Feedback and Ideas

[Teddy Rogers]

I am considering moving the CrackMe, UnpackMe, KeygenMe sections from the forums to the Downloads section of the site.

If you check now I have added the relevant categories. There is a sample "CrackMe" file with all fields completed for everyone to check out and provide feedback. You can find it here;

If you want to see what the fields look like whilst creating/ submitting the entry check out the attached screenshot.

Please provide feedback to me if you think something needs to be added or omitted. Better to have it all figured out and sorted before going live.

Thank you...

Ted.

[CodeExplorer]

Quote

I am considering moving the CrackMe, UnpackMe, KeygenMe sections from the forums to the Downloads section of the site.

I guess this has to do with garbage from CrackMe's.
Anyway, instead of doing this, did you consider searching for keywords in the topic ("Language", "Platform", "OS Version", "Packer", "Protector", "Description", "Screenshot"
and if the topic doesn't contain those don't add it.
 

[Teddy Rogers]

15 hours ago, CodeExplorer said:

I guess this has to do with garbage from CrackMe's.

Not entirely.

Using Downloads allows for mandatory fields. This is useful for people submitting challenges - and moderators - as it will be likely all fields will be filled with the correct information first time.

Downloads also allows for additional options and features that are out of scope of the general forum.

15 hours ago, CodeExplorer said:

did you consider searching for keywords in the topic

I don't think there are any features that allows you to do that. The other thing is ensuring the styling and formatting are correct, searching for keywords wouldn't stop or fix that...

Ted.

[deepzero]

Would the Crackme Subforum entirely disappear? I think advertising it as challenges in the forum does have a certain appeal (.net spam aside).

[Teddy Rogers]

The intention is all existing categories, topics and posts will remain and be visible in the forum. Similar to the Archive category.

Members can post to existing topics. They will not be able to create new topics. New topics/ challenges would have to be created in Downloads. There will be a redirect link to Downloads in the forum's...

Ted.

[Teddy Rogers]

I am not getting much resistance so will assume this change is good to go in the very near future!

Ted.

[CodeExplorer]

22 hours ago, Teddy Rogers said:

I am not getting much resistance so will assume this change is good to go in the very near future!

Ted.

People may miss it only once it is gone. They may be not be aware of it.
How many new unpackmes was submitted there by users? From what I checked none.
I think that informing people about it while creating crackmes on the forum will be great, if you  still gonna apply this change.
 

Edited April 24, 2020 by CodeExplorer

[kao]

Let's just face it - the entire crackmes section here is not what it used to be. 

Moderators fail to filter out all that "I changed 2 lines in ConfuserEx and renamed it to l33tprotector" crap. So, the entire "Unpackme (.net)" section is filled with those.
Native unpackme section consists of "I used demo version of {commercial protector}, teach me how to crack it" type of challenges. Does anyone actually give a sh!t about those?
 

Changing the submission form will not fix any of that. So, maybe it's time to say goodbye and close that part of forum for good?

[Kurapica]

I partially agree with kao, but not to the extent of closing it

Maybe more strict rules to stop that kind of ill content is a better idea.

 

[Washi]

2 hours ago, kao said:

Let's just face it - the entire crackmes section here is not what it used to be. 

Moderators fail to filter out all that "I changed 2 lines in ConfuserEx and renamed it to l33tprotector" crap. So, the entire "Unpackme (.net)" section is filled with those.
Native unpackme section consists of "I used demo version of {commercial protector}, teach me how to crack it" type of challenges. Does anyone actually give a sh!t about those?
 

Changing the submission form will not fix any of that. So, maybe it's time to say goodbye and close that part of forum for good?

Changing the submission form can fix it, if a solution to the challenge is a required field to fill in by the author, and a moderator is willing to verify the answer. Moderators should then be able to judge whether the challenge is original or interesting enough without having to spend time figuring out what is going on in the binary themselves. As stated before, this has the downside it would not allow for challenges using new protections though, which is I guess a point of discussion.

Do we want to let this place go in the direction where we discuss new packers/obfuscators, in the form of crackme/unpackme challenges? Most of the submissions of "unknown packers" are indeed just lazy changes that break the detection mechanism of drag-n-drop tools, and are flat out just not interesting. When I notice such a challenge being submitted (it is usually fairly easy to detect such a lazy submission) I find myself skipping these immediately.

New obfuscation or packer techniques are interesting though, and I feel that discussion about them would definitely have a place on this forum. And I think there is no better way to learn RE (or anything for that matter) by practicing a lot (i.e. doing example challenges). With a system in place where giving a solution to your own challenge is a requirement would not only enforce challenge creators to be creative (as they would have to convince a moderator their challenge is interesting), but would also just generally improve the ecosystem and tuts4you would stay to its roots of being a place for educational content.

[deepzero]

Some of the old VMprotect crackmes kicked off great threads with lots of valuable information.

Maybe not a lot is going on there on a daily basis, but that could be due to the general stall in binary protectors and losing traditional forums to twitter et al.

A quality crackme/unpackme with a somewhat prominent place on the forum imo still serves as a nice bait to draw people into the challenge...

[Gorina]

My observation over the past few months shows the following categories of unpackmes/crackmes:

1. Genuine ones by members serious about RE: These are becoming more and more rare. These are the ones where the OP had put in personal effort to make them interesting and a real challenge to reversers, often using their own techniques to obfuscate or complicate the code.These are the ones that the likes of @kao and @Washi would enjoy. Here, the OP can post the solutions visible only to the mods.

2. Quick unpackmes/crackmes created from the latest releases of (commercial) protectors: These are quite common and submitted by many members including (in some cases) the vendors themselves in order to avail of the "free testing" here so that they could then go and patch their protectors. Noobs also post them in the hope of getting quick solutions for their unpacking needs.

For this category, the posters would not be able to provide solutions (as commented by @Washi above). If we insist on solutions to be posted along with the challenge then we would lose this category.

3. "Modded" ConfuserEx and the likes (by noobs): These are the bane here and are a dime a dozen. Well hated by experienced reversers who come here only for the sake of pure reversing knowledge. Solutions can be asked but this category only irks most of us and is best done away with.

This category is mainly from the noobs who want to "protect" their plagiarized tools and re-sell them after "protecting" them with the "modded" protector. So they just give a quick trial of their handiwork here to see if anyone here would be able to crack their mods. Then they go ahead and sell the plagiarized tools on underground forums for a few mBTC.

So, we want to keep only the category 1 for sure. If we keep category 2 then we need to allow the posting of challenges without solutions. Manual moderation is the only way in my opinion.

I would say that @Teddy Rogers idea works fine.

[Progman]

I think if no solution is being provided to be verified by a moderator, then details about why and what commercial protector, or some sort of strong justification is given.  In full agreement with deepzero, this way good VMP discussions can be generated still, when everyone studies and works on a similar base target.

[Teddy Rogers]

22 hours ago, CodeExplorer said:

People may miss it only once it is gone. They may be not be aware of it.
How many new unpackmes was submitted there by users? From what I checked none.

Intention would be to have a link from the forum. Its not been promoted so I don't expect anyone to post there yet.

16 hours ago, kao said:

Changing the submission form will not fix any of that. So, maybe it's time to say goodbye and close that part of forum for good?

I have previously expressed my own thoughts in regard to .NET unpackme's and it would seem we are in a minority. If someone can come up with an acceptable list/criteria that (ConfuserEx) variants need to meet to satisfy most people I am more than happy to implement it. Just need to know the middle ground between two lines and two thousand lines of code changes to be deemed acceptable...

Ted.

[deepzero]

Can we relax or better yet lift search frequency restrictions for full members? i doesnt happen often that i search, but when i do it often takes a 2-3 searches and i reliably hit "wait 15 seconds before next search" and lose my search term and previous search results...

[Teddy Rogers]

Can you give me an example of a search that is taking 15 seconds to complete as that should not be happening?

Ted.

[deepzero]

The search completes instant, but in between two consecutive searches I have to wait ~15 seconds, and if i hit the search button within those 15 seconds i am redirected to the "please wait xx seconds between searches" page which also loses my search state.

search -> not happy with results, modify search terms, click search again -> "you have to wait xxx seconds to search again" -> now i have to re-navigate to the search page and restart the search.

 

[Teddy Rogers]

Oops... misread your first post. Now I understand.

I have made some changes, give it a test run and let me know if not all good...

Ted.

[deepzero]

perfect! Thanks teddy.

[BlackHat]

Hi, @Teddy Rogers I can not see the Reps of any Profile. Please bring back this one like the recent Times. It is very necessary to see the contribution of anyone without visiting their Profile.

Edited June 25, 2021 by BlackHat

[Teddy Rogers]

It's changed in the latest version of IPS Community. I think it may require theme changes to get it back...

Ted.

[LCF-AT]

Hi Ted,

could you change the default theme back to light?Or maybe its possible to save the theme settings for every user after login?Not tried yet.Just see that I get the dark theme to see since 2 days.

greetz

[MarcElBichon]

50 minutes ago, LCF-AT said:

Hi Ted,

could you change the default theme back to light?Or maybe its possible to save the theme settings for every user after login?Not tried yet.Just see that I get the dark theme to see since 2 days.

greetz

At the bottom, change the Theme 😉

[LCF-AT]

Hi again,

yes I see and know the button to change the theme already. I just did wonder why the default enabled Light Theme was changed to Dark Theme few days ago.So today I just see that after login my default theme was set to Light Theme (what I do prefer).Seems that the forum does remember that user choice already.In this case all is fine now.

greetz

[w00she]

Hello @Teddy Rogers Can you add a sub forum for Linux reverse engineering and exploit developement ?

99% of tutorials are for windows , why not discover new things about Linux.

how about making sub forum for Ghidra too

tutorials on native apps reversing are outdated , All I see these days is people talking about .NET like it's the only thing to reverse... anyway that was my humble opinion

Greeting