Reverse Engineering Tutorial For Newbies

Post date: Apr 11, 2011 3:23:40 AM

In simple words reverse engineering is the act to modify the code of of the application to make it work our way, Reverse engineering a very complicated topic and is very difficult to understand for newbie's as it requires a prior knowledge of assembly language, However in this article I will show you step by step how you can crack an application with reverse engineering.Requirements You will require the following things:

1.OllyDBG

2.Crack Me App

Method

1.Once you have downloaded both OllyDBG and Crack Me App start the crack me app

2.Enter any password click ok

3.You will the following error

You are not authorized to use the application

4.Now open OllyDBG and open the Crack me app in it.

5.Now once you have opened the crack me app in OllyDBG, Right click there and goto search and then click on "All Reference Text Strings"

6.Now Right click there and click on "Search For text"

7.Search For the error which you got when you tried to log into the application ("You are not authorized to use the application")

8.Once you have found the error click on it and you will be bought to the following screen:

9.Now as you scroll upwards you will find the following line:

JE SHORT Password.00457728

This is a conditional jump which means that if the condition is right then it will jump to 00457728 Which leaves us to the message "You are not authorized to use the application" and if the condition is not satisfied it just continues reading the code, So we don't want this jump to work as we don't want to get the error message

Now there are two ways to remove this message:

We can either fill it with NOP's and make this conditional jump not work
2.Or we can change JE SHORT Password.00457728 to JNE SHORT Password.00457728, JNE(Jump If Not Equal) means that if the password is correct it will give you the bad message and if the password is incorrect it will give you the correct message

You can use any methods it's your choice, Now in this tutorial I will use the second method to use the method follow the steps given below:

1.Double click the line JE SHORT Password.00457728 and simple change it to JNE SHORT Password.00457728 and click assemble

2.Next Press the blue play button at the top which will start the application

3.Now just enter the password and it will give you the correct message.

PART 2:

Reverse Engineering Tutorial For Newbies I showed you step by step how to crack an application so as if you enter the wrong password that program will think that it's the right password, However this is a bit advanced tutorial and in this tutorial I will tell you how you can fully register a program or software completly.The software I will use in this tutorial is Pixtopian Book

Disclaimer - By reading or following this tutorial you agree that this tutorial is for educational purposes only, RHA is not responsible for any damages caused by you

Requirements

1.Pixtopian Book

2.OllyDBG

Method

1.First of all download Pixtopian book and install in to your computer and open the Pixtopian book.

2.Now first of all we will look at the limitations of unregistered version of Pixtopian book:

a).You cannot add more than three groups and if you try to add more groups it will give the following error:

"You,ve reached the limit of three groups. Please Register Pixtopian book today!"

b)You can only add 4 Contacts/Name, If you try to add 5th name it will give the following error:

You,ve reached the limit of 4 enteries per group/ Please register PixtopianBook today!

3.Now open Pixtopian book in OllyDBG

4.Now Right click there goto search for and click on All refrence Text strings

5.Right click there and click on Search For and search for "You,ve reached the limit of three groups" once you have found it double click it

6.Scroll above and you will see the following line:

"CMP EAX.3"

This line compares how many groups you put in with 3 if the group exceeds 3 then it gives the error message which is "You,ve reached the limit of three groups" but if you don't have three groups this condition will jump to the line JL SHORT 00408B34 and this will make it jump to 00408B34

So inorder to make this esc both errors we will Change JL SHORT 00408B34 to JMP SHORT 00408B34 so this will always esc the errors and this will make not a conditional jump any more

7.Now change the value of JL SHORT 00408B34 to JMP SHORT 00408B34 and click assemble and click the blue button at the top.

8.After you click play you will end up in the following line 760642EP , The program will still not run because it has a very little range.

9.Now to increase range we will go to Options - Debugging options - Exceptions and there click on "add range of exceptions" and enter the range to "000000" and in the form "Last exceptions in range" we will enter "CCCCCCCC" Click Ok and tick also "Ignore also the following custom exceptions and ranges"

10.Now restart the program and follow again follow the steps 1-5 and again change JL SHORT 00408B34 to JMP SHORT 00408B34 start the Program and it will work and it will work for you and you can add more then 4 Groups and for adding more names repeat the above steps again.

Hint:Search For the error "You,ve reached the limit of 4 enteries per group/ Please register PixtopianBook today!"

And you are done.

Hope you have liked the tutorial, If you have questions feel free to ask me.

-Courtesy Rafay Baloch