Very new to this...

I'm very new to this and hopefully I won't get the "big guy" mad by asking this but... Well see, I have a software that I would like to use while trying to learn how to reverse engineer and was wondering if it can be used. this program is a "Demo program for estimating" and it comes with the 30 day trial period. I figured this would be a good one to try so, I guess my question would be... Can it be used for this purpose or not? Could a guy transform this "demo" to a full operating app.? Again I don't want you to tell me HOW, but just let me know if it is possible or not and I'll keep searching for the answers.

thanks.

A vague question will only garner a vague response -- anything is possible, it all depends on your will and ultimate ability. Further, it depends on the capabilities of the "demo" if it is full featured or is it crippled further.

[JMI]

As thewhiz has stated, you have not provided enough information for anyone to give you an informative response, except to suggest basic principles. You state the program will run for 30 days and is a "demo" version. This creates a number of possibilities from a reversing prospect.

1. The program is complete and has some form of protection which keeps track of the passage of time to know when the 30 days have passed and then disables itself in some way. This would be your "best case" version of the software. Then you would need to learn how programs keep track of the fact that they have been installed, where such information might be hidden, and then how to locate such information and remove it and disable the programs attempts to call this "time keeping" routine, so that you can use it as long as you want, without this limitation. If you succeed at this quest, you will have a fully functional program without limitation.

2. The program is not complete because some of the functions of the code are not included and it has a method of keeping track of the passage of time or operation of the program and disables itself when the "limit" is reached. If this is the case, then even if you figure out how to disable the checks that the program makes to determine that it has been installed and run for the "limit" time, you still don't have a fully functioning program. In this case, you can still figure out how the program keeps track of its checks of time or operation and disable them, but you will never have a fully functioning program.

Many programs use software made by others, generally called "protection software" to provide their efforts to prevent 'crackers" from getting the full program without the limitations. Others write their own. Some rely only on software protection for this prupose, and some rely on mechanical devices, such as dongles which have to be installed on your machine to make the program operate properly.

There are some pre-existing software which attempts to defeat certain protection programs. They work with more or less effectiveness. There are tools, both software and mechanical, which are used to attempt to defeat these protection measures.

Barring the use of "ready made" solutions, one needs to know substantial information about the disassembly of software programs, how to use the tools which accomplish this task, what the code they view with these tools is doing and how the code might be altered to, instead, do what one wants, rather than what the original programmer wanted it to do.

In short, no matter what your program does and/or how it does it, if YOU are intending to accomplish the task of "reversing" the protection system, YOU have a long journey ahead of you and it is one where, just like life, you have to learn how walk before you can run and you have to study before you can comfortably believe you know what the heck you are doing.

So. Where do you want to begin?

Regards,

In fact, I think I'm getting a little ahead of myself and I definately agree with you on the fact that

Quote:

just like life, you have to learn how walk before you can run and you have to study before you can comfortably believe you know what the heck you are doing

It's just that I'm so excited about learning all this, that I want to get everything lined-up and ready to start learning! I do appreciate you taking the time to explain some of these important points. I have been reading a lot of info on some outdated tutorials that I found on the web (1999,2000) but I'm sure if I keep at it, I'll find what I need and eventually will get started.

There are many apps which are download able from www, and they are protected by dongles so beware
Look into help of this app, topic registration or etc if author says that they will give u a link or send by emaill full installation of this app after u buy it must be demo but if this demo have only 30 days trial it can be cracked

As a matter of fact I did some exploring on this target, and found out that in fact, that you have to call them and then they will give you a password to upgrade thru their website. so I guess I'll try another one.

Also, I'm trying to see If I can find some good targets I can reverse with Ollydbg instead of SoftIce, being that it sounds more complicated. I'll Keep you guys in touch.

[Michel]

Hi ur next,

Maybe it would be easier for you to begin working with IDA on "dead listing" :
If your file isn't packed, you have a good chance to see some messages like " Enter serial number", "Invalid serial number, please try again ", " days left"... and so you can go up, find the calls, the conditional jumps etc.

Trying to determine what the prog is doing "on the paper" will be a very good exercise for your intuition and asm knowledje...

"Dead listing" methode go naturally to patching the prog : you can for sample bypass the test verifying a date or a serial, but if you want to find THE working serial, this methode is often very hard : it is more usefull to work with a debugger like Ollydbg.

I found the reply from JMI a clear and informative brief overview. As someone who would like to begin the long journey and reach the end over time without taking too many wrong roads, I was wondering what education material the experienced reverser like JMI would recommend to the beginning hobbyist ? Someone who does not have any immediate need but would like to learn properly over time. Not just a few tutorials but a full course of material from beginning to master. Where would the ORC series fit in, at what stage should one go into them ?

[JMI]

Let's try to keep the unnecessary stroking at a minimum.

That said, there simply is no substitute for a wide range of reading BEFORE one embarks into the darkwoods. It is fairly essential that one have a fundimental grasp of assembly language, but from a narrow prospective, in order to do general reversing. This is so because the most frequent "visual" display of a program, as seen in the debugger and/or disassembler will be assembly language.

This does not mean that one needs to be able to "write" programs in assembly language, because while it certainly is doable, most languages are written in "higher" languages simply because it is easier. But if you want to learn to use Softice and/or Ollydbg and/or IDA, what you are going to see is usually assembly language and you need to be able to recognize what you are seeing and what the code is doing in terms of moving bits and bytes into and out of registers and setting flags and such. And what the heck are pointers and relative addresses, etc.

So a good place to start is with some form of a primer on assembly language for crackers. There are several available on the net. You will find good reference sources on a variety of subjects for the beginner in the links at the bottom of the RCE Messageboard Regroupment, aka the Woodmann Forum mentioned many places here.

As a starting point, I will repeat my mantra the one of the MOST important skills a beginning reverse engineer can learn is how to search, because information about most subjects of interest already exist on the net. General search topics for those starting out could include (without the quotes):

"Hacker Disassembling Uncovered" (slightly advances, but a useful read even for the beginner and the e-book is available here after one has 3 posts. Yes, I intend you to use the search button. Try it, you'll learn to like it. )

"cRACKER'S nOTES"

"cracking for newbies"

"assembly guide for newbies"

These will give you a good start and a direction for where to go next. Learning to crawl before you try to walk or run, means you can read many tutorials, but your first emphasis should be to try to understand what the heck they are talking about, rather than trying to follow in an actual program. it is much better to obtain some fundimental understanding of what reversing is all about, rather than just go crashing through the dark codewoods.

Regards,

JMI,

Where to buy this book (Hacker Disassembling Uncovered).
i cannot buy it online. (I have 2 bad exprieance before.)
Any others way?

Thank.

[JMI]

Oops. You did not search here, did you, which means you did not read my post above very carefully. Let me make it as clear as I can:

Put "Hacker Disassembling Uncovered" (without the quotes) in the SEARCH button at the top of the Forums. Then be embarassed.


Regards,

I appreciate reading JMI's response. I agree that much info is there for the taking on the net. A few good search engines and a couple of key words should be enough. Maybe if you really must, one could read the Google Hacks ebook. However just like a public library the net can offer too much info and one does not know how good the material really is as one does not know the credentials of the author.

I do know assembly and C and would like to read just a few core texts, without wading through scores of tutorials. I was particularly wondering where the famous ORC series fits in ? Is it advanced level or beginners level ?

I have not searched for material within the forum yet but intend to do so. I would be more willing to read material on this forum rather than randomly on the net.

Regarding the comment "Let's try to keep the unnecessary stroking at a minimum." What does this mean exactly ? I do not understand in what context you use the word "stroking".
Although I seem to recollect in my distant past a girlfriend using a somewhat similar phrase ...
Sorry, but is there some written or unwritten rule that I have not followed and should know about ?

[JMI]

In this case it referred to "unnecessary stroking of the ego," not body parts. It refers to the somewhat overuse of compliments in your response, and was intended in good humour.

Regards,