PDA

View Full Version : Reverse Engineering Websites


manningda
October 4th, 2007, 10:21
All:

Couple of things to start with:

1. Extremely young programming experience -- Working very hard to understand all things, but please be prepared for questions that have obvious answers for a little while.

2. Best attempts have been made to review / search existing posts before starting my question. Apologies if I overlooked something and will gladly follow links back to exisitng data if necessay.

That said...

Have a client who is asking for some enhancements to a site that shares a very active linkage to another 3rd party site.

In reviewing the primary client's requirements and designing his new features we are seeing areas where an in depth understanding of the 3rd party site is becoming more and more critical.

3rd party designers and maintenance have left the picture and basically the site is not maintained. Likewise the client's access to the servers is not very staightforward and a little complicated.

Hoping the client can clear up the communication for some 1st hand access to the server and data, but in the meantime have some exepectations for results that have us researching RCE proceedures to try and answer some of our active questions.

Seems basic site mapping and diagramming are obvious 1st steps, but is there a particular method or focus within RCE that deals with remote review of HTML data? (Assuming HTML for now...)

So far all RCE guidance seem focused on scenarios where files, exe's, and the basic program is acceissible from an administrator level acess. In other words the engineer has the exe or some variation thereof that can be disceted, reviewed, etc.

What about when you're trying to understand what's happening behind the Curtain on a particular site?

All guidance will be deeply appreciated!!!

Aimless
October 5th, 2007, 00:17
Here is what I think you may decide to get cleared:

1. Cracking is different from Hacking
2. When you have a HTML codebase, and its not behaving the way you want to, reverse engineering it and finding out what it does is Cracking.
3. When you DON'T have the HTML codebase, and are asking way to access that site, SO THAT you can download/see the codebase, you are stepping into the Hacking domain.

I, for one, am no hacker at all.... Maybe there are some who are in this forum. Maybe you are in the wrong forum IF you are looking for point 3.

You can continue asking questions, but I doubt they will be answered if they are of a more "hackerish" nature, pardon the lack of clarity in the previous word.

Best of luck anyways. Hope you and your company do manage to do things that you are supposed to.

Have Phun

LLXX
October 5th, 2007, 01:20
As you can see, we don't deal much with that in these forums, hence you won't find anything much here.

You or anyone else can just view the sourcecode and figure out quite a bit, but if your target site is using dynamically generated content from a database or similar, you'll need access to that database. Preferably the whole server, but r00ting is best left to the "Hacking/Security" websites out there.

naides
October 5th, 2007, 07:08
If I may. . .
You provide not enough detail about what exactly your client is requesting from the server: large pieces of code or data? sending info to be processed there?

I understand you may not even have such information. Why not start with installing a packet sniffer and see what sort of "questions" your client asks from the server?
another complementary strategy is to set up a local, fake server that sends some arbitrary packet, in response, to your client. By studying how the packet contents is processed you may understand what the client expects from the server.

Better yet, if the original server still runs??? whatever clunky, monitor the client-server conversation with a packet sniffer, see what you can learn from it.

manningda
October 5th, 2007, 08:34
Thanks to all for the clarifications and suggestions.

Very interresing idea re: packet sniffing Ill definately look into that!

Realizing "hacking" can be a very "hot-button" term with alot of negative connotation.

Any reccomendations for a source for an "in-the-clear" guide on "friendly-hacking" --- no interest in breaking firewalls, phishing or trolling for bank accounts. Just some advice on common points to review when trying to approact a WA from the outside in.

Ill take silence to = no on that last question

Continued Thanks!!

dELTA
October 5th, 2007, 13:16
I absolutely do not agree with Aimless' definitions of the words hacking and cracking. I would rather say that the difference between the two alternatives presented by him is "code reversing" and "blackbox reversing". Both of them, and anything else reversing related is indeed welcome to be discussed on this board, within the normal frames and rules, including a good portion of own hard work (ok, within some bounds, history shows that taking LSD combined with an all too big ego can get you on a downhill ride, including lots of silly talk about "reality reversing", but other than that anything's fine ).

"Hacking" and security are often, I'd even say in the majority of cases, very related to reversing on some level, and anyone who really knows anything about it would agree to that. We absolutely don't just reverse win32 executable code here, so any other reversing related topics like yours are indeed ok too, as long as they relate to reversing, which this absolutely does!

Contrary to what some people above in this thread seem to think, I'm pretty sure that quite a good part of our members are also at some level into "Hacking" and security. I know for sure one that is, and DAMN is he good looking too...

JMI
October 5th, 2007, 13:25
And his "modesty" outshines, by far, all his other humble personal "traits." Why, when he walks into a darkened room, it is filled up with a "heavenly glow" ... and the sound of angels singing, "Ode to Joy"!

That's why we love him.

But, on the otherhand, as they say, it's not brag if it's just fact.



Regards,

manningda
October 5th, 2007, 14:35
---k---
The "mutual-admiration" exchange between Delta -n- Jmi aside...

Thanks Delta for helping bring my question into context.

The good news is that I think we're well around our obsticals with the client that kicked this question off, but now my interest is peaked. I really would like to add some skills to the bag for these scenarios where the customer says --- "Make me look like that guy."

(Sounds like that probably happens all the time to Jmi...:yay

ANYWAY....

As I was reviewing this forum, I was also trying to do as much research as I could. Found a few interresting papers on WA reversing.

I guess my obligation at this point is to share the work ive been able to uncover so far.

http://www.csc.liv.ac.uk/research/techreports/tr2007/ulcs-07-017.pdf

http://www.ximl.org/documents/XIMLVaquista.pdf


Twice now Ive found reference to a couple of tools:

ReWeb
Vaquista
Teresa
Revangie

Unfortunately the only tool that was able to be searched out to an actual supplier / download was Revangie.

New questions:

1. Does anyone have any experience with any of the tools (or any others listed above for this purpose (Dreamweaver UltraDev4 was also mentioned, but fear that may be a bit too "build" focused to be effective for UnBuild)).
2. Does anyone have any other tools or references they'd reccomend?

JMI
October 5th, 2007, 15:31
Here's a search topic which might provide you with some relevant information:

Reverse Engineering of Web Applications

It's actually the title of an available pdf file, but I'm sure there are other relevant documents you could pull up.

http://www.csc.liv.ac.uk/research/techreports/tr2007/ulcs-07-017.pdf

And your searching "chops" might need some work. I took only a moment to find one of your "applications" It is a website which states:

Welcome to reWeb!
reWeb shows you where people came from to this page by analysing the referrer information, you could call it 'inverse link traversal'.
With reWeb, you get a list of related documents, without any further involvement or explicit coding of HTML page.

reWeb is especially useful for project oriented pages, as it may gather many related sites that link to this page.

For a free trial, you may create your own account below - everything is fully functional, but you have to upload your data manually.

Login or
Create a new account

Now this may only be an onsite test, I didn't check, it isn't my job to review all the possibilities.

As for some of the other "tools" might I suggest you attempt a search for each with the rather complex search criteria:

"toolname" download, e.g. Teresa download

http://www.betosoftware.com/teresa/download.html

certainly at least a "trial" version appears available for download. Do I hear "cracking challenge"?

Maybe try:

Teresa warez download

and other combinations, might also turn up copies of the "tools" loose in the "wild."

Regards,

manningda
October 5th, 2007, 15:57
THANKS JMI!!

I promise the "download" keyword was part of the searches, but I must have just looked right past the obvious links --- you were right ---- there they were...

Started with Vaquista since that was actually the first paper I read... but for all the decriptive work on the tool - a link to a source was just not to be found.

My 1st link for reWeb came back spanish. Shame on me for not paying closer attention in HS --- but you were right --- right next to it was the good link.

Teresa slipped right by me altogether --- I kept getting links to some singer and

Anyway, since most of the lit I was getting on a search on "Reverse Engineering WA" was sooo recent and discussing how "undefined" the field was I obviously wasn't reviewing the returns as closely as I should have.

THANKS AGAIN!

Ill take a look at your link and am looking foward to tinkering with the tools.

Thanks once more. Maybe after a little work Ill have something to share that others can build off of!

ciao

JMI
October 5th, 2007, 16:38
When you have a "spare" moment, check out +Fravia's (the original founder of these Forums) site "Searchlores" (linked in the box at the bottom of these Forums). It contains a wealth of information on how to "tune-up" one's searching skills. It has many valuable tips and much good advice on "how to find things on the web" through effective search criteria limitation and/or expansion to both direct your search and attempt to limit the "chaff" which you would rather not have to look at.

Regards,

manningda
October 5th, 2007, 16:54
...will do...
continued thanks!!

LLXX
October 5th, 2007, 23:52
So far you seem to have accumulated a lot of research, but you have yet to specifically say WHAT it is you're going to do with all that!

dELTA
October 6th, 2007, 12:32
And exactly why would he have to say "what he is going to do with it" in addition to:
Quote:
Maybe after a little work Ill have something to share that others can build off of!
Quote:
The good news is that I think we're well around our obsticals with the client that kicked this question off, but now my interest is peaked. I really would like to add some skills to the bag for these scenarios where the customer says --- "Make me look like that guy."


On the contrary, I think that these statements make it extremely clear "what he is going to do with it"?

And also, exactly what else can you do with information other than study it (and then hopefully even report back some results when you come up with them)?