naides
July 16th, 2004, 09:29
This post is supposed to be in a pure philosophical plane. I will not touch feasibility of what I am discussing here, but more than once computer algorithms have pulverized the barrier of impossible into simple.
Now, A PROGRAM, no matter how complex it might be, is only a linear array of bytes. Yes, it has internal structure, information is encoded in those bytes that is more than the bytes themselves, etc, but plainly,
It is a linear array of bytes, with a beginning and an end, a finite, ordered collection of bytes.
Protection is encoded in those bytes, and reversing involves changing some of those bytes. Typically, a few of them, five, ten when the reversing involves a jump inversion or something simple, a few hundred if code injection is necessary, but plainly
Reversing is changing a subset of bytes.
THE PROBLEM is to know which bytes to change and change them into what values.
The method we all use is a more or less structured attack, knowing the internal rules that govern the byte patterns of the program (also known as code), at least partially understanding the program or the protection overall structure, so we find some guidance towards which bytes to change and to what. This is also known as Heuristic approach, and it is used not only in reversing, but in a multitude of computer and no-computer knowledge activities.
But there are other approaches, to the problem:
Brute force attack: We systematically replace byte after byte until we obtain the desired result (Program runs without protection).
A structured attack: in which we introduce certain rules of thumb on which bytes to try and change, limiting the number of combinations of the attack. For example only changing bytes in areas that contain code, or knowing that most cracks involve changing an instruction, only change bytes are part of a valid instruction into another valid instruction. Or Knowing that a fair number of protection are based on decisions, concentrate the attack on decision instructions.
A self learning system, which can evaluate the results of a given byte or bytes change not as good-bad, black-white but can grade it towards certain goals and concentrate on changes and areas that produce the best positive results.
Of course this sort of combinatory attack is best performed by a computer program, with enough speed and power to perform the repetitive, brutal operations that I am proposing.
If you think about, such a machine could, give enough time reverse all protections, but it would also have the most fascinating side effect: It will modify in untoward ways, the behavior of the program it is reversing. Most of its creatures will be non-functional or dysfunctional programs, which would do silly stuff, or run into endless loops, but some of them will be indeed interesting, Perhaps write all the variations of the story of your life, or paint your picture in the screen at all possible ages, and with all possible changes or, in summary do every thing a computer program can do, including rewrite itself in a slightly modified way, or become the program that created it. . .
Doesn’t it give you the shudders???
Now, A PROGRAM, no matter how complex it might be, is only a linear array of bytes. Yes, it has internal structure, information is encoded in those bytes that is more than the bytes themselves, etc, but plainly,
It is a linear array of bytes, with a beginning and an end, a finite, ordered collection of bytes.
Protection is encoded in those bytes, and reversing involves changing some of those bytes. Typically, a few of them, five, ten when the reversing involves a jump inversion or something simple, a few hundred if code injection is necessary, but plainly
Reversing is changing a subset of bytes.
THE PROBLEM is to know which bytes to change and change them into what values.
The method we all use is a more or less structured attack, knowing the internal rules that govern the byte patterns of the program (also known as code), at least partially understanding the program or the protection overall structure, so we find some guidance towards which bytes to change and to what. This is also known as Heuristic approach, and it is used not only in reversing, but in a multitude of computer and no-computer knowledge activities.
But there are other approaches, to the problem:
Brute force attack: We systematically replace byte after byte until we obtain the desired result (Program runs without protection).
A structured attack: in which we introduce certain rules of thumb on which bytes to try and change, limiting the number of combinations of the attack. For example only changing bytes in areas that contain code, or knowing that most cracks involve changing an instruction, only change bytes are part of a valid instruction into another valid instruction. Or Knowing that a fair number of protection are based on decisions, concentrate the attack on decision instructions.
A self learning system, which can evaluate the results of a given byte or bytes change not as good-bad, black-white but can grade it towards certain goals and concentrate on changes and areas that produce the best positive results.
Of course this sort of combinatory attack is best performed by a computer program, with enough speed and power to perform the repetitive, brutal operations that I am proposing.
If you think about, such a machine could, give enough time reverse all protections, but it would also have the most fascinating side effect: It will modify in untoward ways, the behavior of the program it is reversing. Most of its creatures will be non-functional or dysfunctional programs, which would do silly stuff, or run into endless loops, but some of them will be indeed interesting, Perhaps write all the variations of the story of your life, or paint your picture in the screen at all possible ages, and with all possible changes or, in summary do every thing a computer program can do, including rewrite itself in a slightly modified way, or become the program that created it. . .
Doesn’t it give you the shudders???