I'm looking for a series of crackmes for the beginner. I've found many many many sites full of just lists and lists of crackmes, but what I'm really looking for is a set that starts from the absolute beginning (i.e. hardcoded serials) to the more advanced (i.e. simple name-based ones) to the really advanced (i.e....I don't even know. something on the lines of cracking 3DS Max's algorithm). The problem with the giant crackme lists is that I don't know what about 75% of the stuff is, so I don't know where a good place to start is. If there isn't such a series available, could someone at least do me the kindness of writing out a list in sequential format of what features I should look for in a crackme, so I can sort of build my own set? I've tried one crackme that was name-based serial generation....I worked on it for about 2 weeks on and off, and I'm still without a solution.

Thanks.

the main reason I'm replying is to direct you to the links at the bottom of this page. Just about everything you need will be there. I personally don't think crackme's is the best way to go for absolute newbies. I'd look at tutorials first, since you can follow reversers right through a reversing procedure and see how it's done.

A bit of history. One of the first set of tutorials I came across was the Ork set. They're all at a link at the bottom of this page. They may be a bit primitive now, but they will give you basic concepts of what you're trying to do. Along the time of my discovery of Ork, Fravia's site was a going concern. If you can find one of his old sites, through a search engine, or maybe in the links below, there are hundreds of tutorials by really good reversers. Learn their techniques and how they approach a problem.

In the good old days, there were groups like Frozen Crew (sp??) and UCF (United Cracking Force). They put out a lot of tuts. You'll see a reference to the Caper below...that was the Keyboard Caper, part of the elite crowd in those days and a member of one of the groups above.

Around the time of Fravia, Greythorne had a site, and many of his tuts are good too. You will finds some tuts around on Fravia that border on genius, if not outright genius. You might check Mammon as well. My suggestion is to find tuts by these people, and others, and actually do them. You might have trouble finding the exact app. but you can often find a version near enough to the one in the tut to make it work. Or find an app with a similar protection and apply the techniques.

Learn to search, and read, read, read!! Get a good reference book. Nothing is going to be handed to you, and if it was, you wouldn't learn very much. I know you probably want to do specific work, but you have to learn your chops by doing a range of work. I started with Matt Pietrek's Windows 95 Programming Secrets.

That's where I first got the notion of reversing, something Pietrek refered to as spelunking. I had an old music program that the author had abandoned, and I was tring to modify it. There is another thread on this board refering to a book on Windows that will be re-issued soon. The author has an excellent understanding of Windows and it's structures.

If you'd like, I can PM you the names of some apps I used during my initial learning curve (and trust me, I'm not that far in front of you). They are easy to crack, some are even 1 or 2 byte patches but will provide the experience you're looking for. For some reason I found it "better" to learn from actual, real-world apps than crackme's. Crackme's are great to learn a principle step-by-step, but (I hope!) you're aiming to learn how to crack for yourself rather than by tutorial etc.

I say this over and over: "There is no substitute for learning how to search and how to find things on the net."

If you spend the time to master this skill you will be well ahead of the game, because then you can find nearly everything you want to learn about reversing. There is a tremendous body of work out there on such subjects and no substitute for actually taking the time to study and learn some of the basics. Impatience is one of the chief obstacles to good learning skills. It takes time and effort to master the skill set necessary and being in a hurry to "crack something" often interferes with studying those basics. Too many people think that they have to start cracking something right away and then they just fumble around and often reach a solution by "accident" and do not clearly understand what they have done or why. This is not a good learning method.

It is MUCH more effective, although less instant gratification, to spend some quality time JUST studying, until you grasp some of the basic concepts. While there are many, many tuts out there that you can simply follow by rote, step for step, that is not really reversing. You are simply following steps someone else laid out for you without the most important part, knowing "why" those steps were taken when they were taken.

If you want to crack "right away", you are much less likely to truly learn how to reverse engineer. It is a process that can't really be short cut and practicing a lot of crackmes without having a clear understanding of what you are and should be doing, simply results in the "practicing" of a whole group of bad habits. Think of a sports analogy. The more frequently one practices a "wrong" swing of a bat or tennis racket or an incorrect way to kick a ball or shoot a basket, the more one is training the body to do it incorrectly. With enough "wrong" practice, it eventually becomes almost impossible to train the body to do it the correct way for the most effect.

These principles hold true, at least to some degree, with the brain. The more you train it to try to shortcut the "thinking process" the less it learns "how to think." Thinking is the real skill here and it requires both knowledge and understanding. Neither of these come without effort, more for some, less for a few, but effort nevertheless.

So at the end of this long philosophical lesson, we come back to this. If you learn how to properly search, you should have no problem finding crackmes designed for beginners. Usually it is as simple as using combinations of search terms in your favorite search engine, such as "crackmes + beginner" (without the quotes.)

Regards,

I did not mean to imply in my response that following tuts was the end-all in learning to reverse. Using your sports analogy, I actually applied that learning to playing soccer, and eventually honed my skills to a world-class level. There were no tutorials to follow, all I could do was go out with a soccer ball and work it till the skills came. It was important for me, however, to have role models. I watched some of the great players to see what they were doing, and tried to emulate that.

It's different with reversing, of course. Being an electronics/computer technician, I already had a basic understanding of programming languages, although not to the level of a good programmer. I understood assembler quite well, and had studied Fortran and Basic. That helped me immensely in visualizing program flow and understanding disassembled apps. I know some of the people who reverse at an advanced level are accomplished programmers. The biggest problem for me learning to reverse was seeing the overall picture, and, of course, practicing the application of that.

For someone without a background in programming, I would advise they at least study assembler. I learned the old bare-bones kind of assembler, and actually programmed in machine code at one point. That teaches you about registers and basic processor management, things you need to understand as a technician. It doesn't hurt for anyone approaching reversing to learn that as well.

I also studied Petzold's book on Windows 16-bit programming. He has a later version out for Win32 and I notice he has one out now on C#. Jeffrey Richter has good books out on Windows structure and Russinovich has a rewrite of one of his books due out. A quick check of Matt Pietrek's site ( hxxp://www.wheaty.net ), under 'Other Writers', will give a quick outline of who's who in the world of Window's programming. Many of these people have written excellent books on the subject.

I'm in full agreement with you that reversing is a skill that requires more than one component of learning. And doing it is the main learning procedure. Unfortunately, some of the concepts are so advanced, that literally 'doing it' is not enough. I don't want to drop any names here, but I remember the initial reverse of IDA by someone we will all remember ( Q**** ...or was that Star Trek). As a newbie, I would never have thought out that solution in a million years. Even Ilfak, who wrote IDA, was impressed with the work of Q****.

Reversing serials can be easy, as you know, or get into advanced cipher theory. Or there were those reverses by M******* involving self-modifying code. All I could do was regard his technique with awe. These kinds of tuts are invaluable, even if used only as a reference. I'm not advocating following each one by rote. If you need to reverse a CDROM-related app, however, finding tutorials on that, will give you a reference and teach you what you're looking for. It's. of course, up to you to practice and ultimately do it yourself.

I was browsing through the advanced section of this forum recently and found it interesting to note how far the current group of reversers have progressed. It's really impressive. I don't know what the individual backgrounds are, but I'm sure many are new to reversing in the past few years. It's encouraged me to perhaps get more involved and start learning again. Is there really such a thing as someone who is not a newbie??

Thanks for your long and detailed replies - I'm in need of those.

I really didn't mean to imply that I am one of those people who takes a tutorial, follows it step by step, and then claims the work for his own. In all of my posts (or most of them ) I've ended up conveying a message that I didn't mean to. Or, at least, you guys keep replying to something that I didn't intend . Let me break down my thoughts on this for you:
- I'm more of a person who likes to apply knowledge rather than just spit it back out exactly according to a textbook
- I'm a pretty patient learner, and not what JMI suggested - a person who really really wants to jump right into advanced reversing stuff.
- I'm not satisfied with myself until I feel I really and completely understand the concepts. I've been this way all of my life. You could call it perfectionism, that's fine, but I have a set of standards for myself that I meet without fail. That's true with all of my work, not just computer related things.
- I think all knowledge is worth having, so I try to branch out in my learnings, not really focusing too much on one thing, unless it intrigues me enough that I want to delve deeper. Reversing is one of those things.

You should know that the way I was introduced to this art, science, whatever you wish to call it is. That being, I was playing an online game (one that I had been playing for a long time), and this guy showed up, he was new at the game, and said he was going to try and hack Vendetta. Now, surrounded by goons who use that word not in its originally intended way, I thought nothing more of it than just as the bold words of a 13 year old who really could do nothing more complicated than ping an IP address. But, as he posted his progress on the message boards, I became more and more convinced that he in fact was one of the rare people on the internet who does everything he claims to, especially when he posted a screenshot of his working environment -- IDA running in Wine, and the modified version of the game.

That was my introduction. I was talking to him in IRC for a while before he left, his task having been accomplished, and got him to tell me the names of the main tools he used. I came up with Softice and IDA. Thus began the Googling. After a week or so of researching, I decided that I'd learn assembly language if nothing else, because the idea of having complete control as opposed to the only half-control that other high level languages give you intrigued me. It took me a while to find a copy of Softice and successfully install it on my XP box, but I finally did. I then followed one of Fravia's tutorials and a few others...but I wanted something more comprehensive. I bought the book, "Hacker: Disassembling Uncovered" and started to read it. About 20 pages into the book I realized that while this book seemed to be exactly what I wanted, it was wayyyy over my head, and I was obviously lacking in assembly language knowledge. So I then bought the book, "Assembly Language, Step by Step" (by Jeff Duntemann, in case anyone's interested. Fantastic book.) and read it cover to cover. It's written for 16 bit programming, but still a fantastic introduction to assembly language.

That puts me about where I was 3 weeks or so ago. Since then I've started to learn Win32 assembly, and the basics of game training. I'm still at the utmost beginning, as I'm sure you can tell by my other posts, but I'm very interested in doing all that it takes to progress.

So you see, I never once lost patience while starting out. I just got the other resources that I needed, and started over again.

While I have successfully made one trainer (for Minesweeper ) and I fully understand all the concepts in it (including the Win32 ones.) what I'm most interested in is serial number and other encryption reversing. That's mostly because it seems to be a lot more intellectual and interesting than just hunting through code to find one line that decreases one value, and then making a trainer NOP it.

Now, at the end of this essay-like post, I hope you can see that I'm not pushing you guys to spoon-feed me answers, do work for me, or anything else of that sort.

That being said, I'm going to go find something to eat. I'm ravenous.

Please keep in mind that I generally attempt to write my messages for a wider audience and not just for the person to whom it might appear to be addressed. My comments were intended as general on the subject matter to encourage the widest audience to attempt to follow the proper path through the dark codewoods of reversing. I, of course, do not know you nearly well enough to make any valid evaluative judgments about your character or tendencies.

Remember also that in this context, we are forced to deal with a limited slice of the world and, in particular, a very narrow view of that world in which the poster resides and operates. What is often forgotten by posters is that we see only what they have written, not what they think or what they may have done which they do not describe. We are then forced, not unwillingly, to make some basic assumptions in order to respond at all and if as wide an audience is desired, the response needs to be more generic than if an issue is more focused and directly addressed.

I was attempting to address your general request for "crackmes for beginners" and trying simply to make my favorite point that most things can be found by those who learn how to search effectively. Then I lapsed into general philosophy of reversing for which you need mount no defense, for there was no criticism or attack intended. Just an offer of what I hope is good advise for all who might find it useful.

Regards,

Nothing, but nothing beats cracking older versions of MIRC and Winzip



Nothing.

Have Phun

My replies were intended along the line of what JMI wrote...in general. I was doing a lot of reading between the lines in your replies based on your revelation that you were a newbie. So, you did not convey any message that you did not mean. I picked up what you were saying in general and replied with a wide generalization. You asked for a certain amount of information, and I replied with a lot more than what you needed. But, you will need it eventually.

I want to be clear that I don't consider myself an expert. I'm a relative beginner, and any of the more experienced reversers could have had a field day with what I wrote. That's partly how you learn. If you say something dumb, someone usually notices and helps you out. Of course, if it's really dumb, you'll get flamed. That too is part of the learning curve, and part of the humour.

As an example of saying something dumb, please consider how I spell humour. That's the Canadian spelling based on the British English, back when Britain was a colony of Canada. Down in the States, another colony of Canada, they'd spell it humor, or humer in some parts. Some would spell it hummer, but that means something else in Canada.

I'm from the west coast of Canada, which is God's country. We annexed the rest of Canada out of compassion. The reason I'm not as good a reverser as some other Canadians, who run around in canoes (nudge, nudge, wink, wink...say no more) is that we have glorious weather on the west coast and the rest of Canada is ice-bound 11 months of the year. Summer is 1 month of bad skating. They have nothing else to do but reverse.



Now...that's how you get flamed.

For some reason, JMI, every time I hear you say "dark codewoods of reversing" I think of Robert Frost:

Being very much just one traveling newbie, I can't tell you how many times this has popped into my head while trying to trace through multiple branches of code

Now that *is* the sign of a good reverser, someone who doesn't realize they are We're all newbies at one level or another, that's what keeps you learning through life.

I think learning to program in assembly is one of the most useful things to do first, as soon as the reversing bug has taken hold, you've gone past the first rush, and you start to realize how many friggen things there are to learn. This is mainly to learn general program flow, how APIs work and how the Message Queue is structured (all from an ASM perspective). When you are comfortable with how a 'normal' program operates and how it looks in a debugger or disassembler, it becomes easier to pick out what is *not* normal, in terms of protection or other significant code you might want to reverse.

It used to be you could learn much of this by plenty of tracing in any generic shareware app you happened to choose as "this nights/weeks target". Now however, everything is so AcmeProtected that you can never "see" the underlying program unless you unpack it successfully first, a whole different kettle of fish entirely as it were.

Keep the faith tdennist, you're on the right track


I like your interpretation of history WaxfordSqueers
It's true, there are only 2 seasons in the rest of Canada, both based on the state of the water, liquid or solid. The second requires special paddling equipment and crotch warmers. It might surprise a lot of people to know that there *is* a rain forest on Canada's west coast. It must be nice never to have to buy sunglasses. I figured West Coast reversers would spend most of their time indoors anyway

That's where I'm at right now: pre-AcmeProtection. I've tried a few of the earlier packed proggies and spent a fair bit of time trying to reconstruct import tables. But I need to concentrate on it.

If you get some time, maybe you could leave a brief outline of how you got into ring 0 code. You seem to be pretty well at home discussing it. I've traced through ring 0, very carefully, and actually came out the other end. Often as not, as soon as I enter ring 0 code, I F12 out of it....fast.




Bit of west coast blather. Thanks for not mentioning the webbed feet. I lived in Regina for a year and survived the winter. It hit -50C a couple of times, but -35C is brutal enough, especially with a wind blowing. In fact, spent part of a winter north of Edmonton recently (Fort Saskatchewan) working 10 hour night shifts outside in -20C weather.

Many Europeans have been mislead with regard to our rain forrests. They seem to think we're hacking them all down. I don't think they understand how big these forrests are. I got in a ferry on the north end of Vancouver Island and travelled overnight up the Pacific Coast to Prince Rupert. That's about 400 miles, and there's nothing but trees along that coast. There aren't even roads into most of it.

WaxfordSqueers:

Thanks for the history lessons. I had not realized that Britain and the U.S. were former colonies of Canada. Just goes to show you how poor our school history books have become. But at least you folks up there were kind enough to share your West Coast weather with those of us in the "lower 48." We too have much better weather (generally year round) than our cousins on the East Coast.

TBone:

If memory serves, the "dark codewoods" is a phrase I believe I borrowed from +Orc's writings contained in the materials found in +Fravia's original site (linked below) and other places on the web. Since I had read and enjoyed the Lord of the Rings Trilogy more than 40 years ago, the phrase always resonated with me and reminded me of some of the adventures described therein and seems a perfect anology for some of the "dangers" lurking in the code waiting to trap or divert the unwary or unskilled in such arts.

Regards,

You folks are too kind, JMI. I was expecting some really ascerbic wit.

Even our winters on the "wet" coast have been milder, at least in my part of the world. We haven't had snow yet this year and probably wont through Christmas. I remember, as a kid, having winters with a couple of feet of snow. We get a fair amount of rain, but there doesn't even seem to be as much of that. Or maybe I'm just not noticing it. The good thing with rain, as the saying goes, is that you don't have to shovel it.




As Kayaker pointed out, there is more of an implemented set of traps laid today than in +Orc's time. I remember working through some of his lessons, and about all you'd get was an error message along the lines of, "gotcha, evil cracker". What's this world coming to when an upstanding reverser can't even get into the dark code woods till he has removed the wrapper? Is that like not being able to see the forrest for the trees?