Hi everyone,
I wanted to see what people think about the projects posted so far. We had a simple serial protection program that was easily figured out by all participants. The second one was by Kayaker which involved patching and a keyfile. This project was a bit more difficult and exposed people to new tools and techniques.

What I'm asking people on this board and people participating in the projects is to post comments on what they thought of the first two projects, were they too hard, too difficult, about right, etc.

Than post some comments on what kind of projects you would like to see in the future, keeping in mind this is a newbies project forum so dongles, flex-lm, encryption/decryptions and the such are out of the question at this point in time.

Thanks

Goatass

hi,
IMHO timmy's project was about right as the next step. It was'nt that difficult and if
the moderators are'nt setting a new project then wher'es the harm in somebody else doing it?. I was thinking about the next one myself. If you rule out
encryption, packed targets (which in most cases can be unpacked with a tool) then
whats left?. Don't misunderstand me this is not meant to be offensive.
regards
hz

Hi Hz,
I'm not offended the reason for this thread is to hear people's opinions. I think that Timmy's project is not hard but it's not quite suitable for newbies especially as the 3rd project, a little later on sure but not just yet. We need to take things slow, just because you understand how to trace with SoftIce doesn't mean others do and when you have to trace through Delphi code you must learn to rule out certain pieces of code which are irrelavent to the protection.
Another thing that I go buy is the number of responses to the project. First of all Kayaker's project is not fully completed there are people working on it still so you can't start a new project until the previous is fully completed by everyone. Second the only people trying Timmy's project is Kayaker (an advanced cracker) and yourself (I don't know your level of skill). That is enough to show that either the timing or skill level of the project is wrong.

I didn't rule out packed program, I guess I wasn't clear. By enc/dec I meant programs that can not be decrypted/unpacked by generic tools or that involve multiple layers of encryption. We need to learn to understand enc/dec routines not be robots and just use tools because as you get to more advanced program those tools will be useless and you will have to understand the code and write your own tools, this is where these projects are suppose to take newbies.
Even packed program are not the best targets because when using Procdump for example the person has no idea what Procdump did therefore beating the purpose of teaching packing routines. This will leave the person with once again the simple serial protection (or whatever protection it may be).

p.s. feel free to comment on anything, I want to hear what you have to say.

Goatass

Hi goatass,

Since comments were requested, here are mine:

1. I think tasks were just right (I mean difficulty level). In my case the crack itself (a patch or finding valid serial) was much easier then fully understanding how the protection works. I got stuck few times, but with the help received from moderators and other participants I was able to proceed until all became understandable.
2. As regards new tasks I can hardly suggest anything - I still know too little. For example do all protections (at newbie level) use same pattern e.g. input from user or from hardware is converted through math/logical operations into valid serial and then compared with the entered one? Frankly speaking I don't believe it (too easy, isn't it?).
Maybe we could try some crackmes with "unusual" protection scheme?
I would like to move from easier to harder tasks but I also realize that I have to learn walking before I can start running. Do I walk already? I know I don't.
Of course I don't take private classes in reverse engineering here so I will really appreciate any initiative and work on it to the degree I'm able to follow.
3. Finally I want to thank to all of you that made this kind of activities possible. Let's hope you'll have time and patience for many future projects.

P.S. I have the feeling that I am the "newest" newbie on this forum. My opinion therefore may be irrelevant cos I see it as sort of "primary school" and not (yet) as HCU.

Regards
JaneK

Hi goatass,

I agree with your summations regarding the relative difficulties of the projects that have been posted. To that end, I think Kayaker's project was great because the task spanned the whole range. As I have mentioned before on this board, that allows the individual to take control of how far they want to go. Those that want to learn will push forward to figure out what is going on and help a few of the others on the way (as JaneK pointed out above), those that just want to figure out how a serial protection works will probably stop there, and so on.

There appears to be people reading the discussions but not a lot contributing to them. I have tried to provide detailed explainations of how I solved the individual tasks because
1) to explain it I need to know what is going on and
2) examples of how to use particular tools are useful

If someone wants to comment on whether this sort of detail is warranted (or needed for that matter) on this board, then the guidelines for future project discussion can be better defined.

cheers
Mersenne

JaneK and mersenne,
Thanks for the response, JaneK just because you are a newbie your opinion matters more. To answer your question about serial protections. Well in 90% of the time there is some kind of user input which then gets calculated and a real serial is generated. Now many cases it's not so easy to crack because the math involved gets much more complicated and spans over a larger part of the program (you need to trace through alot of code). Encryptions and Hashing could be done to the real serial so you won't be able to read it from memory. There are other things that could be done to make this simple scheme much more difficult to reverse.

mersenne I'm glad you liked Kayaker's project it was a good one.

What about tools ? Where there any tools that you wanted to see being used ? were there tools that were used which were not clear to you how they work ?

keep the comments coming.

Goatass

Now janek is more advanced then this newbie. I for one am a true beginner. I have read the excellent Krobar tuts and many others. I am familiar with sice, dasm, hiew dede and others. I have patched, used patchers, and done some serial fishing. I have played with crackmes, a few programs and attempted to expand my limited knowledge. I know nothing about calculation schemes, keygens, dongles, encryption etc. I am a "hands on show me" kind of person. As you know,some tuts assume knowledge many of us don't have. Mersenne is an excellent teacher but is way above my level. Perhaps two projects are warranted one for the really new and one for the advanced on the board. Your thoughts, GoatAss?

Hi folks,

Goatass, I agree totally with your views on the forum thus far. I only wish I could be more help. I've started a new job, working 60-70 hours/week, and trying to make a good impression (read "kissing ass" hehe.

I still try to browse the board daily and help where I can, but actual reversing time has eluded me lately.

As for suggestions, I think if we keep it simple for another 2 or 3 projects, we could maybe find a simple VB proggy. Something with a simple protection, yet utilizing the runtime .dll will force "students" to think a bit more creatively about tracing code.

Of course this would entail a few preliminary threads on VB tools and how to use them ;-)

Well, that's my 2 cents worth, off to the newbies forum b4 I go crash for the evening.

Regards,
?ferret

Hello everyone. Sence you asked for my 2cents I will give it. I have participated in kyakers project and while the protection scheam was very easy to crack (about 2 min worth) it was the other parts of the project that asked you to look deeper at the program that I found worth while. I consider my self an advanced beginner at cracking so something harder would be ok with me. I don't see why there couldn't be more than one project going at a time. With thoes interested participating in the one(s) they liked.
As an advanced beginner I find that a protection scheam that I have seen befor is easy to crack but there are a lot of holes in my knowlege. So different projects that cover varying scheams would be nice.
Peace,
()whore

Quite honestly, I like the direction the projects have taken. I have read, printed, and gone through many tutorials and although I probably got more out of them than I first believed, I feel that you all have given me and perhaps others, more “ground” level information – which is what I for one had previously asked for and have gotten.

As far as for the level and the type of projects are concerned, I feel that they have been on a newbie level – the serial number generators are not very important to me personally at this time. I would like to see the serial number projects continued as they seen to abound everywhere. I currently have a teacher’s grade book written in Delphi that I am working on and have not made very much headway with, but I also have not given up on it. As time permits, the level of proficiency increases, and the moderators see fit, I would like to see some projects that deal with disabled functions such as print and save.

Again thanks for taking the time to furnish us with these projects and asking for our input!

Hi Gang,

Great timing on the question Goatass, and I'm glad everyone's responding with positive suggestions.

Mersenne mentioned something about whether putting a lot of detail/effort into ones responses to a task is warranted. And also to how many people are actually reading and learning from the threads but not necessarily taking an active part in them. The 1st part is totally personal of course, and some days you may feel like writing something or nothing at all, but I find if you can succeed in making someone else understand a point it helps in your own understanding of it.

As for the 2nd part, that would be interesting to know. There's maybe 8 or 10 active participants it seems, if that. Are there any Lurking Newbies out there who are getting anything out of this? Don't be shy, knowing you are out there would help us both in designing projects and for the people who are replying to know that their responses may be helping someone else. If it seems to remain the same core group of 'regulars', then people may stop explaining certain "basics" that they know everyone else already knows, and any new people may quickly feel left in the dark. While we have started at a Newbie level, we don't want to create a clique of "Elite Newbies" that moves on while forgetting their roots.

That said, if there are 2 or 3 levels of skill, as there seems to be, then we should continue to make sure the tasks span the range if possible so no one loses heart, or interest. I don't see a problem with the odd difficult crackme or whatever thrown in occasionally, as long as the board doesn't get too cluttered up with too many projects at once. Unfortunately we don't have a separate board for more advanced projects, so it's either here or the Newbie Forum. I personally enjoyed Nchantas 'unusual' unpackme. Though I haven't successfully unpacked it yet *grin*, I did learn a lot in the trying.

I fully agree with Goatass that we shouldn't use Procdump etc. as a blind tool, but at some point (later) we should definitely cover manual unpacking of simple packers such as Neolite, UPX, etc. using Procdump, Icedump and maybe even TRW.

As for the next project, VB might be a good one (hurry up and impress your bosses ?ferret, we need ya back , or maybe a Save/Print disabled target, there's a lot of those around. And let's not forget the venerable Nag Screen...

Again, any Lurking Newbies out there who are getting anything out of this forum? We need a show of hands.

Cheers,

Kayaker

Hi Kayaker,

There are many lurking newbies out here that check out this forum every day. So, here is my "show of hands".

The project tasks, for this newbie, seem to be about right. By the time I get stuck, another newbie has already posted a question or answer that gets me moving again. I'm real slow.

Thanks to all involved with these projects. You provide a valuable educational service.

Regards,
Kugi

Hi everyone and thanks for the input.

All your comments really help myself, kayaker and anyone else that has a project in mind for us head in the right direction. Like Kayaker mentioned there are alot of newbies that are just reading the threads and not posting anything and this does cause a bit of a problem when explaining things. That is why we can't jump from a simple serial protection project to a packed target or a similar advanced project.

Another issue that was raised was working on projects with a broad range of tasks, this is good but we have to watch what kind of tasks and how many there are. We got to remember that if you already know how to do something that doesn't mean someone else that is reading the thread does.

Anyways, I already have some ideas of new projects, if someone else has any ideas of projects that they would like to see feel free to e-mail me.
But please don't just post your project otherwise there will be caos with everybody posting their projects. Lets go a project at a time.

Keep the comments coming....

Goatass

Hey, yeah heres my 2 cents...

MovingPix was a good intro, nothing PARTICULARLY new, but as you can learn something from everything, I admit I learned about the GetVolumeInformation function, which is something I had never encountered before. They kegen was simple etc., but its all good.

MFR...EXCELLENT project. I learned a lot about delphi, and the tool DeDe which I had never used before. Keygen wasnt really simple, but I could follow it, and the whole 'crypt key' concept was cool too. A lot of things learned in one project.

HappyIcon("Kayakers Project"...Nice project. I liked this one because it went in something of the format that the old Sandman-moderated projects went long time back. Also, this really had clear cut tasks and everyone could take it just as far as they wanted, depending on their level of newbiness. I personally did the first 4 tasks, then on the 'Bonus task' i saw it first and said "okay, screw this"...But after reading some posts and asking some questions I finally understood (though Kayaker more or less told me the solution, lol)

Next project...I think that packing is a really good idea. I dont think it should be too complicated, and we should have it something in the format of 'Task 1: Unpack the prog', and 'Task 2: Crack the prog (keygens, patches etc.)', so it can be divided up by interest. I think that if we do htis , I am personally VERY new to unpacking, and a good deal of guidance would be cool....Almost a tutorial, only like "real time", rather than simpyl reading a doc. and following directinos...kinda make it "unfold"...If the moderators/advanced reversers could coordinate something like this it would be awesome!

ThraX, very good comments.
As for the packed projects that you want to see that is a good direction although there is a bit of a problem there because pretty much all packers today are advanced packers meaning they are not for newbies. In order to unpack them you will need to know the PE header pretty good, section headers, import tables and IAT. It would be very hard to start explaining all of this for one project that's why I want to move slowly and not jump to packed files this way we could have a project that will introduce something to do with the section headers, then a project to do with some imports and so on until people are familiar enough with this information so we could move to packed targets. Otherwise the only way to do a packed target would be for the advanced crackers to basically say "ok do this, then this, then this....etc." and that's not teaching anyone anything.

I will keep my eye open for targets packed with simple packers that we could work on, if someone know one feel free to e-mail me.

Goatass

Greetings :-)

MANY thanks to all who are making this learning experience possible! And now my own few cents...

As a newbie to reversing, I feel that these projects have been at just about the right level and I've learned something new from all of them. From the first project, I learned about the GetVolumeInformation function which I did not even know existed (must less that it could be used in a serial calculation). From the second project, I gained exposure to Delphi and the Dede decompiler since I had had no prior experience with programs written in Delphi...And Kayakers project has been great too. I got kind of busy in the last week so I haven't finished the CRC or keyfile, but I'm still working on it. Once again it is a great learning experience since this is also my first exposure to a keyfile!

I have read many tutorials, but I feel I've learned *more* from the hands on discovery approach of the projects than from reading an already made solution in a tut.

I have to admit, serial / keygen protections are where my experience lies and I have little to no experience with packing, keyfiles, and other more advanced topics...but I am ready to test the waters a little so to speak...and though I've learned something useful from all of the projects, I have perhaps been the most intrigued with Kayaker's project because it has opened my mind to some new concepts...resource editing, CRC checks and keyfiles, on a *simple* level that it is possible to understand and build upon. I would love to see some upcoming projects tackle these angles a little more. Maybe another simple CRC or keyfile where we could apply what we have learned in the previous projects.

Anyway, just a few of my thoughts/comments
and a BIG thanks to the moderators and project initiators for your time and effort to help us newbies!

Cheers :-)
Clandestiny

Hi all,

This is all shaping up very well Just a few comments and responses. The number in parentheses is just the post above where the issue was raised, so you won't have to hunt it down.

Goatass: (6) WRT tools, I remember when I was wetter behind the ears than at present that I had difficulty when some things were not explained properly. For example, not ever having editted a registry key before using regedit I was a bit plerplexed by it all until I read a post from Jeff (the ice penguins still botherin you ) which explained it perfectly, no trouble since. I see some mutterings below about VB proggies so if we venture down that road, I think the *reasons* for the changes we need to make to our tools to cope will be important.

Kayaker: (11) I find that writing in detail is very helpful as I need to understand what I'm writing before I do so. If no-one finds it annoying or fun spoiling, then I will continue doing so. It's a bummer that code doesn't post too well on this board.

WRT the basics, I have an idea for a work around but it needs a little more thought and then I will float it for comment.

Kugi (12): Don't worry about being slow, I'm slow myself. Unfortunately life doesn't slow up and let me get on with more interesting things I'll reiterate the comments above; if you have a question, please ask. Odds are that someone else will be in your shoes. I have found the inhabitants of this board will often go out of their way to help and to quote the most famous electronic book are "mostly harmless"

I agree with Clandestiny in that a bit of variation keeps the brain humming along. I need to attend to other matters for a few days so I'll get back when I can.

later
Mersenne

Hi reversers,

I think this newbie project area is a great idea, but i do think and agree with many others that it could be even better if there were maybe a few projects taking place simultaneously. I know at first this sounds like it might get a bit messy, but if there are only 2 or 3 and the threads are labled accurately, then I don't really see a problem.
For Instance, the projects could still be numberd project 1,2,3 etc, but a level indicator could be added e.g. (bas)ic, (int)ermediate, (adv)anced.
Another idea might be to have a theory section whereby the moderators/advanced reversers could teach us important fundamentals and then test our understanding with questions. I think this would be very valuable because it would be like a two way interactive tutorial. Tutorials par se are good, but I've often read one and thought: "how the hell did he arrive at that!", or "there you go again assuming your readers have that prior knowledge". Don't get me wrong tuts are great, and we all need them. But, what I am saying is this: how wonderful it would be to learn important fundamental concepts from a tut like teaching tool, and then be able to clarify any misunderstandings or grey areas by questioning!
Another advantage here would be that any moderator/advanced reverser running a "hands on project" could, from time to time, check the last few "theory projects", and then base their projects accordingly. In this way all active projects although possibly on different levels, could all be related if need be. I think that all this would introduce more flexibility and choice to the board which at the end of the day has to be a good thing!

Anyway these are just ideas, and it's my hope that even if none of them are taken up, maybe at least they can be a springboard to others.
I hope my views will be of some value - it's boxing day as I write and the drinks are flowing freely: hope I've made sense.

Merry xmas & happy new year all, and long live this board!

xOptiMus (well oiled)