Rate different types in reversing ?

[Jupiter]

At first you should understand your target and type of protection it uses.

What if:
- your target is not packed
- your target doesn't use serials
- your target doesn't use registration keys
- your target is virtualised
- your target is using remote computations and remote resources
- your target is using distributed nodes and micro-services
- your target is using specific dedicated hardware
- your target is using remote authentication and authorisation

So, it looks like you're targeting only 'classic' desktop applications using classic approaches.

• No packing → no unpacking
• No serials and no keys → no key generation
• Virtualised code → de-virtualisation
• Specific hardware → hardware emulation
• Remote services → replacement services
• etc

[Jaspreet Singh]

Quote:

Originally Posted by Jupiter

At first you should understand your target and type of protection it uses.

What if:
- your target is not packed
- your target doesn't use serials
- your target doesn't use registration keys
- your target is virtualised
- your target is using remote computations and remote resources
- your target is using distributed nodes and micro-services
- your target is using specific dedicated hardware
- your target is using remote authentication and authorisation

So, it looks like you're targeting only 'classic' desktop applications using classic approaches.

• No packing → no unpacking
• No serials and no keys → no key generation
• Virtualised code → de-virtualisation
• Specific hardware → hardware emulation
• Remote services → replacement services
• etc

Of course, for this question we assume that all the mentioned ways to crack it like keygen, crack are available and we want to rate which is better or worse...

@blu devil Hardware based protection is sometimes not possible to crack at all, if done correct. So I agree with you.

[chants]

Quote:

Originally Posted by Jaspreet Singh

Of course, for this question we assume that all the mentioned ways to crack it like keygen, crack are available and we want to rate which is better or worse...

@blu devil Hardware based protection is sometimes not possible to crack at all, if done correct. So I agree with you.

Decryption is at the top of this as cryptography is based upon hard mathematical problems and has closer to theoretical soundness than all other methods. The rest, even hardware are security by obscurity in various forms.

Don't forget crippleware where code is literally absent from the target and must be painstakingly hand built back. That's also at the top of the list.

So that original list looks more like the common methods used but is incredibly lacking. A taxonomy of cracking would be a 50 page thesis if done properly.

[NON]

Quote:

Originally Posted by chants

So that original list looks more like the common methods used but is incredibly lacking. A taxonomy of cracking would be a 50 page thesis if done properly.

I agree. The list is a little incomplete.
Sometimes it's better to remain a little silent...

This is not 50 pages and is rather lame, but a good start. See this paper here:

Quote:

https://forum.exetools.com/showthread.php?p=128880#post128880

Much more coming soon!