PDA

View Full Version : "Cracking Tutorials"


LLXX
January 20th, 2007, 08:26
I'm just ranting here, so feel free to ignore me...

Have you ever thought to yourself that all crackers (or at least the ones who write crack tutorials) are partially illilterate teenagers? I browse through various repositories, and when a new tutorial is posted, of course I want to read it to keep up to date with current reversing techniques. However, upon reading the first sentence or two, I usually stop reading due to the highly mangled English. Only once in a while do I come across something that was written at an acceptable level.

I know these aren't necessarily supposed to be academic journals, but still... if you're going to write something and submit it to a repository, write it so that others will enjoy reading it, not be discouraged by it.

/me goes off to try unpacking AsProtect 2.1x following something that looked like it came out of a translator

Silkut
January 20th, 2007, 08:58
Same thing with tutorials in my native language, hopefully we have reversing groups that are doing a good job, without typos.
It may also depend on the nationality of the writer and the language he's using.

naides
January 20th, 2007, 09:40
Quote:
[Originally Posted by LLXX;63890]I'm just ranting here, so feel free to ignore me...

Have you ever thought to yourself that all crackers (or at least the ones who write crack tutorials) are partially illilterate teenagers?

Dyslexia is a malady all too prevalent among computer programmers; good problem solvers are not necessarily effective communicators, and yes, some of the tut writers are indeed partially illilterate teenagers.

There are three possible attitudes towards this situation: 1-Set up an editorial board that screens, corrects and interprets the tuts published in a repository to a more formal level (Be my guest). 2- Reverse the tutorial, extracting what is useful and ignoring the 1337 talk and the weird syntax (My choice). Or 3- abandon the task, prejudging that the poor composition skills of the author implies that the contents of the tut also sucks and is irrelevant.


I know these aren't necessarily supposed to be academic journals, but still... if you're going to write something and submit it to a repository, write it so that others will enjoy reading it, not be discouraged by it.

/me goes off to try unpacking AsProtect 2.1x following something that looked like it came out of a translator
May be it did, may be it did.



I am ranting also

esther
January 20th, 2007, 10:56
Most aren't teenagers.Most probably their native language is not english and I bet they are trying to write a tute which is understandable.Using a translator doesn't really helped.
*1-Set up an editorial board that screens, corrects and interprets the tuts published in a repository to a more formal level (Be my guest)

I have seen some sites (reversing be)does have that does review the tutes but I discover most aren not reviewed.

Well usually I have these in my recycle bin

Silver
January 20th, 2007, 11:56
It seems to be an even split. 40% are teenagers who have yet to shed the "j00 1s n0t 4 c0d3r" mentality. The other 40% are not in this category, but have never written a paper or document for public consumption. Thus, they don't appreciate how to write in an understandable manner that conveys all the necessary information (this is usually because most have never worked in a professional, business environment, which is also why some of the best coders I know can't find work).

The remaining 20% do write well, but it's a small percentage. These statistics may also be made up.

Writing coherently is a difficult task, one that many people don't appreciate.

SiGiNT
January 20th, 2007, 14:40
I agree totally, mostly it seems to be a language barrier, but my major bitch is small VERY IMPORTANT items seem to be intentionally omitted - you'll be following along perfectly and all is explained and then all of the sudden it says something like "now I set a BP at 4XXXX" with no explanation of how that address was gleened and after rereading several times apparently it's something the author chooses to keep to themselves - all tutorial creators should study Lena's series they are all excellent and everything is quite clear, (but I do hate flash tutorials, they're hard to dogear or flip back and forth!).

SiGiNT

Also interesting to note that Lena's native language is not english.

Silkut
January 20th, 2007, 16:56
@sigint33: I'm impressed too, Lena's talking my native language quite perfectly (non-english, and a bit hard).

LLXX
January 20th, 2007, 19:51
Quote:
[Originally Posted by naides]There are three possible attitudes towards this situation: 1-Set up an editorial board that screens, corrects and interprets the tuts published in a repository to a more formal level (Be my guest). 2- Reverse the tutorial, extracting what is useful and ignoring the 1337 talk and the weird syntax (My choice). Or 3- abandon the task, prejudging that the poor composition skills of the author implies that the contents of the tut also sucks and is irrelevant.
1. This would probably be the best solution, i.e. exactly like the academic journals I'm more used to reading. However, reviewers are likely to be lacking.

2. I've tried this, in some cases it works and I can figure out what's going on by ignoring the text and only looking at the images, but at other times when the images are of absolutely no help (some of these writers apparently don't know what lossless compression is, and JPG'd them at the lowest possible quality, resulting in an image that's completely useless) and you read the text, only to find it reads like this:
Quote:
If we make Shift+F9 again, then program will be neglected. Now let us isolate 00[EEA]7[A]D and let us place on it [brejkpoint] (point of stop) (F2). This necessarily that would work out the processor of exceptions and program stopped. [Zhmjom] Of shift+F9. And let us prove to be to 00[EEA]7[A]D. ... harvest Alt+M and we see the map of memory we find our Exe[shnik] we place Set Of memory Of breakpoint on Of access in the section of code. In the early versions Of aSProtect[a] after the wear and tear of this point of stop we occurred on [OER], let us look that [proizojdjot] now. We make Shift+F9 and it is exerted here...

Quote:
But do not entangle! These places: 2. Us are necessary the second.

Quote:
Above is located instruction RET, of zero it does not smell.
Quote:
Another curl traceamos a little and we repeated he himself method of before. Bp when coming out of the curl, we removed to the BP on Write from memory.
Again he himself method to pass the curl.
F9.Para in he himself.


#3 would likely be my choice if I encountered anything like the above.
Quote:
[Originally Posted by sigint33]I agree totally, mostly it seems to be a language barrier, but my major bitch is small VERY IMPORTANT items seem to be intentionally omitted - you'll be following along perfectly and all is explained and then all of the sudden it says something like "now I set a BP at 4XXXX" with no explanation of how that address was gleened and after rereading several times apparently it's something the author chooses to keep to themselves - all tutorial creators should study Lena's series they are all excellent and everything is quite clear, (but I do hate flash tutorials, they're hard to dogear or flip back and forth!).
Indeed. Most of them seem to be a "do this, do that, etc., then it's done" procedure tied to a specific target, and much of the time even I couldn't follow along with the exact same target the author used in writing it! I'm a moderately experienced reverser, so imagine how the newbs (which these tutorials are supposedly written for) would fare with this.

esther
January 21st, 2007, 03:48
A picture tells you a thousand words(remembers Tiamath told me ).Its a flash movie heh.
I would sleep if I'm reading journals rofl!

Kayaker
January 21st, 2007, 04:59
Quote:
[Originally Posted by esther;63905](remembers Tiamath)


Good reverser, math wiz. We're showing our "age" esther if we can remember him

esther
January 21st, 2007, 06:58
*We're showing our "age" esther if we can remember him

We have the same "age" in here rofl.
He is still around watching you guys growing older everyday

Shub-nigurrath
January 21st, 2007, 13:19
I totally agree.. that is what I always told, and on arteam this was the initial will, to raise the tutorials level .. hope we did it a little at least..

LLXX
January 21st, 2007, 21:22
ARTeam is certainly one of the better repositories...

owl
January 23rd, 2007, 15:00
Here is my two cents, from someone that just started writing tuts and still a newbie. I try to write everything that I do step by step no matter if it is too basics, like when you do xor, converting the hex numbers to binaries to do the xor and then converting them back to hex. I like adding a lot of images and explain how I got to certain point and why do I believe this is the right path to follow. This is nice to do because I can come back months later and look at my paper and know why I did what I did and how I got the result without having to try to figure out or re-load the program.

However, I do find that depending how complex or simple the program may be, I may ended up with about 20pgs or even more. Also if it is something very complex or I am too tired, I may start jumping steps, meaning I don't write every detail down. I also don't have that much experience writting technical papers, so sometime, I may not know what to actually put down, and that is another reason why I just write everything.

I heard once that you should always know who your target audience is, and it seems to me that some people assumed that their target audience already know the basics and will be able to follow up. My point is when you write a tut for newbies, think about "reversing for dummy", and try to be as simplicit as possible.

Woodmann
January 24th, 2007, 01:48
Howdy,

I can understand the difficulty in writing something technical.
I dont keep notes, which is of course a bad habit. It manifests itself when I try to write something but cannot remember EXACTLY how I did it.

I have had the luxury of being able to have someone else review my work.
Even after the review, I still can not figure out how to explain what is rolling around in my brain.

My latest example would be the talk I gave at RECON 2006.
I had spent weeks preparing only to panic the night before and re-write it.
I feel as if no matter what I say or write, it makes no sense.

Some of us are made to write, some of us are not .

I look at writing as a skill. Like being able to play a musical instrument for example. Some people have an inate ability to do certain things.

I have a great ability to drink too much .

Anyway, I think a group of people who review tuts and other papers is the best way to handle the problem.

Woodmann

sarge
January 24th, 2007, 06:22
Part of the difficulty in writing technically correct documentation in this type of environment is that a significant portion of the reversing effort is mental; more correctly, inspirational. It is difficult to explain "genius", you really just have to experience it. I suspect a good deal of that comes from just plain old experience, whereby you subconsciously realize that you have seen this type of coding, or this particular sequence, before.

And when that inspiration and/or realization hits, it's excitingly gratifying...but explaining it can be difficult. It may take many paragraphs to write what actually represented a split-second epiphany.

Also, I suspect, not to many people have actually taken a professional technical writing class, nor had professional writing training. One of my personal peeves is the inconsistancy in the written flow that attempts to describe the above mentioned thought process. Terms are intermixed, slang is injected inappropriately, and so on.

But most of all, I agree that the spelling/syntax of a document is generally my go/no-go factor; if it's too screwed up, I abandon it. You can usually tell the difference between the English and non-English writer, and set your judgement levels accordingly.

Sarge

owl
January 24th, 2007, 14:02
Quote:
[Originally Posted by Woodmann;63978]
My latest example would be the talk I gave at RECON 2006.
Woodmann


Off topic, is there going to be a REcon2007?, I keep going to their website, but still talking about the 2006.

Woodmann
January 24th, 2007, 19:07
RECON 07? I see no reason why not.

It takes them a while to get everything set before they announce.

Woodmann

Maximus
February 2nd, 2007, 19:44
Quote:
[Originally Posted by sarge;63987]One of my personal peeves is the inconsistancy in the written flow that attempts to describe the above mentioned thought process. Terms are intermixed, slang is injected inappropriately, and so on.


Well, I have experience of writing (other fields), so let me say: it is normal to mix jokes when you write, it's a common way of releasing the high stress of writing. It looks OK when you write&reread, unless you re-read it after 3-4 days. Usually, they gets removed on editing stage of work, not on writing stage.
The problem is another, I feel.

many good reverser's simply do not write enough articles. Or, at last, there is no place where I can find them. Many cracking tutorials are written that way because
1) there is no place where one would cut an arm for being published.
2) skilled ones dont share experience thru articles.

This is not an accusation of any kind, it's just taking the facts. There are some excellent work that appears here and there (i.e. a cool work on arma in spanish), but they gets eventually 'lost' in the wild.
IMHO the RCE community isnt able to step over and gets professional. Which does not mean 'getting a degree' but starting taking its knowledge base more seriously.
The 'dark side' can be fascinating, but there's no 'hard kernel' for it. only scattered pieces of information here and there, tutorial collections etc etc.

So, "WE" need to do something more. Which mean starting to have a regular journal and start WRITING professional articles. That's why I looked with interest to CBJ project hoping -and still hope- it could somehow become our DDJ-equivalent.
I want -i believe we need- a place where i.e. a Schneider could and would write an article on the result of his new algorithm crypto-context (I discovered BF on that single page:P). Because it would fall normally in the journal field, with at least academical or para-academical level (or like phrack).

So, we can question alot about teen writing bad articles, but things will NOT change as long as we do not give them a good reason to cleave their fingers for writing a published tutorial. And this can only happen with a truly authored place with good articles written by people that can write them. At least at start.

So, YOU dear boarders(?exists in this mean in english?) should start writing for making this happen.

My sincere opinion, and my true 2 cents (and my rock thrown in the lake...)
Maximus

Woodmann
February 2nd, 2007, 22:55
Excellent response Maximus.

I will pose this question to you all, is it better to write anything, OR,
should you have a proper background in writing technical articles?

Another question, where do people find the resources to learn how to perfect the skill of technical writing?

Should we as a community, help to advance the writing of tech papers by offering some sort of forum to assist in this effort?

What say all of you?

Woodmann

Shub-nigurrath
February 3rd, 2007, 08:54
Maximus my 2 cents above yours 2
we each time try to involve other people convincing them to write quality contributions for our team, we succesfully hosted very few contributions up to now. It's not a very easy task I can ensure to you.
We offer stable hosting, not vanishing rapidshare links and a public site. But despite this, I discovered once more that talented ppl are jealous of their knowledge and often don't want to share it. I saw this on symbian and palm scenes specially recently, but the windows scene is not so different.
On the one hand I can understand it of course (a sort of "save the knowledge from companies" movement), but on the other hand not.

I hope that more and more ppl like you would decide to post things here on on our pages too..

Silver
February 3rd, 2007, 12:15
Quote:
nother question, where do people find the resources to learn how to perfect the skill of technical writing?


It's a very difficult skill, and not a natural one for many people. Yes, it can be learned providing you have a strong understanding of language and grammar. By this I mean the number of "educated" people who cannot distinguish between "their", "they're" and "there", "your" and "you're", "it's" and "its" is scarily high. However the learning process takes time and practice and, as most authors in this field are not professional authors, they don't take (or have) the time needed. Also remember that even professional authors have editors, who have an even stronger grasp of language and writing style and will catch errors in a text.

But, at the end of the day, I'd rather have a paper written to a mediocre level than no paper at all...

blabberer
February 3rd, 2007, 13:10
many of the repositeries doesnt have a browsable interface
i liked the old anticrack site format but it got messed up in virtualis pdfs and
dont know what happened to it

arteam mostly consist of pdfs and to date to be honest i havent downloaded
even one of them

i like uninformed.org format when you want to read something its more than enough if you have a simple straight txt format that doesnt get distorted in any resolution browser ( i mean lynx in a 80*25 console running under a windows with 800*600 )

Code:

Subverting PatchGuard Version 2
Skywing
12/2006
skywing@valhallalegends.com
http://www.nynaeve.net

1) Foreword

Abstract: Windows Vista x64 and recently hotfixed versions of the Windows
Server 2003 x64 kernel contain an updated version of Microsoft's kernel-mode
patch prevention technology known as PatchGuard. This new version of
PatchGuard improves on the previous version in several ways, primarily dealing


so you can just keep scrolling down and read like a novel no horizontal scroll
no distracttions


yeah fravia's of course i term them classic formats
but thats my opinion not necessarily everyone would approve of it
but in the long run these classics tend to stand the test of time


and yes writing articles is a pretty difficult task i havent written anything that
could be termed an article

i have quiet a few replies to my credit and i do believe i have a basic grasp on queens english but even then if i tend to reread something that i wrote a few days ago i cuss myself for abusing the language

for me its easy to answer a question than write a thesis paper whose gist is same as an informal answer

dont know of any solutions just some instinctive blatherings that occasionally hit me when i'm reading a topic