Jump to content
AshAkiri

Reverse Engineering: A Fun Case Study and Overview

Recommended Posts

This was a very interesting read.

 

Is it considered fully legal or are there some gray areas to it?  I wont be participating in it myself as of now because I know I have to meet standards that may seem excessive to others, but it is what it is; it has certainly answered a few curious questions I've had and may I eventually poke around to it more thoroughly when it's absolutely clear I'm allowed to- for academic purposes of course.

Edited by Joshy

Share this post


Link to post
Share on other sites

20 minutes ago, Joshy said:

This was a very interesting read.

 

Is it considered fully legal or are there some gray areas to it?  I wont be participating in it myself as now because I know I have to meet standards that may seem excessive to others, but it is what it is; it has certainly answered a few curious questions I've had and may eventually poke around to it when it's absolutely clear I'm allowed to- for academic purposes of course.

 

It's definitely a YMMV kind of thing. Would I advocate REing non-abandonware for the purposes of abusing someone's copyright? Absolutely not. There's a reason I selected a game available on the internet archive from a quarter century ago. That said, what you do with the software that is on your computer is your business. When you start releasing things (e.g. cracked games on TPB), well, that's a whole different story.

 

Which is to say, REing itself is not a gray area at all. It's what you do with it that could be.

Edited by AshAkiri
clarity
  • Like 1

Share this post


Link to post
Share on other sites

Thanks.

 

I was just curious about the YMMV thing.  As for anything regarding security clearance I mentioned nothing, but I'm sure anyone with that need to know and considering it would leave it to their investigator to determine.

 

Still a very cool guide.  Great job.

Edited by Joshy
  • Like 1

Share this post


Link to post
Share on other sites

So, i need help 😄
Thanks for the tutorial ofc, very well written!
I got to the point where i found the "Rsrc_Dialog_e2_409" (img attached) ... thats the dialog that is shown when you dont have the full version.
I think that must be the correct entry point, but im not sure how to get further.

There is no function attached, neither did it help to search for references or call tree of that address.
I cant find another entry point, maybe i would have to play through the game to get to the point where i cant continue anymore, but im too lazy for that. (And i cant play a game at work without anyone noticing :D)

So could you point me in the right direction how i get to a function i can RE, or at least anything how i can progress...
Thank you :)

image.thumb.png.e0b5bfda99ac9febc67ce46b04505767.pngd the "

Share this post


Link to post
Share on other sites

On 2/4/2020 at 4:10 AM, Flex Surf said:

So, i need help 😄
Thanks for the tutorial ofc, very well written!
I got to the point where i found the "Rsrc_Dialog_e2_409" (img attached) ... thats the dialog that is shown when you dont have the full version.
I think that must be the correct entry point, but im not sure how to get further.

There is no function attached, neither did it help to search for references or call tree of that address.
I cant find another entry point, maybe i would have to play through the game to get to the point where i cant continue anymore, but im too lazy for that. (And i cant play a game at work without anyone noticing :D)

So could you point me in the right direction how i get to a function i can RE, or at least anything how i can progress...
Thank you :)

image.thumb.png.e0b5bfda99ac9febc67ce46b04505767.pngd the "

 

Hey there!

 

First off, I'm so glad you decided to start poking around this! It's always a fun journey to start getting into RE -

 

As far as advice goes, let's talk about that.

 

Good job on finding the pop-up window that shows when the trial is there. As you said, there's no reference to this dialog box resource (hence, Rsrc_dialog). Welcome to the annoyances that come with disassembly/decompile. Sometimes things get eaten. Especially when you get all sorts of fun virtual functions causing these things to not have 'direct' references.

 

A viable next step would be to take patterns that you already know to be true to see if they carry over into this new program! No need to re-invent the wheel! We talked about a specific function that parses command line arguments - Try filtering the list of functions to see if this function is also being used in this example.

 



qUAG4Zov.png

 

Remember this? Look to see if you can find it again!

 

Sometimes, you'll find that say, after an update, the game (or whatever) starts to scramble their imported function names, for example. In this case, one strategy that can be used is to find an older version where the function names aren't scrambled, then go match their behavior in the new version! Always use the tools at your disposal to help find the solution!

 

Let me know if you need any more help!

Share this post


Link to post
Share on other sites

Thanks, i got the Solution now :)
Even tho its was more just because i already saw your solution to the other one, but couldnt really wrap my head around how this one functions and i come out with another 4 digit code that looked similar in the code as yours for the example tool..
maybe this is still too complicated for me 😄

Share this post


Link to post
Share on other sites

6 hours ago, Flex Surf said:

maybe this is still too complicated for me 😄

 

Don't let it be! The purpose of this exercise is to just get familiar with the tool and to learn a few concepts of RE! If the concept that you learned is to look for existing patterns and try to find similar ones, that's a fantastic skill to have in your skill set!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...