|
In the following thought I will attempt to highlight just a few of the -important- aspects to learning to reverse. Instead of showing you line after line of documented source code I will instead, do my best to explain and demonstrate, the 'thought processes' behind what we do, namely, learning to reverse. The Art of reversing is nothing less than finding the question, or key, to the answer you already have. In the case of software reversing you already have the answer in the form of a ready-made program, minus it's source code of course. In this case you will need to backtrack or 'reverse' your way through this program at some fixed point until you are familiar with it's internal layout. Only then will you be in the position to know where to fish for a serial or, patch the program in order to disable it's protection system. The whole idea of pure software reversing is to help us, the reverser, to -understand- the internal generic structures of any given program, regardless of whether our intended target program was coded in Assembler, C++, Visual Basic, Delphi etc. In the case of Windows for the PC, we soon know that there are only a given number of ways the program can perform a particular task, such as displaying the generic and very familiar "Beggar off cracker" message box. Therefore, in our early days of learning to crack, what we are looking for is sequences of assembler instructions (as shown in Softice or W32Dasm) that appear to perform a specific task. Common things we look for are sequences of instructions that compare a value to either one already stored in a memory address or, directly against another value and then, based on the results from this comparison to perform a conditional jump to either the "Good Cracker" or "Bad Cracker" message box routine. What we are doing is looking for a recognizable 'Reference Point' from which we can work from. The more we learn, the more reference points we can build upon which we can then add to our existing knowledge. Most of us know what a Map of a large town or city looks like, we know for example the differences between rivers, roads, lakes, forests by the type of symbols used, so if we are given a map written in a foreign language then we can still work out where just about everything is even though the superficial visual text markers are not available to us. In this case, our reference points are those symbols on the map that we recognize as meaning a river, road lake etc. As a tutorial writer, I try my best to write my tutorials in a way that I hope, newbies will at least begin to see and learn the -common- patterns that exist in the vast majority of programs currently available. By doing this, we can use these snippets of knowledge as reference points later on in our learning cycle. On the other hand, the dot-to-dot type tutorials serve to show you the many variations of steps that are often required when using your tools, such as when using Softice & W32Dasm. Can you see the difference here?. Reference points in software reversing are those nuggets of information we have learned and which, we jealously cling to when all else fails and it's here we can say " we feelt it" after successfully breaking a particularly hard protection system. But why leave things there?, If, like me you enjoy intellectual challenges, especially those that baffle & batter the grey cells then it's not too hard to find such challenges if, you know -how- to find & recognize them for what they are.. Therefore, learning to -reverse- should not be left to the pursuit of cracking software, in fact, if you did this then you will be missing out on a whole lot of useful background knowledge that can often make the difference between being able to crack a particular program or, failing at every attempt you make at it. Just because you can't -see- the answer straight away doesn't mean you can't find it by using some lateral thinking. Most of us in the real world know of, or know someone who seems to have the knack of being able to turn an argument or discussion inside out and against us no matter how hard we try otherwise. How is this done?. The answer is quite simple, they are able to cleverly re-define our "reference points" in order to 'hide' them from us. No reference point, no grounds for our argument!. As a side note to this, It's like me putting you in a boat in the middle of a large ocean and asking you to tell me where you are. No problem say's you, my compass will tell me. But I say's, I didn't pack one up for you, what then. (I have just get rid of one of your reference points!). But you say, I can see the sun, and I reply that it's in the middle of the night!. (Another reference point is taken away from you).. No problemo you say, the stars will tell me, but I say, it's very foggy and you can't see further than 20 yards!!. (Yet another reference point lost...) Now your -safe- options are severely limited, your lost and with no safe reference points to help guide you things look pretty bleak.. The obvious answer here is to wait until conditions become more favourable before setting off in any direction. But when faced with limited reference points it's all too easy to either give up trying or make a mistake that will lead you to nowhere. Still not convinced?, oh my, your a hard lot to convince tonight!..:) Okay, try this.. No matter what your native language is, if you are given to read, say a poem or prose that is grammatically correct, uses words familiar to you and are all correctly spelt, then, without a reference point of some kind you will find it hard to understand or comprehend what it is about!. Take a look at this example of a prose I found on the web, it's in it's full, unaltered form, with the exception that I have deliberately left out the title & author.
The breaking waves dashed high
And the heavy night hung dark
Not as the conqueror comes,
Not as the flying come,
Amidst the storm they sang,
The ocean-eagle soared
Their were men with hoary hair
Their was woman's fearless eye,
What sought they thus afar?
Aye, call it holy ground,
What is this prose about? Believe it or not, I could fill a whole book with this kind of prose and still many of you won't know what the book was about!. Here once again we have the -answer- in the form of this prose, yet to understand it we need to know the key, a reference point if you will, that represents the title for this prose. In learning to -think- like a cracker we need to first find a starting place or, a reference point from which we can begin our work. But where do we start?. Perhaps the -easiest- place to start from is to try and find this prose on the web. I found it through a search engine but unless you know what the prose is talking about how will you know in what subject to look in!. Perhaps then this is not a good place to start from?.. Okay, you've read the prose a few times and have made some general notes on what -you- think the paragraphs are saying. Now here's where you must begin to try and find those subtle connections between one paragraph and another.. Things that you need to do and ask yourself..
At this point can we make any rough connections between what we've already found?
At this stage we may already have some possible reference points to which we can make a start at unravelling our prose..
In order to complete this task you must What is the title.
UPDATE: 11th January
2000
Good hunting!
My Congratulations on completing this example goes to the following students:
And finally... Feel free to send and share with me, your
-thoughts- on how you were able to complete this exercise. Did -you- learn
anything new from this experience?. Do you have any -zen- thoughts you
might want to share?.
How then do you reverse a reverser? Simple, you take all his knowledge & Ethics and turn it all inside & backwards on him!. |
Are there any -general- themes to this prose? If so what are they?