The rights of Reverse Engineering:
The right analysis:
A new right to analyze the software is provided by the law of 94. It is defined as one to observe, study or test the functioning of this software when the user performs any or all loading, displaying, execution, transmitting or storing the software.
It is therefore a right to reverse engineer, defined as the analysis of a system intended to seek its design principles. The analysis is allowed, as decompiling, if it does not cause prejudice the legitimate interests of the author, and does not affect normal operation of the program in accordance with international law .
Finally, the Act provides that any contractual provision contrary to that law is null and void. But the contract may determine the course of normal use of the software.
The right to decompilation:
Right to decompile the software, ie to try to find the source program from the object program is added to the condition that it is done for interoperability purposes. Decompilation should be used to interface the software with coordinating software, ie software allowing the joint between them. It should be limited to necessary parts for interfacing. Indeed, such decompilation raises significant concerns about the protection of the program.
While the law prohibits any stipulation that right the author may provide, by contract, to organize, in laying down a procedure for it, by the user, of his desire to decompile, followed by a communication useful interfaces and anchor points.
Since it is only permitted if the necessary information had not previously been readily available, it can not be considered indispensable within the meaning of the law in the case of a standardization of the software, d a publication or a response to an individual request.
What is reverse engineering:
Man is always very curious, he always wants everyone to know. Reverse engineering of this philosophy. The human being when software hands, he wants everyone to know it. Through reverse engineering, it will be able to understand how the software works.
Reverse engineering advances in programming. Through reverse engineering, the better we understand how our machine works, how to walk the software you use all the time. The reverse teach a large amount of information on programming.
Reverse engineering has no other use than teaching new knowledge. We use a lot of reverse engineering to avoid paying software. We call this technique cracking. That is to say that one unsealed software to find a way to bypass protections that have been taken by companies for their software that you pay. Protections can range from Serial (Code provides for purchase), or Nag-screnn (it is a window that displays to remind us to buy the software).
It can also be used reverse engineering to read file formats undocumented owners (we can quoted the MS-Word format) as well as to communicate through a secret protocol with a proprietary server (Samba software used to share files between different architectures via the SMB protocol is based entirely on reverse engineering).
By using reverse engineering techniques, we can understand the structure of such a document and convert it into an open format. Through this one can keep its documents even after obsolete systems used.
Many hardware manufacturers refuse to broadcast specifications of their equipment. Software developers must use reverse engineering to operate this equipment. These include graphics cards, the IBM BIOS ...
The Basics of reverse engineering:
And yes when you decompile a program, there was not a language such as C or Visual Basic. It's a little harder than that. When you decompile a program, the language that appears is the ASM, that is to say the assembler.
The assembly language is very similar to machine code (binary code 0 and 1). It therefore depends on the processor type. Thus there is no assembly language, assembly language but by processor type. But I'm not there to make you a yard on the assembly language. There is already a large number of site that is already done, so done a little research on the internet. For reverse engineering, we use many conditional jumps.
JNE Jump if not equal 75 or 85
J E Jump if equal 74 or 84
JMP Jumps EB or E9
JA Jump if above 0F87
JNA Jump if not above 0F86
JAE Jump if above or equal 0F83
JNAE Jump if not above or equal 0F82
JB Jump if below 0F82
JNB Jump if not below 0F83
JBE Jump if below or equal 0F86
JNBE Jump if not below or equal 0F87
JG Jump if greater 0F8F
JNG Jump if not greater 0F8E
JGE Jump if greater or equal 0F8D
JNGE Jump if not greater than or equal 0F8C
JL Jump if fewer 0F8C
JLE Jump if less than or equal 0F8D
JNLE Jump if not less than or equal 0F8E
NOP Do nothing 90 or 908F
Small table of assemblers jumps.
Tools:
The best disassembler is unequivocal Windasm, which runs on Windows.
You will also need a hex editor, so here I can not quote the name given the number there to you to make your choice.
Then you will need a debugger, the best is Soft Ice. But there are also OllyDbg.
These include lots of other very useful program in reversing as Procdump (detect when software is compressed), SmartCheck ...
And above all what it takes to succeed in the reverse engineering is not afraid to stay long, long time at your computer, trying to understand software.
In another article, we study further reverse engineering. I think we will study the Java reverse engineering that when you have the right tools is fairly simple.
Example of reverse engineering:
We will take all basic program coded in C by TheShade. That's what our program looks like, it sounds simple.
This program simply asks for a password. When our password is wrong, there are "Lost" that appears. If our password is right, then: "Congratulations!" That appears.
We will open our program W32Dasm which is one of the most powerful disassemblers. And we'll do a search of the word "Lost". For this you go to: Search> Find Text.
After doing research, we'll get here:
Here one can see something very interesting. We see that there is a jump address 004013DA happens here is to say that "Lost" will appear. We will go at 004013DA to see what looks like the jump.
We see at 004013DA the jump is a JNE ie if not equal and many jump at 00,401,413 (ie we jump to the display of "Lost"). Now what remains to do is change the JNE jump and J E. We will change the 7537 in 7437 with a hex editor. For this we will look at what offset with W32Dasm is our leap to change. You are going to look at the bottom of W32Dasm. This is what you should see:
What interests us is the offset, here it is: 000007DAh. We can therefore remove the 5 zero, and h. Our 75 change is therefore to offset 7DA. So we change the 75 to 74. With this change, we can return any password, "Well done!" Is always displayed.
Here is a simple example of reverse engineering, very basic.
Do not forget to share our Posts , it's the best support for us.
I founded the Blog DepoTech in January 2015. Self-taught in development, I have always pushed my curiosity about the topics,Web and Tech news.
ConversionConversion EmoticonEmoticon