Reversing 101

A brief intro to reversing

Have you ever wanted to crack a program? Have you ever pirated an application that contained a crack with it? Ever wondered what happens when an application is run? If you're reading this, the answer to one of those is probably yes. I'm hoping to start slow with some intro tutorials, then work my way up to showing you how to crack current applications (or at least mimic the protections used).

First, let's answer some questions about assembly, cracking, and reversing. Afterwards some brief descriptions of things we're going to see within the debugger.

I saw a tutorial online that said "crack any software." How come you're not showing that?
Those videos only implement string checks (which is my first tutorial). They're using click bait titles to get you to watch. Any video without dialog but with loud, annoying trance music shouldn't be worth your time.

What program(s) do you use?
A combo of x32dbg/x64dbg, Ollydbg, Immunity Debugger, IDA for Windows; dnSpy, dotPeek, .net Reflector for .Net applications, Ghidra; GDB for Linux; CFF Explorer, Lord PE, PEBrowse32/64 for PE Editors; ResHacker, Hex Workshop, 010 Editor for hex and text editing.. It all depends on the application I'm reversing and type of binary it is. I don't do much kernel debugging, so I don't really use Windbg although it's a powerful tool.

I heard that X cracking group uses a specific program. Shouldn't I be using that too?
This is similar to most anything in life. There's never a single tool to do the job. The best crackers will use multiple tools depending on what they're trying to achieve.

You didn't explain X in one of your tutorials OR you explained X wrong.
Please feel free to reach out to me on my contact form if you feel that I need more detail for a specific tutorial or stated something incorrectly. Most tutorials will be in Windows, but I'll try to throw some Linux GDB for good measure.

Do I need to learn assembly?
This all depends how deep you would like your understanding of reversing to go. You might be able to follow most tutorials, but without a deeper understanding of what's going on, you're only going to be cracking simple applications.

For a deeper understanding of assembly and reversing I highly recommend:
-Reversing: Secrets of Reverse Engineering
-Reverse Engineering for Beginners
-Introductory Intel x86: Architecture, Assembly, Applications, & Alliteration
-Lena's tutorials - Assumes a basic understanding of assembly

What exactly is the difference between cracking, reversing, patching, and keygenning?
Cracking is the art of modifying or altering software usually in a way that benefits the person using the application. Some cases may be to register something illegally (pirating), disable DRM, or modification of software. Reversing does not necessarily need to include cracking and is more of a way to figure out what is going on with software or hardware. Reversing can include figuring out what an out-of-date piece of hardware does and how to change it so that it works with newer technology. Patching is the actual alteration of software. Where a program may say to jump to a specific location in the program or memory, you can force the application to jump to a different location or not take a jump (usually goes hand-in-hand with cracking). Keygenning is similar to cracking with the addition of an external or in-line way to generate a key or serial the same way that the application does.

Can you crack X for me or put up a tutorial for it?
I don't take requests. The reversing portion of my site is geared toward user-generated code, crackmes, reversemes, and keygenmes. I may through in an actual application but only if it's defunct and/or I have approval from the vendor. Although what is taught or my site and other reverse engineering sites may be applied to current applications.

Tutorials

Passwords from original links are: crackmes.one OR crackmes.de OR tuts4you.com
keyg3nme
Link: https://crackmes.one/static/crackme/5da31ebc33c5d46f00e2c661.zip
Debugger: Ghidra
File type: ELF64

crackme0x00
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x00.exe
Debugger: x64dbg
File type: PE

crackme0x01
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x01.exe
Debugger: x64dbg
File type: PE

crackme0x02
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x02.exe
Debugger: x64dbg
File type: PE

crackme0x03
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x03.exe
Debugger: x64dbg
File type: PE

crackme0x04
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x04.exe
Debugger: x64dbg
File type: PE

crackme0x05
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x05.exe
Debugger: x64dbg
File type: PE

crackme0x06
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x06.exe
Debugger: x64dbg
File type: PE

crackme0x07
Link: https://github.com/Maijin/Workshop2015/blob/master/IOLI-crackme/bin-win32/crackme0x07.exe
Debugger: x64dbg
File type: PE

patch_the_login
Link: https://crackmes.one/static/crackme/5caf91c333c5d4419da557a7.zip
Debugger: dnSpy
File type: PE
Name: Keller's patch_the_login
do_not_call
Link: https://crackmes.one/static/crackme/5ab77f5d33c5d40ad448c68d.zip
Debugger: x64dbg
File type: PE
Name: do_not_call by warrantyvoider

The first half is cracked. Working on the second. Tutorial on the first part to come soon.

Easy1
Link: https://www.blackwintersecurity.com/files/crackmes/Easy1.zip
Debugger: Immunity Debugger
File type: PE