Jump to content
Tuts 4 You
Sign in to follow this  
zdox

Reverse Engineering Dead(Private) Or Alive FOR ALL!

Recommended Posts

zdox
Posted (edited)

Is everything going PRIVATE or knowledge stopped being shared ?

Unpacking => Private ...

Tutorials(Patching , keygens)   ==> Private ...

New techniques ==> Private ...

knowledge ==> Private .. 

 

So what we left for the others for this Scene ??  The only thing that left is nothing some old books and old school techniques  and nothing else... Why ?  

Edited by zdox (see edit history)
  • Like 1
  • Thanks 2

Share this post


Link to post
kao

This forum is overrun by lazy-ass noobs who don't really want to learn. They want to have a youtube video and automagic tool for everything. Ready-made tools are private for this exact reason.

People who want to learn will find the necessary information to learn the basics. And once you show you've done your homework, knowledge and techniques are being shared freely. Maybe not 100% public but via PMs and chat.

  • Like 2
  • Thanks 3

Share this post


Link to post
zdox

Yeah i agree 100% with you but what we will left for the next generation ...  there is my question ... 

  • Thanks 1

Share this post


Link to post
Teddy Rogers
22 hours ago, zdox said:

Is everything going PRIVATE or knowledge stopped being shared ?

What makes you question either of these?

Private: There are occasionally some techniques, practices (and tools) kept private to stay ahead of the game. Nothing has changed much over the years in this regard as far as I can tell.

Knowledge: As @kao already mentioned most of the core techniques and information is out there to be discovered (in these forums for example). It only needs a willing and proactive individual to expand and develop on this information. As everyone seems to have their own blog (or YouTube channel) these days these generally seem to be the new format for tutorials.

One day... when all my children have grown up and left home I can get my life back and get back to RCE and making traditional tutorials. Hopefully the RCE world will be an entirely new and interesting place to explore... 👍

Ted.

  • Like 8
  • Confused 1

Share this post


Link to post
dangducluan

@Teddy Rogers I check download unpackme or script same all error "File Not Found". Tutorial remove all bro?

image.png.72b480d85c826f984826f66344420aab.png

Share this post


Link to post
Kurapica

I blame high speed internet and HD porn ! :D << just kidding

The knowledge is out there, as my friends already said, you just need the motivation to learn and explore, it's time-consuming and

the new generation wants everything ready and they want it quickly.

  • Like 2
  • Haha 2

Share this post


Link to post
CodeExplorer
Posted (edited)

In general, the scene is less active, (than on old time). Dead??? Hell no.

@zdox: Which are your points of interest in RE?
 

Edited by CodeExplorer (see edit history)

Share this post


Link to post
Progman

I think that to add to this, many apps worth reversing nowadays tend to use more sophisticated techniques in the past.  In older times, things could be cracked often in mere minutes which was a motivating factor.

Most people start with a target in mind, and their patience to learn is quite thin.  Nowadays, you may have to learn to unpack, advanced cryptography, anti-debugger techniques, details of security permissions, etc.  Windows itself has evolved into a much more complicated beast making the learning curve much steeper.

I remember the days of SoftIce and what a wonderful tool that was.  Nothing even compares to it to this day.  Although there are suitable alternatives, it was trivial to install and get started immediately.  Now its a lot of complicated details to get going with tools.

We had websites like +Fravia which were simply fantastic reading and offering fun challenges designed to make people think more deeply about reversing, not merely reversing of computer code.  How to search was emphasized so much, and this is part of the reason that people became independent solvers.

But we have tools like IDA Pro and Ghidra that have also made analysis quite a bit easier.  We have faster and more powerful computers and an internet even more full of knowledge, if one knows how to find it.  Some knowledge has become obscured by certain mainstreaming and politicizing of information designed to bury other information, and it would be nice to have better searching capability again, not just some commercialized nonsense that has decayed.

So high learning curve and people with low patience, and usually choosing their initial motivation as an out of reach target that will require learning a variety of reversing disciplines has raised the bar.

My prediction is that when the older generation retires, there will eventually be a new generation who will revitalize the whole thing in their own style.  There may even be a generation skip here, as a pretty dead and flat generation can often lead to a really good generation after.  One generation trying to make up for their mistakes by raising children better.  The rapid spread of technology and social media caught the prior generation by surprise, and has led to a correction generation.

If they really need YouTube videos and auto-magic tools, then they will make them and get them.  We really have a different style and culture from them, and whether we respect this new way or not, supply and demand will eventually work itself out.

  • Like 3
  • Thanks 1

Share this post


Link to post
Nemo

Older tools and techniques have stopped working for many different protectors but through studying older material it is possible to understand the inner workings of certain protectors and adapt to changes made to stop cheat scripts and tools.. Time and patience is required to learn this art. Unfortunately for most older reversers work, kids and real life get in the way. Older tutorials teaching PE structure, Import tables, export tables, resources,delay imports, relocations and anti-debug techniques are still quite valid. You want to learn study it can't be done fast track.

  • Like 1

Share this post


Link to post
mrexodia

I think a lot of public knowledge sharing is going on, especially in the field of malware analysis with many good YouTube channels and blogs covering basics. It just looks like people move to social media (Twitter/Reddit/Discord) to discuss things and traditional forums start to show their age. There is also a very active CTF scene with many techniques and tools being shared (tools on GitHub) and it appears that the cheating scene is also still very active. If you look at more academic sources there are a lot of techniques published (frameworks like miasm/angr/triton or LLVM-based techniques) and there are still many things to be learned, you just have to be willing to put in the time.

Obviously nobody is sharing tools for VMProtect/Themida/whatever, in my view simply because there is a lot of money to be made there, but a very similar thing has been going on in the dongle scene for years and that's nothing new.

  • Like 3
  • Thanks 1

Share this post


Link to post
Tigole

 

On 3/7/2020 at 1:35 PM, zdox said:

Is everything going PRIVATE or knowledge stopped being shared ?

Unpacking => Private ...

Tutorials(Patching , keygens)   ==> Private ...

New techniques ==> Private ...

knowledge ==> Private .. 

 

So what we left for the others for this Scene ??  The only thing that left is nothing some old books and old school techniques  and nothing else... Why ?  

One of the main reasons why solutions for complex protectors are not shared is because forums like these are the haunt of the protector software vendors as well, who use the reversers as "free testers" in order to improve their future releases.

Which is why, the moment someone releases a solution, within the next 2-3 days, we find that it no longer works, as the vendors would have patched it up.

This is the main reason IMO why everything is declared as "private" these days by the veterans, who do not want to spend hours once again, creating another solution for the protector.

6 hours ago, mrexodia said:

Obviously nobody is sharing tools for VMProtect/Themida/whatever, in my view simply because there is a lot of money to be made there

Money is one thing, but many of these solutions are shared free-of-cost on private forums within private sections, which means that money is the full reason.

Vendors are on the lookout for solutions so that they can render the published solutions ineffective, many a time posing as innocent requesters. That is the reason that such solutions are made available only to vetted members in certain private forums.

 

  • Like 2

Share this post


Link to post
Progman

I think the vast majority of vendors do not have protection as a high priority.  This is only a smaller group of unique vendors largely who have programmers who have taken a particular interest in the field.  What you describe without a doubt is happening but only in this niche, and we can name the handful of products and technologies and companies involved mostly.

After all the industry leader in software Microsoft has largely set an example of giving products away almost for free to establish market dominance.  Then they find profits through alternative channels like exclusive deals with hardware vendors and the like, or large business support contracts.

Most developers are more interested in developing their product than playing the cat and mouse game with the reverse engineers.  Unless they have a passion for the lower level aspects of code, its doubtful they are very interested in developing something without a rewarding look and feel result.

It usually at best goes from low priority to medium priority when its a consumer product and the vendor is losing significant business due to piracy.  There are still plenty of easy to crack apps, whose cracks end up working for innumerous versions.

And with service model moving into play everywhere for so many apps, its totally changing the traditional model so that protocols and banning abusers is the way many app makers work, such as on Android.

  • Like 1

Share this post


Link to post
4D43

:protest:

Share this post


Link to post
Motoko
On 3/7/2020 at 3:35 PM, zdox said:

Is everything going PRIVATE or knowledge stopped being shared ?

Unpacking => Private ...

Tutorials(Patching , keygens)   ==> Private ...

New techniques ==> Private ...

knowledge ==> Private .. 

 

So what we left for the others for this Scene ??  The only thing that left is nothing some old books and old school techniques  and nothing else... Why ?  

Because the internet Police have managed to push people into private forums..The fearless, crazy kids of the Wild West days of the Internet, putting everything they did on show for the world to see,  are few and far between.

Sure, you can download a 20 year old tutorial, but good luck finding the target program.. 

Try finding an active group page, with tutorials and current targets... LOL

Just look at the period from 1995 to 2000 in the reversing scene and look at it today.. Try posting a Tut here with a link to the the target App on a shareware site and see  how much trouble you get into.  Back then it was encouraged, so was getting info into the public domain, but things have changed.

There was a time when reversers played cat and mouse with developers and were quite happy to have the developers "patch" their protections , so they could defeat them again, with an all mighty belly laugh!! :)

To hear that they are now keeping them "private" so the developers don't know, sorta makes me laugh...What's the point..after all it's a hobby right? :) 

The best you can do is find any information that is still available and do your best from there. It's a lonely road to travel these days.

 

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...