Reverse Engineering Basics
ฝัง
- เผยแพร่เมื่อ 12 พ.ค. 2015
- Ian Guile is giving a presentation on the basics of reverse engineering windows applications, including an introduction into assembly.
ZIP folder containing files and tools:
drive.google.com/open?id=0B4O... - บันเทิง
![บุษบา - เมนทอล [Official MV]](http://i.ytimg.com/vi/IGnWPokSEis/mqdefault.jpg)
Holy sh..! I'm doing my first reverse engineering ctf now (on HTB), and after watching this, on the 48th minute mark, I finally understood how to get the password! The JMP trick is brilliant. So easy. Thank you for a brilliant explanation! Gonna keep watching.
Thank you for posting this. Very insightful!
Thank you this course is awsome to learn in just 2h
Amazing Seminar, Loved The Presentation
I just want to say thanks for this video.
Very Nice Tutorial! Or Presentation. Thanks!
Thanks for making this stuff
great work man, really liked it. subscribed for more, keep it going!
Where is app3 ? Its not in the zip folder
I learned this yesterday...I understand it a little....Hope after this video i know a little more
so what the result??? do u find it benefit u. if not i wont watch it
I can't see the jump line at all. What have I done wrong?
The spacing between the dot and the hex opcode (where the jump line is supposed to exist) is also a bit smaller than the one showed in the video and I don't find any arrow to increase its size.
This is awesome
*Audience:* What's a DWORD?
*Presenter:* Punches in "7BD6 D7C2" into calculator. "There you go. _That_ is a DWORD! Everyone got that? Cool!" 🤣
If I get protector as Armadillo(6.X-9,X), does it mean the software is packed with Armadillo?
19:25 Introduction to assembly.
"I'm not scared of failing; I'm fucking lazy" - Me.
Awesome !!!
Thank you!
Hi, could you add a link to neo editor? I've just tried to search in google, but I only found not official sites with this editor. They can be with malware.
can somebody explain to me what did he use detect it easy for in the 7th app ?
i don't quite get what he did
thanx man.
Fun fact, instead of changing the logic from the jump instructions you can also alter the zero flag. It would have also been helpful to teach them how to unpack within the debugger.
Nice
Hi Sir. Can extend expire date of dongle emulator image with your tools?
Is dumping a csgo cheat possible with IDA? I don’t have the DLL but I am trying to get it from the cheat loader and dnspy is not doing the trick.
How do you know which type of software/method shown to reverse engineer to use?
Good question!
hi, how decompile app and rerun in android studio , is there any links ?
Why does the ZIP folder of files and tools contain four (4) files infected with malware/viruses according to Symantec Endpoint Protection?
Im not going to get too shook up over this guy being a newby, sure there were a few faux pauxs but i found the demos useful.
Believing my password policy l entered different passwords within few days but l think hacker rejected my passwords.by their reverse engeneering process. Sometimes l forget my password due to trying of hard password. If reverse engeneering process make my password non active they can do destroyed my previous android micromaxQ382 with heavy virus by their reverse engeneering process. They also killed my small phone also. I request to CIA investigation process to execute my android with proper window connection l have no experience to connect window which can listening my own password only. I think their mashine to violet my password. Also they made my sim invalid with.the hacking purposes.
I am too poor to give money to international CIA investigation but l have a small property of faith to jeshu religion l have a cirtificate of catholic under mizo missionary this my only property. I want to connect phone pay but hacker did not accept my lP address. Sometimes they asked my bank account details. I believed them giving my bank details in their reverse engendered process my headen cv code is open in words l know they are hacking
@@pdhrubapadasingha4947 go and complain in cyber crime.
I use a different technique that works any time. I insert a tag word "EDOARDO!" on the registration and than I pause the program and I search it into memory. When I found that I put an hard breakpoint (memory break W/R) to that area, so i ca go directly to the code that handles the string. Its easy with those little "crackme" but In a big commercial program is a different matter. There is obfuscatrion, anti debugger code etc etc
could u help me cracking a program
cool!
This is dated information but remains relevant for introducing beginners to reversing.
+davidyanceyjr what about it is dated?
+kralalrulz It's 32 bit x86 assembly, there's no obfuscated code. Reversing a real world application - even 32 bit legacy code - obfuscation is prevalent. I didn't say it was irrelevant just dated. I did enjoy the video.
+Thomas Jefferson Incorrect dear sir. Calculus 1 will be relevant for eternity. 32 bit binary will be irrelevant in the next few years and 64 in less than 20 most likely.
Imposter!
+davidyanceyjr That's some nice info, is obfuscation make things significantly harder? what else is outdated? :)
If i have a demo program that gives 10 uses and also limits what the program outputs what would I do to expand this restriction? PM me for the application name if you can help me out please
What program is he using for the initial analysis ?
Immunity Debugger
How do you get malware from your own software exactly...?
the answer is late, but if you still want to know then the answer would be: Dirty code.
Yeah, I've followed a bunch of programming tutorials and I run Linux and they seem to work okay except for *insert thing works for the original poster * doesn't work for me and I get 1-2 syntax errors and find solutions for the syntax then boom the program works.
linux is da bomb
ahhhhh the hex editor way isnt working for me, ive changed the password and i still couldn't click on Submit (it didnt said "password is incorrect" it didnt let me clicked on it!) what should i do?
just press TAB till you focus on the "submit" button and then press spacebar ;)
This is so so good. It feels like reincartion of my cyber security career. Thank you so much.
And Mate can you please upload the tools and files again? It's a 404 error
well I didn't look much since I only wanted to get a glimpse and this probably isn't it but really now.. who would hardcode a password into an app? :)
There used to be some database related books("master sql in 24 hours" those sort) that had example of embbed pswd. And liveoverflow showed an actual example of it. I tell ya... there are lots of idiots programmers out there brewing future disasters.
yea maybe one day ı can join skidrow thanks for help
@no shows You're wasting your time, go to Google. Google's your best friend.
@no shows Go learn the basics of reverse engineering, then try cracking.
github.com/mytechnotalent/Reverse-Engineering
That's a complete course for you to start RE.
@no shows Yes, like when we say hacking is pentesting.
@no shows no
Wtf is with this dude
hey lost of fun, for once i could follow what was done.
how to remove anti debugger within the program?
Thank's for such a helpful video...Now i am lil bit more confident...Still n00b tho.
You can see the password on app 6 if you just look at the strings in the functions that was called, I saw it instantly. If you read the first letter of every string it says the password :P
why i can't press submit button in app2? it gets blocked when i pass the cursor over it
try using the "tab" key
Are you still alive?? If you are add more videos. Expecting a lot from you
well it wont let download the files...
Try DL in admin mod -_-
hi Dear, would you help to recover our PIN code on deapsea 7320 Generator??
it should be 4 decimal digits. for no limit trials.
the code is recorded into hardware memory of the device. thanks alot.
write a script that goes through it and brute force it, easier
Is there a video on the topic that's not over 20 minutes?
Nibbles are quite useful when dealing with aslr entropy :)
When I tried to install immunity it complains it can't find python27.dll
I finally got it to work by downloading the installer from their website and not from the link in this video. For some reason it didn't want to install python right or something.
Only watched the app6 part. And your solution of just patching the program is rarely valid in these challenges. But that shit was so easy anyway. First of all, those strings are not "encoded". They're simply an array of letters that the app uses to construct messages to print. It's just picking out letters from it when printing stuff. The array might as well have been a-z. The password you have to enter is not stored anywhere. Nor is it any one password but is any 6 letter string matching a certain pattern. All possible passwords can be brute-forced easily, within a couple of minutes. It must be 6 characters, must consist of only lower case letters where each letter means a=1,b=2,c=3, etc. Adding the value of the letters, they must sum 44, and must have a product of 16,200. Valid passwords include: atiefc, daoofc, eitfca, fetica, fydccc, ioleba, jolcca, lreeca, releca, tifeca, yfdccc. There are a total of 2640 possible passwords.
Hence the fucking name 'Reverse Engineering Basics'
hey a noob here ..but i love your videos.. im trynna download but the drive wont lemme .any idea how to download without it being flagged as malicious??
Nvm i got it
Czy jest możliwe złamanie programu który wymaga usb klucza podczas uruchamiania się????
it's not a program inside the operating system, if i understood you right, it happens during the initialization stage at the bios. maybe if you cleared CMOS/BIOS your problem will go away.
can you change the mnemonics on any exectuable program?
e.g. jne to jmp
JNE is not the same as JMP
JNE means Jump If Not Equal
Where as JMP literally means just jump.
@@MattZelda he knows that. He's asking whether you can change one into the other.
@@compilationsmania451 Why would you want to? They're completely different instructions.
@@MattZelda i guess what he wants to ask is whether there is a way to change particular statements in machine codes of executable programs to make it do something you want.
@@compilationsmania451 In that case, yes. You can patch an executable.
Can you add a link to this DIE software? unless that's an acronym -_-
Edit: Nvm, it's called Detect it easy... add that to the slide...
btw it is described in the first few mins of the presentation as detect it easy
I can't find string comparing in password can anyone help me how to bypass password
replace jne to jmp might help
need tutorial about virtual protect/alloc
app3 is missing!
sir plz upload more
怎么没人做中文的
hi my friend how can i reach you
sure sounds like samy giving the speech
William Langbehn yeah lol
I cant seem to crack a program i am trying to can you do it for me ?
Please the app3.exe is missing!!!
I had to stop the tutorial, until APP3 IS MISSING!!
Anyway thanks for the video I would like to finish it.
Anybody get a Trojan hit on App 7?
HatOfTricks nah. My AVG flagged it and was wondering if it was a false positive
AVG is known for false detections
He stressed to use a VM. Why didn't you? Did you think that advice didn't apply to you?
Christopher Gray i used avg for 3 months and it Always detected either trusted programs or my own ones... avg is trash
It never detected any real threats
I uninstalled avg and got malwarebytes and it detected like 5 PUPs and like 70 registry keys and a crypto Trojan and shit
AVG is basically adware
The steganography challenge was disappointingly unrealistic.
please expand your acronyms.
Haha. Debugging by dummies. Sorry, meant to say, "Debugging for dummies." Although it's quite entertaining to see him fumble all over the assembler code. Is there more videos like this?
Nope there aren't new videos from Layer 8
Only watch this if you're serious about cracking software and willing to spend a LOT of time learning and searching. First off, most programs worth owning are packed with a packer that obfuscates certain sections of code and it's a bitch to deal with this problem because the packers are constantly changing. Secondly, most of the auto unpackers are not updated, nor are packer identifiers such as PEiD or DIE described in this tute. So you have to unpack manually and create your own tools- another pain in the ass. This is always a cat and mouse game between reverser and programmer. Back in the 1990's there were rarely packed programs and cracking was easy. Now it's not worth it and spending hours living your life inside a debugger.
*Resolution : 720p50fps*
*Video : 10 fps*
Since it’s a good content; I’m not complaining xD
at time 1h 19m 59s. look at the first character in each string. it tells you the password.
the first character of each string is "password: !GOOD!!the password is: round1WOGNG !!!!"
so much for not decoding that. lol
The strings have absolutely nothing to do with the password you have to actually enter. The strings are a simple dictionary to print "password:" "GOOD!!" and "WOGNG !!!!" to the screen.
i cracked the first app using notepad....
I would like to get in touch with you about a project if you can provide me your email
hello 31337
hi bro can u help me
No offense, but this is a tutorial by someone who has been mesing with assembly for 3 months only. And you see that
You are completely right. At the time I hadn't been doing it for very long, and was just getting into it, but I had a few friends who asked me to do a tutorial, as they had never done any reversing before.
Thats why its called "Basics"
Thomas, (but Ian too),
Big logical error: no-nothings can comment on a polished finished proposition, but to teach basics -- the foundations of a subject -- you need to be an expert.
It may be called "basics," Thomas, but you look like you're trying to make excuses for ignorances, something totally different.
If you're just starting out, Ian, I suggest you stick to ten-minute videos about things you know really, really well -- not an hour and a half videos about something you don't have a command of.
I'm outta here. Good luck -- but no, don't waste my time, thank you.
I watched some of this because I'm looking for a decent reverse engineering tutorial for one of my buddies, and I agree with David Lloyd-Jones.
For example, at 47:05, the tutor should have changed it to *JMP* , which basically means 'JuMP to where we want to go no matter what', which would have been the correct way to do it. But instead he used *JNZ/JNE* which basically means 'jump to where we want to go *_unless_* we actually enter the *_correct_* password' :D , which is a little confusing, especially for beginners. The proper method should be taught right from the start.
I haven't watched the rest of it, but I'm guessing there are other... maybe not mistakes but... incorrect methods.
*EDIT - I just noticed that this was uploaded a couple of years ago so I'm guessing that the tutor is an expert now :D
Fireworks,
You're probably right.
Ian, can you come back now? Maybe redo it on the basis of what you've learned in the past couple of years?
And good luck to the both a' yaz in whatever you're up to.
-dlj.
It took me 2mins to learn how to crack any software, I guess I am a genius.. Lol
I call bullshit. You don't even know what obfuscated code is if you think it takes 2 mins.
@@EmilParkour I guess you are slow then.. I obfuscate codes in less than 1min, I unpack themida and vmp in less than 5mins,so don't fuck with me.. Lol
568 people have put up with your first minute of empty air: that's ten hours of people's time you've just wasted.
Maybe spare us all your rehearsal and just put the actual program up on TH-cam?
Later: it turns out Ian really is just rehearsing, at the expense of us, his audience. Nobody has the right to do that. You should take this video down, and replace it with something worthwhile once you know what you're doing. I wish you well, you're obviously bright and capable. Come back when you're ready, OK?