Jump to content
Tuts 4 You

Reverse Code Engineering

55 files

  1. DTrace - Applied Reverse Engineering on OSX

    This paper will examine how DTrace, a kernel-based dynamic scriptable tracer, can be effectively used for reverse engineering tasks. DTrace offers an unprecedented view of both user and kernel space, which has many interesting implications for security researchers. In this paper we will introduce DTrace, comparing it to existing debuggers and tracers. We will then walk the reader through various applications of DTrace. We will show how to monitor for stack and heap overflows, generate code coverage graphs, trace code paths visually in target applications over the network with IDA Pro, and discuss intrusion detection and evading DTrace.

    76 downloads

    0 comments

    Submitted

  2. Cracking the MSI Files

    Today, we are discussing how to bypass serial number protections built in to windows binary installer files (.msi). Commonly, registration number protections are embedded within an InstallShield script, so we are going to make sure this is not the case before we delve into the .msi file.

    284 downloads

    0 comments

    Submitted

  3. CrackMe3 Hellsp@wn Solution

    This tutorial doesn't want to describe the methods I used to reverse this crackme, but rather the questions born in the mind of novel reverser like me … . So, you will ask: "Why did you choose this crackme" The answer is simple: THE CHALLENGE! The name of Hellsp@wn (coauthor of the principal Ollydbg's hide plugin: Phantom) and a crackme of level 5, dated 2006 and not yet resolved, are the right mix to test my abilities; indeed, the possibility to discover a new anti debug technique is behind the corner so good lecture and, as always, sorry for my poor English.

    103 downloads

    0 comments

    Submitted

  4. Dealing With Funny Checksum

    After a while, I've decided to write about something interesting which I've found while unpacking one protection, and it will be also nice introduction to one of my tools which I have wrote for fun of it.

    However, I won't mention application name here, but to demonstrate checksum check which I have found I will be using one test application, thus you will get idea what happened, and how checksum is defeated. I will also introduce one tool I wrote, which served me well in this particular case. Tool should come with this document, thus I won't describe tool, and it's internals as source code should be well commented.

    103 downloads

    0 comments

    Submitted

  5. Definitive Guide To Exploring File Formats

    Computer games are vast and many, however most computer games have something in common - they need a place to store all their important files like images, movies, and sounds. To do this, computer game developers typically store their data into a big archive file.

    There are many reasons for storing all your data files in one big archive, some reasons include reducing the number of files on a CD, hiding the data files to stop people hacking the game, and so that all data files can be accessed using a single data stream.

    However, the bad news for gamers is that there are almost as many different archives as there are different computer games - every game developer creates their own archive formats, and they even change their formats between games or departments in the company.

    This brings us to the focus of the tutorial - how to explore the archives and grab the files from within them. This tutorial will attempt to make it easy for anyone to explore a new format, with the aim of promoting game modifications and enhancements by the community.

    In the following pages, we will discuss the terms Game Resource Archives (GRAs) and Game Resource Archive Formats (GRAFs), common data types, and other definitions. From there, we will explain the fundamentals of cracking a file format, including the tools you use, and the patterns to look out for.

    Thanks for reading our guide; we wish you the best of luck in your exploration.

    140 downloads

    0 comments

    Submitted


×
×
  • Create New...