Log in

View Full Version : Help a newbie plz :)


Flack
January 7th, 2002, 21:08
Hey guys,
Im new here and would love it if someone could point me in the right direction, i.e. where should I start? (preferably some simple tutorials)
I have softice and w32dasm (im not sure if they're the latest though).
What other tools should i look for?

Anyway, Im looking forward to learning a lot here.

Thanx

Flack

Viper
January 7th, 2002, 21:41
get smartcheck for vb apps
also doa search on this fourm and on a search engine like google ie: cracking tutor

Snatch
January 7th, 2002, 22:14
OK here is your list. At least with this I have no trouble with the targets I am interested in of course I am weak in unpacking and IAT/PE rebuilding but maybe someone can complete my list.

IDA 4.15 Advanced Registered (4.17 Standard Registered is incomplete but might do too) from Datarescue
Driverstudio 2.6 from Numega
Resource Hacker 3.3.3
WinHex latest version

This is enough for me for the most part of course I have more tools but these are the fundamental core tools that almost all jobs require. Everything else is a little more specific.

Snatch

Viper
January 7th, 2002, 22:24
for unpacking i would say get
revirgin
pe-editor or procdump
icedump {for your version of softice}
quick view {makes a neat list of imports used by the app}

have fun
Viper

MTB
January 8th, 2002, 19:34
Hiya Flack
At the bottom of the RCE bulletin board is a link to Fravia's old site. Down load and read, then down load some more. There is a ton of stuff there! Hopefully in a few weeks we will see a zipped version of crackz's site which will complete your training. This will take a while, my first dongle crack took almost 6 months (ok some time of in between stuff), the second one took only 1 month, the third took 2 weeks.

Good Luck
MTB

JMI
January 8th, 2002, 20:31
Flack:

Welcome. There was a thread from another member not too long ago where the same general question was asked. There was some good pointers provided by several members for one starting our and what one needed to study to get up to speed. Check it out.

The best advice I can give is don't try to jump in with both feet without acquiring some basic background knowledge first. I know it's hard to not start cracking Asprotect protected targets the first day, but there is alot of "learning" that goes into understanding what the heck one is doing, even when just following somebody's tutorial. Anyway, give this thread a read and go from there.

Good Luck.

Regards.

http://www.woodmann.net/forum/showthread.php?threadid=2375

matthew
January 8th, 2002, 20:51
Hey thats me!

Give me a minute and i'll add a post to this that has all the links and tools i've gotten.

Snatch
January 8th, 2002, 21:14
Oh ya just as an obvious duh. Go learn assembly language. Before I even bothered learning to crack I knew how to program some cool asm programs. The problem with newbies on these boards is they want to jump right in. You need to take 3 steps back first and not even think about cracking which is very difficult to do. If you want to crack anything and actually know what you are doing then I suggest buying a book on assembly language does not have to be windows but just assembly in general.

Snatch

matthew
January 8th, 2002, 21:23
Tips and stuff - by a newbie, for uber newbies. - matthew (w)

Links:
http://fraviamb.cjb.net = RCE messageboard.. this one.
http://win32asm.cjb.net = Win32 asm tutorials, useful to know
http://board.win32asmcommunity.net = Dont ask for cracks. only for learning win32asm
http://tsehp.cjb.net = maintained still i think... essays and such
http://msdn.microsoft.com = for looking up functions, under windows ... win32 api reference
http://protools.cjb.net = tools you need
http://softice.tsx.org = softice for 9x and nt
http://www.exetools.com = forum and cracking tools, their ftp has the latest stuff. get password from the message board
http://astalavista.box.sk = compare your cracks to theirs
http://icedump.cjb.net = addon to softice, dump screens, listen to music
http://cracking4newbies.cjb.net = faq for cracking and softice
http://www.wotsit.org/ = right link i think. try .com .net .. file formats listed
Find some crack me sites. dont remember the links.
Those are off the top of my head, might have forgotten something.

Tools:
Procdump32 (dump process' to disk)
Icedump (add functions to softice.. dump screens and play music)
Softice/Driver Studio (debug at the hardware level if you wish)
File Analyzer (shows some usefull info about files)
DumpPE (dumps PE stuff, info... )
FileMonitor (monitors programs' access to the file-related api(?)
RegistryMonitor (monitors programs access to the registry)
ResHacker (basic functional resource editor)
W32dasm (win32 dissassembler. make dead listings)
IDA (same, generally)
SoftSnoop (api monitor)
FrHed (freeware hex editor for windows)
UN-PACK (good unpacker, alternate to procdump, but different)
Masm 7 package (by hutch, if you want to learn to program)
RadAsm (IDE for programming win32 assembly. bit new but very good)
Revirgin (more advanced. i dunno how to use it, good for api and pe)

Documentation:
Platform SDK (from MS.. tonnes of info. function lists, like msdn)
ID-RIP (get the whole site from somewhere, follow along with the tutes)
Sandman's tutes (find them somewhere. follow along too, thats how you learn)
Win32asm by iczelion (win32asm tutes)
Other misc tutes for win32asm (explain some PE, odbc, etc)
Find more essays for cracking at tsheps site

Tips:
Put a big cork board next to your computer to pinup not only deadlistings, code, functions, and addresses, but playboy women.
Get an electric kettle and a stack of instant noodle (mr. noodle or ichiban, whatever). get a water cooler for the kettle, or just keep some water nearby so you can eat at all times when you cant make it into society.
Coffee machine if possible, drinking more than 200 cups within a day might kill you though.
Toilet in room. If possible have it done. Cannot leave computer always. Use a bottle for those times when you cant get upstairs at 3:00am or you'll wake your parents.. sad but true.
Jolt Cola. its like coke/pepsi (cant really think of which) and coffee, the ultimate drink. hard to find here in canada at least
Learn to spell. Talking on message boards with bad grammer and spelling looks bad. If you really suck say you speak another language.

More realistic tips:
Keep a notepad handy, pen too.
Just follow through the tutorials, you'll pick stuff up.
If you dont succed, take a break, then try again.
If you keep failing, wait a while, then try again with clear memory (sleeeep). Or just move on and dont get frusterated. But come back later.
Learn assembly. Maybe not right away, but sometime. Usefull to make patchers and keygens too.

There, a generic list of things to help newbs. just refer them to this from now on add to it too if you want, i'm only a newb myself.

Kayaker
January 8th, 2002, 23:06
matthew, that's one of the funniest things I've read in a long time! And it's all true

You forgot the tip about working on your computer on an exercise ball so you can keep yourself in shape to spend hours in front of the computer.

Cheers
Kayaker

matthew
January 9th, 2002, 00:51
Yeah I still need something other than a bottle.. and a water cooler. My Slushie cups are decent for water storage, however.

I'd like an exercise bike for in front of the computer.. If it has decent handlebar/console you can lean on it, and they are comfortable. And I'm not kidding, lol!

Have a good day

Aimless
January 9th, 2002, 02:32
You might try looking at:

www.eccentrica.org/Mammon/ (a very respected cracker/hacker...and beyond)

where he explains the basis needed for cracking.

However, before you read that site, you need to understand your priorities. What do you want to be? A cracker or a reverse-engineer. If you are looking at the first, then the site is OK.

else if you are looking for latter, you might try searching on google for "Christina Cifuentes" (a PHD in reverse engineering and decompilation).

I would suggest you try out the "cracking" bit first.

My idea of study would be:

1. Cracking password protections. Winzip is easy enough.
2. Cracking Time limited protections.
3. Cracking CD access protections.

You will learn your MOST from these 3 things. Then you can move to intermidate stuff like:

1. PE file format
2. Compression
3. Private Encryption

and maybe subsequently to advanced like:

1. Public Encryptions
2. Dongles
3. Hardware/Systems Programming

The tools you MUST have are:

1. Softice (4.05 version. All around the web. Just search)
2. IDA 4.04 advanced version (all around the web. just search)
3. Filemon (freely available on www.sysinternals.com)
4. Regmon (same site)
5. W32dasm (all around the web. and then some!!)
6. ResHack (from www.programmerstools.org)
7. Psedit or Hiew (same site above)

Do not try to get into details like Procdump or even use Icedump for Softice. You WILL get confused. Go a step at a time..and you progress will be FASTER than most.

Epilogue: Try using FrogsICE before you start running any program. Find it on www.programmerstools.org

...Have Phun

Flack
January 9th, 2002, 18:25
Wow, thanx for all of the tips guys!
Looks like I have a long, exciting road ahead of me

Flack