Page 1 of 3 123 LastLast
Results 1 to 15 of 33

Thread: A new class... join now!

  1. #1
    Rage9
    Guest

    A new class... join now!

    I would like to run a small amount of newbie Reverse Engineering classes if its ok with all of you, first lesson, the easy jne patch and a newbie reverser problem.... it should not be too hard do it and have fun, another one will be comming soon...

    Rage9's Crackme #1

    http://www16.brinkster.com/realcool23/download/rcrackme1.zip

    -brad
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Teach, Not Flame Kayaker's Avatar
    Join Date
    Oct 2000
    Posts
    4,128
    Blog Entries
    5
    Hi Rage9,

    Sounds good. I modified your link slightly because it wasn't working as written.

    Regards,
    Kayaker

  3. #3
    CoDe_InSiDe
    Guest
    Hi Rage9,

    Ah good thing
    I also had that kind of idea some time back, i had the idea to make some CrackMe's from very easy to a little bit harder (Offcourse not Impossible )
    So i think it's a nice thing for people to learn let's say "Some Basic Techniques"

    Cya...

    CoDe_InSiDe
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    CoDe_InSiDe
    Guest
    Hi everyone,

    Well, i just want to say that i resolved the 2 things that could be accomplished (Patching and reversing).
    I'm not going to tell the solution (yet ) because i want that other people have a look at it

    Cya...

    CoDe_InSiDe
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Aleph
    Guest
    Hiya all.

    Rage9, i'm maybe (*probably*) missing a thing, but isn't there a kind of "gap" between the two tasks ?
    I mean, patching the exe was done in 20 seconds, but I'm damn unable to complete the "reverse" part (actually, i wrote the code, but I don't know how to place some strings in the proggy to call 'em for the mbox)
    Anyway, I think i'll have a play with BRW on this ...

    Regards,
    Aleph
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Rage9
    Guest
    Dont worry too much about the reversing part, if you cant do it you cant, its acutally quite complicated at first. It requires a good knowledge of writing pure assembly code and knowing what it does, im sure if i dont write the essay someone else will....

    -Rage9
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    netjunki
    Guest
    [quote]Rage9 (06-04-2001 19:29):
    I would like to run a small amount of newbie Reverse Engineering classes if its ok with all of you, first lesson, the easy jne patch and a newbie reverser problem.... it should not be too hard do it and have fun, another one will be comming soon..
    well im the ultimate newbie cause i need help i went in with not pad and started changing the way it was writen like say two things were the same even when the wern't well all this did is make the program not run it had a problem with not enough conventional memory what am i doing wrong do i need to start my schooling at an even lower level than this please help cause im not computer illiterate
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    NeO'X'QuiCk
    Guest
    Hello all !The idea is very good Rage9 ! I think that you couldnt do it more simple then already iS!To put Msg box inside isnt hard !SO Aleph if you have problems with it you should read more that will help!ANd Rage) about cracking i think you should do it more hard because i saw here more difficult project the this NAg !SO i think even if ppl should learn it better to make it a little harder not to hard because if it harder to do it harder to forget!


    NeO'X'QuiCk
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    Rage9
    Guest
    boop keep this a blank next message contains everything....
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #10
    Rage9
    Guest
    NeO'X'QuiCk: I understand your point but as you can see our freinds netjunki and Aleph can not do one part or all of that, hell everyone starts off like that, what did u just become a half decent reverse engineer over night? no at least not for me, it took long hours of reading through books on assembly language and mounts of reverse engineering tutorials to get this far and i think its important to help others who dont know how, beleive me it will get LOTS harder as the class goes on but you cant do the other advance stuff without know the basics, how many of us can say we learned to ride a bike without riding w/ training wheels? I dont know anyone who can say that.

    netjunki : goto http://protools.cjb.net and click on 'Decompilers' and download 'W32DASM'

    then click on 'Utilities' scroll down to 'Binary file editors' and download 'Hiew'

    then go over to http://exagone.cjb.net/ and read everything in his 'Win32Asm Tutor' and read everything from the ' Introduction' down.

    head over to http://webster.cs.ucr.edu/ and click on 'DOS Assembly' and scroll down to the text 'The Art of Assembly Language Programming' and click 'HTML Version' and read what you can it will keep you bussy for a while.

    make a stop back here or head over to http://crackmes.cjb.net/ and read all the level 1 essays you can, you should then have a kinda hazy idea how to reverse engineer somthing simple... its alota work.

    -brad
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    Aleph
    Guest
    Dont worry too much about the reversing part, if you cant do it you cant, its acutally quite complicated at first. It requires a good knowledge of writing pure assembly code and knowing what it does
    Woops, maybe i wasn't clear. I wrote the call in the proggy, and it's working fine. What I don't know yet is how to place my own title and text (for the messagebox) into the proggy ...

    Regards,
    Aleph
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #12
    NeO'X'QuicK
    Guest
    Rage9 I meant the cracking part the revesing part is ok!!And above all you should putted up the reversmes uRl not cracking ones beucase ppl would learn more from REvermes the crackmes and there are a lot of the On Immortaldescendnats!!


    NeO'X'QuiCk
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  13. #13
    Aleph,

    Just dump the strings somewhere in the exe... where enough free space is available.
    Probably somewhere at the end of a section ;D

    Regards,
    JimmyClif

  14. #14
    Aleph (06-08-2001 05:47):
    Woops, maybe i wasn't clear. I wrote the call in the proggy, and it's working fine. What I don't know yet is how to place my own title and text (for the messagebox) into the proggy ...
    Hiya Aleph,

    I haven't done this particular crackme / reverseme so I can't offer any specifics, but maybe I can give you a few general pointers...

    The first thing you need (if you don't have it already) is a copy of the win32 API reference. Looking up MessageBoxA in the reference reveals that it takes 4 parameters.

    int MessageBox(

    HWND hWnd, // handle of owner window
    LPCTSTR lpText, // address of text in message box
    LPCTSTR lpCaption, // address of title of message box
    UINT uType // style of message box
    );

    All 4 of these parameters will be pushed on the stack prior to the call .

    First off, the style of the MessageBox defines the appearence of the box...

    MB_ABORTRETRYIGNORE The message box contains three push buttons: Abort, Retry, and Ignore.
    MB_OK The message box contains one push button: OK. This is the default.
    MB_OKCANCEL The message box contains two push buttons: OK and Cancel.
    MB_RETRYCANCEL The message box contains two push buttons: Retry and Cancel.

    These styles, MB_OK, MB_OKCANCEL, ect are actually defined constants and if memory serves me correct you should be able to find out their values by doing a search within the header file winuser.h (or from looking at the MessageBoxes referenced in a dead listing)... Anyway, you'll need to push the numerical value for the style of the messagebox you want.

    Next, you have pointers to the text and title strings. In order to insert this text, you'll need to find some empty space in the file. Often there is some empty space at the end of the code section in the proggy. Here you'll write your desired title and text in a hex editor using the ASCII codes for the letters. The addresses where you place them are going to be the second and third parameters you push prior to the MessageBox call. Note, you'll also likely need to change the section characteristics from C0000020 to E0000020. This will allow the section to contain both data and executable code without crashing.

    Lastly, is the handle to the window that owns the MessageBox. In the simplest case this parameter can simply be NULL.

    Anyway, I hope the above is of some assistance to you. Feel free to ask additional questions if any part of it is not clear



    To Neo :
    While it may be true that there is more to be learned from the 'reversing' task than the 'cracking' task, it is necessary for most to begin at the beginning in their persuit of knowledge. Man, I didn't even know what an API was when I first began... but I sure have learned a whole hell of a lot since I inverted that first jump on a reg routine. And as such, simple tasks like changing a jump or noping a call are necessary stepping stones on path to gaining the knowledge and skills necessary to tackle more advanced issues. IMHO, a purely 'reversing' challenge is beyond the complete newbie and in most cases would lead to more discouragement than productive learning... We all crawl before we walk. Anyway, this is just my humble opinion based on my own personal experience.

    Good Luck Guys

    Regards,
    Clandestiny

  15. #15
    What happened to my post anyway ? The forum says I was the last person to post... but my post is gone ??? Well apparently not gone... let me rephrase the problem

    It seems that the last poster's message disappears until there has been another post, after which the message appears and the new poster's message becomes invisible....

    Any ideas why this is happening ?

    Clandestiny

Similar Threads

  1. class concept
    By dion in forum Off Topic
    Replies: 4
    Last Post: September 28th, 2009, 13:03
  2. want To join
    By surushm in forum OllyDbg Support Forums
    Replies: 3
    Last Post: June 15th, 2004, 01:47
  3. How do you bpx on a class method??
    By Jacques in forum The Newbie Forum
    Replies: 5
    Last Post: May 31st, 2004, 00:05
  4. How to bpx on class method?
    By Jacques in forum The Newbie Forum
    Replies: 0
    Last Post: May 2nd, 2004, 21:26
  5. java : PE & .class
    By keyser in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: December 23rd, 2000, 13:45

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •