By Teddy RogersWelcome! on this fine day, you have reached CrackZ's Reverse Engineering Page, on the web for 14+ years, despite many censorship attempts. Amongst these pages you will find what is now a very rare commodity on today's commercialised web; a site where you can acquire all the skills you need to become a competent reverse engineer. This site provides information for analysts and protectionists alike, focusing mainly on the protection schemes of Window's software whilst debunking some of the mystery surrounding the sublime art of 'copy protection'. Everything here is yours for free, I hope you will enjoy taking some time to look around.
In the last 15 years commercial profit motives have transformed the nature of web information and searching forever, a bitter irony indeed that in our rush to embrace a world of 'free information', more and more is now hidden, treasure troves of free knowledge have been shunned in the stampede for 'e-commerce' gold, snake oil products to this day provide a false sense of security to software authors. This site is fiercely against these trends, but is also realistic in that it will make not one iota of difference. Upon my pages you will find many teachings that should enable you (with a little work) to reverse engineer most of the software you'll ever encounter or need (probably saving you a considerable amount of money).
You will find no dubious advertising banners, irritating pop ups, endless loops of smut site referrals or targeted ads, (they couldn't pay me enough to promote their useless products anyway), much of the material here is at a level where little more than a 'willingness to learn' is assumed, of course if you delve a little deeper you will (I hope) find much more.
CrackZ's Reverse Engineering Page (1997-2012).rar : 834d28a4e6d00abb6b6d007f6b4fd4ed
By Teddy RogersA collection of legacy tutorials from ARTeam covering multiple aspects; unpacking, cracking, inline patching, dongles, DRM, keygenning, debugging, serial fishing, loaders, etc.
ARTeam Tutorials Collection.rar : ca10cf1c85b12f6f9d0b2998c2356e7f
By Teddy RogersThis is a complete archive (site rip) of all files on Tuts 4 You as of July 2011 except for the malware samples - you will need to download these directly from Tuts 4 You.
I have created the torrent as directories and files rather than one archive which gives you the option to download files individually or in categories. The entire collection is 3.69 GB of which some sections may be of little interest to some but you have the option of downloading what you want.
This collection will be updated annually so please check at the following link for the official and up-to-date torrent file.
Base 32 Hash-ID
magnet:?xt=urn:btih:slpgvubkpp4dyhxbaxpmogludkgmw7wi Base 16 Hash-ID
magnet:?xt=urn:btih:92DE6AD02A7BF83C1EE105DEC719741A8CCB7EC8 Please remember to seed the torrent and help share the knowledge within the reversing community.
I hope this satisfies the leechers, thank you!
Tuts 4 You - Collection 2011.md5
By Teddy RogersA collection of tutorials aimed particularly for newbie reverse engineers.
01. Olly + assembler + patching a basic reverseme
02. Keyfiling the reverseme + assembler
03. Basic nag removal + header problems
04. Basic + aesthetic patching
05. Comparing on changes in cond jumps, animate over/in, breakpoints
06. "The plain stupid patching method", searching for textstrings
07. Intermediate level patching, Kanal in PEiD
08. Debugging with W32Dasm, RVA, VA and offset, using LordPE as a hexeditor
09. Explaining the Visual Basic concept, introduction to SmartCheck and configuration
10. Continued reversing techniques in VB, use of decompilers and a basic anti-anti-trick
11. Intermediate patching using Olly's "pane window"
12. Guiding a program by multiple patching.
13. The use of API's in software, avoiding doublechecking tricks
14. More difficult schemes and an introduction to inline patching
15. How to study behaviour in the code, continued inlining using a pointer
16. Reversing using resources
17. Insights and practice in basic (self)keygenning
18. Diversion code, encryption/decryption, selfmodifying code and polymorphism
19. Debugger detected and anti-anti-techniques
20. Packers and protectors : an introduction
21. Imports rebuilding
22. API Redirection
23. Stolen bytes
24. Patching at runtime using loaders from lena151 original
25. Continued patching at runtime & unpacking armadillo standard protection
26. Machine specific loaders, unpacking & debugging armadillo
27. tElock + advanced patching
28. Bypassing & killing server checks
29. Killing & inlining a more difficult server check
30. SFX, Run Trace & more advanced string searching
31. Delphi in Olly & DeDe
32. Author tricks, HIEW & approaches in inline patching
33. The FPU, integrity checks & loader versus patcher
34. Reversing techniques in packed software & a S&R loader for ASProtect
35. Inlining inside polymorphic code
37. In-depth unpacking & anti-anti-debugging a combination packer / protector
38. Unpacking continued & debugger detection by DLL's and TLS
39. Inlining a blowfish scheme in a packed & CRC protected dll + unpacking Asprotect SKE 2.2
40. Obfuscation and algorithm hiding
By Teddy RogersA premier collection of articles compiled by Fly from the now defunct UnPack China forum dated in 2007.
Note that most of the content contained in this compilation is in Chinese, you may need to use a translator to fully understand some of the information it contains.
By Teddy RogersThe Immortal Descendants started out as members of an IRC group on irc.prodigy.net called "Deadmen.Society" way back in 1995. As we gained skills, we realized that there were better, and more productive ways to spend our time. We (TR0YB0Y, Volatility, Raven, Mortis, Yakuza) left the Deadmen.Society and formed a new group, with new principles and theologies under the name "Immortal Descendants". Our goal for this new group, was a collective for friends to learn, and showcase their talent together.
Things were good for awhile, but people lost interest, and three of the founding members, Yakuza, Raven And Mortis disappeared. TR0YB0Y and Volatility kept things running for a while, but eventually "REAL LIFE" caught up with them. March 1998, The Immortal Descendants Were No More.
...Seven months later... Volatility signed back online, and regained interest while looking through the old site. What you see now, is a "re-birth" of the Immortal Descendants. We've come a long way since the old lame IRC group days, to become a premiere knowledge group.
Sadly as interest waned, The Immortal Descendants have moved forward onto other endeavors. Treasure this knowledge, expand on it, be inspired to share your knowledge with others.
By Teddy RogersR4ndom’s Beginning Reverse Engineering Tutorials
Tutorial #1 - What is reverse engineering? Tutorial #2 - Introducing OllyDBG Tutorial #3 - Using OllyDBG, Part 1 Tutorial #4 - Using OllyDBG, Part 2 Tutorial #5 - Our First (Sort Of) Crack Tutorial #6 - Our First (True) Crack Tutorial #7 - More Crackmes Tutorial #8 - Frame Of Reference Tutorial #9 - No Strings Attached Tutorial #10 - The Levels of Patching Tutorial #11 - Breaking In Our Noob Skills Tutorial #12 - A Tougher NOOBy Example Tutorial #13 - Cracking a Real Program Tutorial #14 - How to remove nag screens Tutorial #15 - Using the Call Stack. Tutorial #16A - Dealing with Windows Messages. Tutorial #16B - Self Modifying Code. Tutorial #16C - Bruteforcing. Tutorial #17 - Working with Delphi Binaries. Tutorial #18 - Time Trials and Hardware Breakpoints. Tutorial #19 - Creating patchers. Tutorial #20A - Dealing with Visual Basic Binaries, Part 1. Tutorial #20B - Dealing with Visual Basic Binaries, Part 2. Tutorial #21 - Anti-Debugging Techniques. Tutorial #22 - Code Caves and PE Sections. Tutorial #23 - TLS Callbacks. Modifying Binaries For Fun And Profit
Adding a Splash Screen - Creating a code cave to show a custom splash on an application Adding a Menu Item - Adding a menu item to an existing binary. Making a Window Non-Closeable - Making a Window Non-Closeable. The Never Ending Program - Opening message boxes every time a user tries to close a program. DLL Injection 1 - Adding an opening message box through DLL injection. DLL Injection 2 - Adding a splash bitmap through DLL injection. R4ndom’s Guide to RadASM
Installing and setting up - Installing RadASM and configuring the environment. Creating our first project - Creating our first project. Adding an Icon and Menu - Adding an Icon and Menu. Miscellaneous
The Reverse Engineer’s Toolkit - Tools every reverse engineer should know about. Shrinking C++ Binaries - Shrinking binaries through Visual Studio. Other Tutorials
Author Tutorial XOR06 Cracking DriverFinder nwokiller Unpacking PELock v1.06 XOR06 Bypassing a keyfile XOR06 Bypassing a Serial and server Check XOR06 Bypassing a Serial in a Delphi Binary XOR06 Finding a serial using bitmaps. XOR06 Easy unpacking. XOR06 Where and How to pacth a serial routine. XOR06 Patching a server check, 30 day time trial, and a nag. XOR06 Serialfishing a correct serial. XOR06 Another way of finding the patch. XOR06 Why it’s so important to search for pointers. XOR06 .NET Crackme with tutorial XOR06 .NET Crackme (no tutorial)
By Teddy RogersThe idea for this project was to provide a means of publication for interesting articles. Not everyone likes to write tutorials, and not everyone feels that the information they have is enough to constitute a publication of any sort.We all run across interesting protections, new methods of debugger detection, and inventive coding techniques.We just wanted to provide the community with somewhere to distribute interesting, sometimes random, reversing information.
While the title of this ezine says ARTeam, we prefer to think that we are acting as a conduit. We really hope that you find this project interesting, and we really want this to be a community project. So if you have an idea for an article, or just something fascinating you want to share, let us know and hopefully we will see a ezine #. It soon became apparent that the scope of this project went well beyond what we had predicted. A big thanks goes out to all the contributors. Without you this would be a blank page. We also need to thank everyone who has viewed, refined and commented on the production of this ezine. Hopefully we have been able to provide the reversing community something interesting.
The reversing community has been very dynamic in the past few years. We've seen a ring GUI debugger grow in startling popularity. We've seen protection authors dig deeper into the OS in an effort to deter crackers. Unique protections have provided months of analysis for reversers. New inventive tools have been developed in the re-versing community in an effort to effectively analyze and understand software protection. And ironically we see some of these tools move back to ring0.
None of these changes and achievements would have been possible without the amazing and talented reversers that take the time to share their knowledge and teach others. No matter what team you belong to, what level you reverse at, what language you speak, you all make up the same community. A group of people who constantly strive for discovery. None of us are content with accepting things "as they are" we need to know why. We are the scientists of software. We dig deeper than the average user, we see code where everyone else see flashy presentation. We learn this code so well that we can rewrite it, manipulate it, and even improve on it. Since these are my thoughts, I just want to thank every single member of the reversing community. I couldn't even begin to name every single person who has provided a contribution. We are all spread out among many boards, many teams, even many countries. But I like to think that we all share a certain camaraderie. Please enjoy the information included among these pages, we had some talented people give us some great sub-missions.
By Teddy RogersRCE Messageboard's Regroupment, "serious reversing, cracking and programming discussions."
Discussion board content archived between 2008 and 2016. Previously hosted at: http://www.woodmann.com/
By Teddy RogersI have opened my www.searchlores.org, in Oz, in February 2000. Searchlores seems fairly popular: I receive on my main site alone an average of (around) a million hits per month, without counting the (many) hits on mirrors like www.searchlore.org in the States (note the missing "s" after lore), or www.fravia.com in Europe, or the other existing ones.
As per 2004 some sections of searchlores - as you will notice - are still missing, in fieri or incomplete.
This section as well: chaotic and incomplete, its purpose should be to give an idea of the variety and richness of our searching techniques. Maybe all these introductions are useless, and you would be better served reading some small specific essays, like the seven searching snippets "Learning to transform questions into effective queries" that I wrote in 2003.
Please note that you will not find any advertisements whatsoever on my sites: no banners to click on, no sponsors to promote, nothing. I don't need your money: I need your own knowledge, I need your feedback. My only hope is that you will, one beautiful day, contribute yourself to the vast wealth of knowledge.
This site is continuously updated, see the "news" section for ad hoc listings.
Some part of this site are getting obsolete, though: you will have to learn how to evaluate the material you find on the web. One relatively 'ancient' section is this very introduction. In 2000 for instance, when searchlores began, google was still in its infancy and the search engine of choice was still altavista.
This does not mean that you should now only use google, teoma or fast (considered nowadays the best search engines): Smaller search engines, like hotbot can reserve interesting surprises, and offer the possibility to search through powerful advanced filters, which let you pinpoint precisely what you want: domain search, region search, language search, words to include and words to exclude and so on.
By Teddy Rogers
By Teddy Rogers
By Teddy Rogers
By Teddy Rogers
By Teddy Rogers
By Shade Of Vengeance