[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Click for more| Home]

Hackers/crackers/reverse engineers

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.

Thread replies: 148
Thread images: 20

File: screeni1.png (206KB, 1024x768px) Image search: [iqdb] [SauceNao] [Google]
screeni1.png
206KB, 1024x768px
Report in /g/urus. We are the 1337s.

Anything interesting your working on?

As for me, just cracking software as usual, releasing patches, fun stuff.
>>
>>43598877
And whats the image supposed to show? You placed 2 strings in the code
> whoopty doo
>>
>>43598877
What is the program that has an icon that looks like a splotch of paint?
>>
>>43598942
Not quite. The data before is the packer for the main exe. It ends at raw offset 16423. After a fair amount of trial and error I successfully unpacked the file and have the raw dump. That msg is merely proof after the file has been executed I can call the WIN32 API MessageBox and point to my injected string (which will be replaced later with pointers to new ASM code) for patching this files security mech which is much easier now that I have the exe's raw dump, though still a bit tricky.
>>
>>43598877
That doesn't look like sensible assembly output, it still looks packed, or you are disassembling data. Wtf is basecalc.exe?
>>
>>43598958
ollydbg
>>
>>43599295
is prolly som tutorial/crackme
>>
>>43599390
Apparently basecalc is supposed to calculate offsets - a glorified calc.exe. I suspect that this image is fake, and OP is a tool.
>>
>Low-Level
Hacking: The Art of Exploitation 2nd Edition *
The Shellcoder's Handbook: Discovering and Exploiting Security Holes 2nd Edition
A Guide to Kernel Exploitation: Attacking the Core

>web
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws 2nd Edition *
SQL Injection Attacks and Defense, Second Edition
Client-Side Attacks and Defense
The Browser Hacker's Handbook

>penetration testing
Metasploit: The Penetration Tester's Guide *
The Basics of Hacking and Penetration Testing, Second Edition: Ethical Hacking and Penetration Testing Made Easy
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide

>coding (related to "hacking")
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers *
Coding for Penetration Testers: Building Better Tools
Gray Hat Python: Python Programming for Hackers and Reverse Engineers

All books marked with a * is regarded as extra valuable.
If you're only going to read one book on that subject, read this one.
>>
Videos:
>OpenSecurityTraining: Introductory Intel x86
http://opensecuritytraining.info/IntroX86.html
https://www.youtube.com/playlist?list=PL038BE01D3BAEFDB0

>Assembly Language Megaprimer for Linux
http://www.securitytube.net/groups?operation=view&groupId=5

>Offensive Computer Security 2014
http://www.cs.fsu.edu/~redwood/OffensiveComputerSecurity/lectures.html


Other stuff:
>The Open Web Application Security Project (OWASP)
https://www.owasp.org/index.php/Main_Page

Really interesting stuff, would recommend checking out the "OWASP top 10" project and Attack Categories.
>>
>Blackhat Library
http://www.blackhatlibrary.net/Main_Page

Have released some interesting tools as long with some good articles and guides on different subjects.

>subreddits to check out
reddit.com/r/netsec
reddit.com/r/blackhat

RE for beginners:
https://tuts4you.com/download.php?list.19
https://github.com/dennis714/RE-for-beginners
http://www.reddit.com/r/ReverseEngineering/comments/smf4u/reverser_wanting_to_develop_mathematically/
https://github.com/turnersr/turnersr.github.io/blob/master/technology_review/Technology_Survey.md
http://www.reddit.com/r/programming/comments/22crn0/gpl_alternative_library_to_microsoft_detours_for/
http://overthewire.org/wargames/
http://exploit-exercises.com/
http://io.smashthestack.org/
https://github.com/e28eta/stripe-ctf-2.0
http://www.amanhardikar.com/mindmaps/Practice.html
https://microcorruption.com/
http://www.cryptopals.com
>>
Does ollydbg already have 64bit support?
>>
>>43599933
Try x64_dbg is you need 64bits.
>>
>77 7C C8 7C
top kek
>>
if you're not on CTFtime you're not a hacker

mitre ctf starting in 30 mins for you college kids
>>
>>43600567
>CTFtime
link? please
>>
>>43600636

seriously? https://ctftime.org/
>>
>>43600761
hey geohot is here, explain more what is ctf
>>
>>43600761
Damn you are so serious, you don't get a joke right?
>>
File: hZGdrfr.png (34KB, 567x451px) Image search: [iqdb] [SauceNao] [Google]
hZGdrfr.png
34KB, 567x451px
>>43600827

CTF is a capture the flag competition. usually they are in the form of a big jeopardy board of challenges that you have to solve for points.

sometimes they give you a binary file and you have to find an exploit, sometimes they point you to a fake website with some exploitable part and you have to hack the site, sometimes you break crypto challenges, sometimes you analyze packet captures, etc etc. it's like hacker games.

CTFtime keeps track of CTF competitions, teams, who is winning what, etc.

more info: https://www.youtube.com/watch?v=8GkvBZvGO5Y

my captcha is a cactus?
>>
So... guys, good irc channels for talk about this things? i don't find nothing on rizon/freenode...etc
>>
>>43600896
icarus has found you
run while you can
>>
>>43600896
>CTF hacking comps
where do i sign up?
>>
today i squeezed out a fat turd and slept the whole day
>>
>163F004 to 1642003
EWWWW
>>
>>43599694
thanks anon
>>
All hail lena151 and fyyre
>>
File: fagbuntu.png (302KB, 1680x972px) Image search: [iqdb] [SauceNao] [Google]
fagbuntu.png
302KB, 1680x972px
I'm doing the flare-on challenges. I'm on #6.
>>
File: fagbuntu2.png (85KB, 1680x972px) Image search: [iqdb] [SauceNao] [Google]
fagbuntu2.png
85KB, 1680x972px
>>43601886
Another look at it this time in IDA 64 (since its a 64 bit elf file).
>>
>>43600495
Hah didn't even notice
>>
>look mom I am changing jz to jnz and jmp to nop, I am real craxx0r!
>>
>>43599044
Why are you "injecting" strings into this program... Also, that data looks like garbage. Are you sure it actually unpacked it properly.

Also, just curious, what are you using to dump the loaded image back to a PE file?
>>
>>43601923
Justin gruwell?
>>
>>43602209
heh
http://www.indeed.com/r/Justin-Gruwell/ed767dca8988f9fe
>>
>>43602253
http://jresume.com/jgruwell

Top lel, who has their entire name as their login id
>>
>>43602528
>Top security and cryptography specialist for the military
>Posts pictures with link to resume and personal documents on 4chan
>uses full name as windows directory

Top lelocopter
>>
>>43598877
>windows
>>
so what was your favorite defcon speak this year?

mine was putting a snoopy on a drone to track down people via their cellphone
>>
>>43602528
What else would you use?

>>43602570
What does public information have to do with security? Why wouldn't you want someone to see your resume?
>>
File: vicious hacker.jpg (135KB, 640x427px) Image search: [iqdb] [SauceNao] [Google]
vicious hacker.jpg
135KB, 640x427px
Ok, so IDA 6.5 keeps leaking, but does anyone have Hex-Rays decompiler to go with it?
>>
>>43599694
Is there a wiki with these links somewhere?
>>
File: 1362631796391.gif (542KB, 500x500px) Image search: [iqdb] [SauceNao] [Google]
1362631796391.gif
542KB, 500x500px
>>43602978
They are NEETs who would be mortified if their name showed up in Google results even though no one knows or cares who they are. They think not existing outside of being "anonymous" on 4chan is good security. They think they are pro doxxers because they can Google names.

Disregard them.

Still looking for that hexrays decomp leak doe.
>>
>>43599694
what is the BEST book for learning assembly??
I don't care which CPU its for, but I can't find a single good book that teaches assembly well

that is really pointless to read books about hacking/pen or using disassembles like ollydbg and IDA testing when you don't know assembly
>>
I can use command prompt to Jack off into the mainframe IP gooey
>>
File: psp.png (477KB, 3840x1080px) Image search: [iqdb] [SauceNao] [Google]
psp.png
477KB, 3840x1080px
I'm reversing PSP games and fixing them so that they can be translated into English. This one is easy because they didn't strip symbols.
>>
File: AST_2089.jpg (35KB, 426x640px) Image search: [iqdb] [SauceNao] [Google]
AST_2089.jpg
35KB, 426x640px
>>43602935
From root to SPECIAL: Pwning IBM Mainframes - Soldier of Fortran

And

Mass Scanning the Internet: Tips, Tricks, Results - but I really enjoy Viss
>>
>>43603584
One day I will learn to do this, there are so many Sony games for the PSX and PSP that I want to play but are not in English. I'll either learn Jap or learn to reverse or do both.
>>
>>43603584
>PSP
>2014
kek
>>
Working on my project called Celect.

A couple of years ago, there was an Eve-like MMORPG (but a bit more cartoony, and less real-time) called Celetania. Unfortunately their parent company went under and they discontinued services.

Since there is no more traffic to analyze, I'm in the progress of writing a server purely by reverse engineering the game client.

Their engine is actually pretty cool. They wrote their own stack-based scripting language and a JIT.
>>
>>43603584
????? - ?????????!
>>
I want to learn more about web application exploitation. I am okay with SQL injection but I don't fully grasp the concept of XSS and how do people deface web pages? Other than using PunkSpider how can i find vulnerable pages to practice on?
>>
>>43599933
>>43599964

I've always used Stealth64, works fine.
>>
>>43603584
Damn nice

Let us know when you be working on Type-0
>>
>>43598877
I'm trying to create a keygen
I have reverse engineered some software, I isolated the functions checking the keys

The problem : the functions are big as fuck doing obscure bitwise operations, would take long time to figure it out step by step

Is there a more intelligent way of handling the problem ? Right now I was thinking :
- isolate the verification functions
- as the functions return when there is something wrong with the serial, I could randomly try keys and record the number of executed operations
- from the data, run a neural network with one input = one bit...
I doubt that would work thought, the cycle mesuring is either slow or imprecise even when I run it a lot of time

From this method I got the serial length (about 4X the number of instructions are executed when the length is of 23, pic related, number of cycles per 100 runs vs key length)
>>
>>43603778

Bruteforcing isn't always possible.

imo just reverse that shit, how much logic can there be, really?
>>
>>43603584
How do I into this?

Also, what are some linux programs to use for hexediting and reverse engineering?
>>
>>43602978
Just your first name like everyone else on the planet
>>
Working on a Vice City trainer, I just moved from pleb CE variable changing to memory patching. Quite fun things happen when patching wrong memory lol.
>>
>>43603848
emacs
>>
>>43603848
Honestly, this "linux is 4 pros" mantra is stupid.

Windows is so much better for reverse engineering simply because all this shit was done on WIN 9x, 2k, XP by the older gen crackers, and the tools have existed and been updated since then. Real crackers don't give any damn about the OS they use, in fact most use Windows because, simply put, the tools are better, they don't give 2 shits about using a GUI over CLI either. It's about what gets things done the fastest, and clearly Windows and automation tools are superior than the few specialized ones that exist on Linux.
>>
>>43600896
I've always been interested in this, never got around to learning about it.

How do I get started if I want to participate in such a thing? University sophomore here by the way, and I've not taken any courses on security specific topics.
>>
>>43603960
I did not shit on Windows. Stop being so hypersensitive. I was just asking what tools I could use, not what should be used.
>>
>>43603848
Learn MIPS R4k assembly - it's so easy even imbecile could do that, steal IDA Pro, download emulator. Learn yourself to recognise 'JFIF', 'TGA' and just raw textures, mp3 inb4. Learn a bit of python to be able to make unpacker-packer.
>>
>>43603988
Scroll up.
>>
>>43603960

IDA exists for linux you fucking sperg, he also never even insulted windows
>>
>>43603848
EDB looks pretty good
>>
>>43603960
Linux has much better tools for reversing and programming in general simply because they are coherent and work well together.
>>
File: cap2.png (26KB, 812x834px) Image search: [iqdb] [SauceNao] [Google]
cap2.png
26KB, 812x834px
>>43604034
>IDA exists for linux
>>
>tfw no $3000 IDA Pro license
>>
>>43604085
>Linux has much better tools

mips-linux-eabi-objdump -DC | less? kek of keks
>>
>>43603829
I'm trying to find a more "generic" way of handling the problem, if possible.
More interesting imo than going thought 1000+ asm instructions, but I guess keygen crackers do this, don't they ?
>>
is this where video game cracks are made?
>>
>>43604117
Use OllyDBG to crack it

>Duh
>>
>>43604138
>crack to lrn2crack
>>
Guyz how do I become a hacker? I want to create my own cracks for gaymes.
>>
>>43600896
Go away PLA!
>>
>>43604125
You seem incompetent.
>>
>>43604135
Yes
>>
>>43604169
prove me wrong
>>
>>43604201

Have you considered that some people here are actually over the age of 16 and do real work instead of making shitty game cracks?
>>
>>43604201
B-but muh leensookx!
>>
>>43604248
I haven't.

inb4
>shitposting on 4chan instead of making shitty game cracks
>>
>>43603848
I'm using 010 Editor, it's available for Linux too. As for reverse engineering I think you're supposed to use prxtool --disasm --xmlfile 500_psplibdoc_191008.xml, it's not as convenient as IDA though.

I think in PPSSPP they use WinApi for debugger GUI so it won't work on Linux unless you run PPSSPP in wine.
>>
>>43604248
Have you considered that 99% of commercial and industry grade software is produced for Windows exclusively? Hence the ideal environment to examine and test it.
>>
File: 1405102868871.jpg (59KB, 500x361px) Image search: [iqdb] [SauceNao] [Google]
1405102868871.jpg
59KB, 500x361px
>>43604248
are you new?
>>
>>43604248
I need muh cracks for PCWHD, which i use to work

Now what
>>
>>43604285

Stop spewing buzzwords you retarded autist, and grow up and out of your shitty game and shitware cracks

Reverse engineering is for understanding how software works at the low level, not for making le call of duty crack
>>
File: 1357003567649.jpg (26KB, 212x480px) Image search: [iqdb] [SauceNao] [Google]
1357003567649.jpg
26KB, 212x480px
ITT
>>
File: xp crackbox.png (67KB, 1680x972px) Image search: [iqdb] [SauceNao] [Google]
xp crackbox.png
67KB, 1680x972px
>>43603778
Copy paste the asm into a C program. Utilize the asm keyword. All you really gotta know is the function params. What does it matter how it works as long as you can pass crap to it?
>>
File: 1356987228946.jpg (46KB, 530x462px) Image search: [iqdb] [SauceNao] [Google]
1356987228946.jpg
46KB, 530x462px
IN PLACE WE ARE FORCE!11
BHC
THEY NOT GONNA DO ANYTHING
>>
>>43604312
You are stupid as shit.

Where do you think reverse engineers come from? From facking cracking games and software out of interest and hobbies at the start, then moving onto better jobs.
You don't one day go
>hurr durr ima be 1337 reverse engineer and work for da guugle by reading shitty lectures at my uniweristy

Your argument is at a pleb-tier level. Please kill yourself, seriously.
>>
>all these disgusting x86 assembly
>>
>>43604360

>Where do you think reverse engineers come from? From facking cracking games and software out of interest and hobbies at the start, then moving onto better jobs.

Exactly, they grew up, why don't you
>>
>>43604368
What do you prefer, ARM?
>>
File: kek.png (74KB, 580x358px) Image search: [iqdb] [SauceNao] [Google]
kek.png
74KB, 580x358px
>>43604312
>yfw the combined share of Linux + BSD is less than Windows Vista, the lowest selling Windows ever

#rekt
>>
>>43604336
what does the russian part say am actually curious

sry for offtopic pls dont downvote me
>>
>>43604338
>Process hacker
Mah nigga
>>
>>43604392
MC68000
>>
>>43604406
Wilson, this man wants to be driven on WASM.RU ... He says that he's ready.

What do you mean, ready?

XOR EAX EAX
>>
>>43604394
There are more smartphone and tablet devices out there compared to desktops/laptops.
>>
>>43604406
Willson, this guy want us to bring him on WASM.RU He is saying - he is ready (means he's gone crazy)
WHAT DO YOU MEAN READY (means totaly crazy)?
>>
>>43604406
>Wilson, this person wants to go to WASM.RU, says he's ready
>READY HOW?
XOR EAX EAX
>>
I dont really know shit about this, but is it hard to crack a program which uses HWID authentication? it is a game bot
>>
>>43604440

He forgot'd the comma

XOR EAX, EAX
>>
>>43604338
I imported the functions with dlopen and I know the parameters already
Looking to find a proper key without doing monkey analysis of a ton of instructions... doing a crack would be easy tho
(or I didn't get what you mean)

A funny thing I saw in the asm, the programmer manually banned few keys that you can find on internet (like youserials.com)
>>
I'm looking for an alternative to OllyDBG. I know IDA is a good debugger, but IDA costs an arm and a leg. I'm not new to the field. Any suggestions?
>>
>>43604465
They are not replacements for a computer. Just devices that enable normalfags to update their facebook and check email on the go. Even surface is not functional enough to be used as a full time terminal.
>>
>>43604490
SoftICE
>>
>>43604490
pirate IDA nigger
>>
>>43604479
should be just one jump at end
>>
>>43604479
50 WMZ
>>
>>43604490
WinDbg
>>
>>43604490
Why would you want an alternative?
OllyDBG can do absolutely everything, especially with the Plugins, there is everything you could want and more. If you think of something olly needs, 99% of the time a plugin has been created for it.
>>
Relax guise
you will be never cool as
https://www.youtube.com/watch?list=PL4F15CBA7210BE294&feature=player_detailpage&v=QvSSpf8r72Q#t=30
>>
>>43604536
>OllyDBG can do absolutely everything,
Except 64 bit programs, which makes it pretty useless these days.
>>
>>43604536

I feel like OllyDBG is a little bit outdated, and this is going to sound horrible, but it looks like shit.
>>
>>43604560
He's working on that. Check the site.
>>
>>43604580
I think you get used to it after a while. Once you master the shortcuts, there's no going back and you swiftly make your way through executables.
>>
>>43604440
>>43604473
>>43604476
thank u komrades
>>
>>43598877

Berokyo 1.35, please :D
>>
Ok, this might be a thread to ask this

We all know Scene release group release their shit on usenet, right? (right?)

Well, i would like to get in contact with this one group that publishes video tutorials like CBT Nuggets, Pluralsight etc, they are called Keiso, does anyone know how to ask them for a request? Can't find any contact
>>
>>43604656
>Scene release group release their shit on usenet, right? (right?)
No.
It's couriers, leechers and other fags who happens to have site access who do that.
>does anyone know how to ask them for a request? Can't find any contact
The general thing is: If you have to ask how to even get in contact with a group they are not likely to wanna talk to you.
>>
>>43604656
All these warez/scene etc groups are typically all on IRC, that's how they all communicate. Just find their channels or related warez channels, and ask about till you get in some direction.
>>
>>43604720
i don't wanna talk to them, i don't want to learn anything or shit like that, i just have 2 requests for video tutorials they probably can get

but i am aware that there are shitload of other leeches who make money of them, i tried requesting there but they don't give a shit

so, how does one contact groups?
>>
>>43604749
ok, thanks, i'll try IRC

any advices in my search?
>>
>>43604770
linknet or efnet. but you won't find them
>>
>>43604476
is the joke that xor eax, eax is a few clock cycles faster than movl 0, eax?
>>
>>43604836
very slightly faster and allows you to avoid using 0, I.E. \0.
>>
>>43604899
I (different anon) knew that but I still don't get the joke.
>>
>>43603778
>the functions are big as fuck doing obscure bitwise operations
probably a crypto library
>>
>>43603410
Not a book, but the OpenSecurityTraining intro x86 videos on youtube are amazing for teaching assembly.
>>
I've learned a lot tonight, thanks /g/uys.
Archived the thread here
http://4archive.org/g/thread/43598877
>>
> tfw not part of any fun hacker group who learns crazy shit together
>>
File: 1407255610475.gif (987KB, 229x176px) Image search: [iqdb] [SauceNao] [Google]
1407255610475.gif
987KB, 229x176px
>>43605074

>mfw you think shit like that happens
>>
>>43605100
?
>>
>>43605100
>tfw unable to create a fun hacker group that operates just like the good old days
>>
So seriously now i asked like ago but some irc channels for learn and talk to other people having interesting in pentesting/cracked? im very interested too
>>
File: Perelman.jpg (32KB, 250x500px) Image search: [iqdb] [SauceNao] [Google]
Perelman.jpg
32KB, 250x500px
>>43605100
10 years ago or so I was told such shit does happen, during a job interview
> tfw I wrote POC viruses all by myself
> tfw I never peered with real hacker
> tfw I can't consider myself a hacker anymore
> tfw I lead a cybersecurity program
> tfw am not young anymore and can't spare time on cracking and RE, which is a dead-end for someone with education
> tfw I am jealous of you all
>>
>>43605123
>>43605128
there are a couple good ones on freenode like ##hackers and ##security
>>
>>43605046
Every thread on /g/ is archived automatically

In fact, every board has an archive except maybe /b/
>>
>>43605298
Can you please elaborate?
>>
To adress the which OS should you do your RE in, well I have a simple rule: Same platform your executable is written originally for.

If it is written for all platforms, pick the one you know the internals of better. If you are well rounded in all platforms, pick the platform that has your favorite tools.
Don't work from a VM in reversing.

>Windows cracking/RE gets done on windows, OSX on OSX, Linux on Linux and BSD on BSD.

Being well rounded really buys you freedom and flexibility.
>>
>>43605368
Every board has a third party archive ya dingus. If you've got any half decent script running, if thread 404's it'll just plop you in the archive.

/b/ likely does not (I don't use /b/ anymore, or at least enough to tell you if they have one) because it moves too fast.
>>
>>43598877
>your working on?
*you're
>>
>>43605542
Many have tried and failed to archive /b/.
>>
>>43605542
The other board with no archive is /gif/.
>>
What's going on nerds?
>>
>>43606227
>nerds
gtfo
Thread posts: 148
Thread images: 20


[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]
Please support this website by donating Bitcoins to 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
If a post contains copyrighted or illegal content, please click on that post's [Report] button and fill out a post removal request
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site. This means that 4Archive shows an archive of their content. If you need information for a Poster - contact them.