Hi All,

Now that the ISP problem has settled down (emoticon for miscellaneous extremeties being crossed), it's time for some feedback on what people would like to see here, suggestions for types of projects and what they'd like to learn, and offers of new projects. For those who haven't participated before you can look at the earlier projects (find that thread-sorting box thingy and select 'from the beginning') and see the kinds of topics that have been covered.

The site was initially developed as a place for people to work on reversing projects together and learn from each other. Hopefully the projects would encompass a wide range of topics, covering different aspects of the subject. It's really up to everyone on the board who wants to participate to try to develop some interesting projects. It can cover protection, code injection, encryption, programming aspects of reversing, using the tools, anti-debugging, system modification, packers, languages (we STILL haven't had a VB-specific project yet introducing the basics of VB breakpoints!), and so on.

Ideally, over a period of time the projects would introduce newcomers to the different tools, techniques, and things to look out for when reversing. Preferably it's not meant for people to just throw up the latest proggy they can't figure out, but instead that they think this would make a good project. Usually defining a few tasks, from easy to more challenging, that the poster has already worked on gives people a few common goals with which to discuss things.

But it's really wide open. As always, this is a newbie friendly forum and was meant for people to feel comfortable asking questions. Ideally we'd like a range of projects that would appeal to all, some more basic, some more difficult. But this should also be a place to discuss any ideas people may have. General reversing ideas that may not fit elsewhere as a topic for extended discussion. Maybe some of you are working on a tool or program that you'd like to discuss or get help with? Would people like to see programming related discussions here? Any other ideas?

Might we start a group effort of some kind, dealing with a major reversing project of some sort? There was a suggestion at one time of having a multi-input project a la - sourceforge.net
(Yeah right, I know C., what's the likelihood


Just a few ideas for feedback. In the meantime there's always the old serial sniff or crackme project ;p

Cheers,
Kayaker

What up G's,

"what would I like to see"

Any project no matter how small or large.
Any target you all desire. (no direct links please)

Practice is the only way I/You/We can progress. I don't care if it's a 8 year old serial fish tut.

If I have to I will recirculate old/new/unknown crackme's just to keep people in the loop.

I'm a shitty tut writer and an even worse crackme writer.
But, If you don't practice then you will fall behind. ( I am living proof).

Post anything you desire, easy attracts the new, hard attracts the skilled.

Peace, Woodmann

Hello Kayaker,
I just finished reading Clandestinies tute on mixvibes pro, a project started in this forum. Great fun to read because I took part in the project. This project forum is realy one of the best places to learn how to crack. So keep up the good work. I haven't been cracking much but if I had a choice I would like to see a target dealing with VB.
Peace,
()whore

Hi All,
Hmm...
Perhaps (IMHO) we can start with something easy and then progress to more difficult stuff. Lets, for example, skip ActiveX and other component based reverseing for now, and start with something "general".

How about we start with:
1) simple name/serial - fishing
2) more advanced name/serial - calculating
3) simple time-trial - patching
4) more advanced time-trial
5) simple funtionality adding - notepad etc.
6) more advanced funtionality adding - disabled functions etc.
and so forth........

We should also try and keep the targets as small as possible,
(crackme's are sometimes excellent) and unbloated as possible - in order for us to distinguish the trees from the woods...

What do u guys think

I'm also the list-owner of the cracking4newbies group over at Yahoo.Groups - but haven't started anything...... ( i would need some mods to help with this group)........if it helps with anything we can also utilise that

Ciao,
.MeaCulpa

As someone still struggling with basics (& time), I tend to agree with Meaculpa.
The last couple of q's I've put on the newbies forum haven't got any responses and its frustrating spending hours poking around and not getting anywhere, particularly after reading zillions of tuts that don't seem to directly relate to what I'm doing.
Most of what I've learnt has been in this forum - as well as most of the support I've got. (Thanks guys)
The last prog I posted a q about on the newbies might make an interesting project for people like me as there are three ways to crack it - Serial, keyfile or 'repair' the print/save disabled functions. It's in vis C, not packed & looked like it was going to be easy when I first d/l'd it...... I've still not managed it, although I've not yet looked at restoring the print & save functions mainly because I'm fairly sure I'll be able to do it and the keyfile rebuilding or sussing the serial part was what I was interested in learning about. I think something like this might show that there are more than one way of skinning (some) cats and it would demonstrate three methods of approaching a target.
So, is anyone here interested in having a go at it - knowing that I still don't have a solution? (its h**p://progenysoftware.com/downloads/genelinestrial.exe)
Otherwise, I'd really like to see some basic stuff guys.
Scally

You're download is here:

h**ps://secure.max.net/cgi-bin/sform/progenysoftware.com/Downloads/GenelinesTrial.exe

cya, mh2k

Tnx,
The link I gave still works OK for me but I'll d/l the legacy & update files from this site to see if there are any clues hidden
Scally

Hi Scally6,
Well, repairing (you can hardly call it that) is really simple. Just a single byte change.
I know you rather keygen it or so, but I always go for the easy way.
maybe this helps

Fire up w32dasm,
Look for string "to unlock the software..."
scroll up, you'll see it's called from 42BC4B
from there scroll up and you see a conditional jmp.
Change to unconditional and it's fixed.
I think this jmp is where the prog should normally jump when it is registered and skip the unlock dialog.
Just before the jump the decision is made if the key is valid at call 42BC2F
Too complete it (make it pretty) you can disable the demosplash at startup.
The call from 42BC2F is called three times including from 44559E. Scroll down, you see LoadBitmapA. Go down a bit and you'll see a conditional jmp JNE. Change to JE and byebye splash.
You could also try to display a registered splash, if that is possible. I prefer without (less work and loads faster )
Cya,
mh2k

Hi mh2k,
Thanks - I must admit I couldn't figure where the check of the keyfile was despite the blatant clue in the listing but Id really like to work on getting the keyfile to function, rather than patching. (I know its crazy but I don't want the app, just using it to try to learn)
Maybe I can now work backwards becos I know the end point, so thanks again.
Scally

Hi Scally6,
well, learning that's what it is all about.
You will profit the most if you figure out the keygen.

I found with ResHack there are indeed as you said two splash bitmaps. Demo is 261 ~ 105h and registered 109 ~ 6Dh.
Ok, with ResHack you can replace the bitmaps, but this really makes it simple and it works too, but I'd rather solve it using w32dasm, without replacing a large bitmap.
Does anyone know what to look for in disassembly? How is this bitmap resource called? I couldn't find it.
any help is appreciated!
greetz,
mh2k

first, some thoughts. i see more and more progs going into some kind of protective packing for either the. exe and/or the .dll's associated with them. more things will also happen online. maybe the net will become a big repository for all of our future apps and the only way you'll access them is through password protected servers, etc.

with that said, maybe a section devoted to unpacking. we need more projects that deal with comtemporary projects that are packed in some way. everything that macromedia uses has been packaged to protect the app inside. ulead also uses a similar schema. we need intelligent tools to work with , including the best, our brains, and we need to know how to use them effectively from those among us who are more skilled in a certain area. let's have a thorough tutorial that is well thought out and covers everything about the project, and make no grand assumptions that those reading should be way up here at this level of cracking knowledge, or at least grade the tute possibly if you must. if the project needs to be unpacked, show us exactly how. if it's got messed up importtables afterward, show us exactly how to fix it. how, exactly, did you find that ghost-like eip? revirgin, come on, show us, walk through another tutorial on some useful app that you know is out there waiting on us. practice makes perfect, right?

i just saw the cryptography section here and i think that's important because more and more apps are being protected with a more complex schema than crc32. we need to know how to do that ourselves for our own apps and how to bypass it, too.

maybe a separate tutorial section like we used to have on fravia's old site--the student database. also make use of .zip and archive stuff for us so we can download, say, a whole month or year of tutorials. i do a lot of personal requests from people all over the world who want help cracking a prog and i write tutorials all the time. several are in the old database here, some are in the new and some have been on astalavista. i know we can upload stuff at the time, but a separate place just for writers and searchers would be welcome.

some people don't want to learn anything about what we know ourselves. all they want is a crack or a patch. that's ok, maybe there can be a separate area strictly for crack/serial requests with no intent of teaching going on.

thanks for the opportunity to find a useful outlet for our requests and dreams here, and for caring about the scene.
jomamameister

Hi jomamameister,
I like a lot of what you say but my vote is definitely against a request section.
regards

Hola Kayaker,

Hum... I dunno... I agree on a large base with Woodmann...

But back to topic:

You know as much as I do that it is rough to make it right for
everyone... It is simply not possible to start with the easiest and
work the way up to something harder as there are "new"
newbies coming in every couple of days wanting the easiest to
start with while other ones are already more progressed... (and
as it always is - no one ever checks the "old" threads.)

I think it should remain "as it is"... Life should just go on as usual.
Somedays there are more projects, some days there are fewer,
some days there are real easy challenges, somedays there are
harder. It all depends on the maintainer of the thread !

Newbies/Advanced are welcome to post and maintain targets as
long as it doesn't sound like a crack request (and of course as
long as they know what they are leading theirselves into)

I never thought that anything was wrong with "The Mini Project
Area" and I still believe in this.

Regards,
JimmyClif

Well if your new start with my first crackme i posted and work to 3, btw if anyone who had an essay for 3 has it please update it in the thread.

-rage9

Hi All,

Heya JimmyClif Glad to see you're still floating around. I think you've hit the bottom line there in your observations. It's an open forum for projects and so far it's been pretty good in general, but it just depends on what people post and the interest that it generates. Sure, it'd be nice to have a bunch of projects on the go so that people could tune in any time they wanted to and select one at the level and topic they desired, but this place just isn't that structured.

We've already covered a lot of good stuff before, but as you say, who really reads the old threads? An ongoing project is always more fun anyway. There's been some projects that have really taken off, and some that have fizzled. There's been some good suggestions and sentiments expressed re this forum, and I hope they can be fulfilled.

To be perfectly honest I'm not sure what to suggest. I'm happy to continue "moderatin'", for whatever that's worth, if people want. But I have limited time to devote to maintaining any kind of structured approach to the projects. The only thing I want to see are people having fun working on *any* kind of project together, I don't care if it's the simplest serial sniff. Indeed, I'd *like* to see the newbie kind of questions that show that even this is a big challenge to them, but that they've suddenly learned something new.

As far as I'm concerned people can post what they want and ask any questions they want. I think everyone can use common sense and judgement when it comes to any shareware target. I think we can actually do better than just how to patch "App X", there are deeper teachings than that, but that is where the basics lay...

I think Woodmann suggested recycling old crackmes. We could just post one here every week or so at random if people wanted to try that, just so there's something. A majority of them already have solutions, (which of course can be read), but for those who wanted to try them and get "real time" help from others on the board it could be useful. On the other hand, from the less than overwhelmingly enthusiastic responses seen previously in many project postings, I fear these may end up in the discarded 0-1 response category (I deleted several before opening up the threads to the past 100 days).

Time will tell I suppose.

Kayaker

As meaculpa mentioned, adding func. like password protection on Notepad or another little prog. I have very little experience on that field(also that field), but i would love 2 follow the project.

Hi npanic,

Read Kayaker's excellent series on adding functionalities with Regmon, FileMon and a few more... also razzia's notepad tutorial.. i have found them really informative and newbie friendly...

They can be found at krobar's site...

cheers,
crUsAdEr

Hey crUsAdEr...

I allready red quite a few tuts on adding funcs, razzia did some of them. I think i will go dead with that kinda project with the skills i have. But thank u for suggesting it, and maybe after i has finished the project im fighting with know, i maybe will give it a try.
(My project now is inlining the new ASProt 1.2+ ;-) )


BTW, i have downloaded all krobar's tut a few month ago, so yes i have red about this and that. I think its a good idea 2 concentrate on one thing at the time, that's biggest problem i have, to do that ;-)


Okay here it goes again: Krobar's tutorial collection is the best available.

Hi Kayaker,

If it isn't broken, don't fix it. This forum is not broken! It is kind of like a river. Sometines slow and sometimes you come to a water fall and think you will never be able to survive. Good stuff.

Your efforts to improve the forum are commendable. Keep up the good work.

Regards, Kugi

Thanks Guys ;->

A project involving adding functionality would be awfully cool. Notepad would be a good target because it's been written about before and the techniques could be duplicated. Password protection as npanic suggests is an interesting idea. The file could be encrypted before it's written to disk, it's in a memory mapped area that could be accessed from an inline patch or by calling a dll. A simple xor routine would suffice, the real work would be in the supporting code. Signature bytes would have to be written into the file to recognize it, and maybe a decrypt key. Point of attack perhaps right after notepad memory maps the file, for reading the file, and just before the file is written to make the encryption changes. If notepad is to have a password feature now, getting rid of the file size limitation would make it more useful as well.


How about something like an enhancement to one of the tools we regularly use? Maybe the ability to save logs or other useful feature from some little utility. Adding a right click functionality or even toolbar buttons can make using a program you use often a lot more convenient.

I'm easy to ideas, if anyone wants to begin developing such a project by beginning analysis I'd lend a hand.

Thanks Kugi, couching that in terms of a waterfall I may not survive is something I can relate to, lol. And I've seen some big'uns - and sometimes wished I hadn't!
Hey man, how can you only have 6 posts, you've been around for *ever* ;p

Cheers,
Kayaker

Embedding encryption would be cool. How much room do we have to play with? Some "encryptors" I've seen were so pressed for room that they were too simple and I could break the encryption in my head. If you're going to add encryption, do it right.

That said, it doesn't have to be large. RC4 is still a strong cipher if you use it right, and it's tiny.

Hello Mike,

Thanks for the reply. I think we'd all love to see a project along those lines. I'd be interested in just how to implement a good encryption into your own code, let alone trying to break it. I'm still reeling from just reading your dissection of the 'simple' encryption routine in the selftest thread, lol! Thanks for the mathematical breakdown, man it's time to take out the books again :-)

I've been to your website, with your experience I think it's awesome that you're here contributing to the forum. Cryptography is a deep field I've not spent much time in myself, but that other project you just replied to will be a good study.

How much room do we have to play with? As much as you want. What exactly is embedding encryption, and how are some encryptors pressed for room, as in no room to code a decent encryption?

Cheers,
Kayaker

Hi Kayaker!

Pressed for room as in not changing the size of the .exe, just using what space was left over or could be gleaned by eliminating other functionality.

If you're going to add a section, then you can put whatever kind of crypto you want in there.

I think RC4 is really good for this project, though, since it's so small you can memorize the code and is easily implemented in ASM.