View Full Version : what's the shortest path?
sleepleSS
11-12-2005, 07:48 PM
"hello world"
code start:
i'm new to cracking and reversing, i need to
1) be able to monitor windows messages, calls, api, threads, etc... : spy and supervise all what's going on from windows to cpu registers
2) write shellcodes
2) be able to reverse exe and dll and modify them in a way for exemple killing nag screens finding serials and why not killing dongles
----------
Q: which tutorials i must read and which software i must master in order to reach such level and in which order
(for exemple: read tutorial A, first then learn software B, then read tutorial C, etc..) so that i reach my goal without wasting time and reading things twice
thanks a lot mates
invoke ExitProcess, NULL
quitsendingmetrash
11-15-2005, 03:32 AM
To see some background stuff try:
Regmon, Filemon, ProcessExplorer from _http://www.sysinternals.com/
For api monitors use google or try here:
_http://programmerstools.org
Click on browse and then do a search for api.
Here is the current direct link:
_http://programmerstools.org/taxonomy/term/58/
Maybe someone else can recommend a good one.
You can view registers and see the apis that a program uses, by loading a program into a debugger such as:
OllyDbg from _http://www.ollydbg.de/
You can view 16-bit registers in dos debug. From a commandLine type "debug" then type "r" to see registers or "?" for help.
You can find various tools to play with here:
_http://exetools.com/
-----------------
-----------------
These sites could get you started:
_http://new2cracking.cjb.net/ - good for beginners. Check out the tutorials section
_http://www.woodmann.com/crackz/ - and the rest of woddmann's site. - For a softice reference you could find "Mammon_'s Tales to his Grandson & Mammon_'s coming to the Iceage" on this site.
_http://its.mine.nu/ - kw 's site
_http://www.crackmes.de/ - click search and choose: 1 - Very easy, for newbies (last time I looked there were 415) - see if you can break them all!
_http://www.learn2crack.com/ - how about some korean
_http://greythorne.cjb.net/ - dig around here.
_http://win32assembly.online.fr/ - Iczelion has some nice tutorials
_http://www.masm32.com/ - plenty to do here.
_http://www.nuvisionmiami.com/kip/asm.htm - various asm resources
_http://www.madwizard.org/ - more asm
_http://www.fhcf.net/ - Norwegian but you can find English tutorials
_http://www.reverse-engineering.net/ - link speaks for itself. Don't forget about the Community Board.
_http://www.acm.uiuc.edu/sigmil/RevEng/index.html - Don't recall reading this one yet.
-----------------
-----------------
I found these x86 emulators / simulators to be useful for learning about cpu registers, asm, and such:
Ketman Assembly Language Tutorial - runs in dos. Found it very informative.
_http://www.btinternet.com/~btketman/tutpage.html - you may have to use a win98 bootDisk or a dos emulator to run your compiled programs.
This one has a gui, with examples.
_http://www.emu8086.com/
SimuProc - Used to be spanish only. Looks like there is an enlish version now. Although installaion may be in spanish!
_http://www33.brinkster.com/vlaye/software/simuproc/index3.html
-----------------
-----------------
Here is a flopperatingSystem called menuetOs built in fasm. I have not found a real time register viewer for windows yet. That shows registers on the fly. This operating system is built for asm development. If you download the floppy version and boot to it. You can click menuetOs > System > Debug > Trace Calls. This will show you the 32-bit registers flipping about. There is also a cd version I have not tried. Orignally for 64-bit. I tried the 32-bit one. 64 may have more stuff.
_http://www.menuetos.net/
also try:
_http://menuet.homelinux.net/Main_Page - I found the 32-bit floppy version under Distrobutions on this page.
-----------------
-----------------
Don't know much about shellcode. A quick google referred me to:
_http://www.milw0rm.com/ - Interesting enough there was one for OllyDbg here:
_http://www.milw0rm.com/parse.php?platform=windows
Look for Ollydbg <= 1.10 Format String Bug
You may also want to try:
_http://shellcode.org/
-----------------
You could also try writing some simple ASM or C code to create a small popUpBox.exe with some text.
Then load it in OllyDbg and see if you can change the text. Iczelion's Tutorial 2: MessageBox would be a good place to start, if you need some asm code for a messageBox. - There is a link to his site above.
Above you stated that you do not want to waste time or read things twice. Keep in mind that others may find it a waste of time to reply to the same question twice or possibly a hundred times. If you spend some time with search engines you will find all kinds of resources. Searching will give you alot more links than I can. You may have to dig through alot of junk. Don't take it as a waste of time. See it as way to learn to avoid such pages in the future.
Incase you are not familiar with this site:
_http://www.searchlores.org/
lates!
vBulletin® v3.6.4, Copyright ©2000-2016, Jelsoft Enterprises Ltd.