/ASG/ - Assembly General Cracks edition All things assembly

>>57449877
>wangblows

>>57449877
thats the gayest program ive ever seen

cant wait to deport u to the other side of the wall

enjoy mexico, hombre

>>57449877
I've been trying to make sense of the code for populous:the beginning for the past couple days. Crashes on new graphics cards and I'm hoping to fix it.

Reverse engineering COM calls, though, isn't fun

>>57449877
OP, what exactly are you doing? Also, don't you think ASM is way too advanced for /g/? Should have posted an iphone thread.

File: confuse_ida.png (60KB, 1326x837px) Image search: [Google]

60KB, 1326x837px

>>57449922
COM calls? 1995 called, they want their DOS int21 back.

>>57449932
Obviously making programs free. They were dumb enough to include the serial in the program.

>>57450079
>COM calls? 1995 called, they want their DOS int21 back.

>durrr look how sm4rt I am I recognize what a COM call is
>im a hacker lol
>thats SOOOOOOOOO 1995
>so out of date lol get with the times faggot

it's a 1980s game you fucking retard

get the fuck off /g/ you autismal cunt, you are not respected

>>57450108
third game is from 98

>>57449932
you're right
the first 2 posts are useless baitposts

how do i into 65c816

File: fagget.png (477KB, 636x797px) Image search: [Google]

477KB, 636x797px

>>57450108
Where would I get that idea from? Go to bed grandpa.

tfw no ollygdb for loonix

File: edb_interface.png (169KB, 943x814px) Image search: [Google]

169KB, 943x814px

>>57450224
Try Evans Debugger for loonix.

What jobs can I get doing assembly programming? I'm concentrating in systems architecture so I'd like to be able to do the thing I have knowledge in. East coast btw.

>>57450224
get Hopper

>>57450243
ill try, it's just that im kinda familiar with olly, well im a shitter when it comes to RE but at least I was comfortable enough to navigate around and make simple bypasses by patching a few instructions here and there

>>57450244
automotive, i think
robotics and embedded in general

prepare to write software for "white goods" for the rest of your life

>>57450244
industrial espionage/reversing stuff
also anything where you need to juggle a lot of numbers and can take advantage of custom-tailored simd

>>57450288
>automotive, i think
Haha, no.

What are the basics to crack a program I already know c++ where do I start?

>>57450410
learn the x86 instruction set, then get a debugger/disassembler like ollydbg.

>>57450421
How do you actually crack a program

>>57449877
Please, op, tell me how to learn disassembling. For example I need to disassemble some program and write c++ code that compiles to same program, what should I do?

>>57450410
>>57450469
>>57450463

forget x86, learn x64 instead, it includes x86 sets
google 'Practical x64 Assembly' by whatsacreel on utube and get you feet wet in asm so you could read and programm some asm. then google 'Lenas Reversing for Newbies' tutorials and then google TiGa's Ida tutorials

>>57450463
theres no universal way to crack a program. they're all different. usually, it involves reverse engineering the serial number/product key validating code

>>57450463
What cracking?

>>57450474
thanks

File: 09. RelaxOVision-Fatman And Boy Blubber-Limbo LockUp-Terror Palace.mp4_snapshot_04.35_[2016.02.12_11.58.34].jpg (24KB, 512x384px) Image search: [Google]

24KB, 512x384px

>>57450410
learn how to use a debugger

>>57450469
you won't be able to decompile c++ code and recompile it, you could only figure out how a program works and then write it yourself from scratch (if you want to copy a competitor software for example)

>>57450519
offtopic but is there a real reason why c++ code can't be decompiled?

File: 1477083942020.png (208KB, 5000x5000px) Image search: [Google]

208KB, 5000x5000px

>using olydbg on WoW
>want to trace a button click to something so I can call it from my program
>traces back to a single JMP
i don't get this shit

>>57450540
I think online games are usually programmed in a way to make them hard to read through debuggers to stop hax0rs.

Does anyone know the exact compiler/linker/assembler used by Nintendo for their NES and original Gameboy games?

>>57449877
Finally an interesting general..

Where does one learn Assembly used for REing?
Is there a defacto Reverse Engineering book?

>>57450608
Probably the ones provided by the chip manufacturer.

File: Hacking_Book_Cover_second_edition[1].jpg (20KB, 264x350px) Image search: [Google]

20KB, 264x350px

>>57450618
I think this might help, it's intended for network hacking but it goes through the steps of reverse engineering C code I think to explain exploits.

>>57449917
Why do you think it's gay? It's one of the only ways to play old school DOS games with a modern controller, it's very useful actually.

>>57450536
the original info is stripped away during compiling, some code gets rewritten for optimization, you get machine code, which cpu can execute, Ida with Hexrays can make sense of some of it, and that's that

>>57450135
>Third game
Whats your point?

>>57450640
I already know about that book.
I already know a bit of C

My problem is with actually reading the assembly instructions but im starting to assume it will stick after trying and trying

>>57450224
radare2 is the vim of linux debuggers

>>57450607
still it's the client from 2006 and I wasn't expecting it to make no sense.
Maybe Im just too dumb

>>57450656
It's not just C, it examines the output machine code.

>>57450652
how fucking retarded can you be, you claimed the game is from the 80's but the game you are trying to play is from 98. if you want to play the original game just use dosbox or play the amiga version

>>57450665
Have you looked at where it jumps to? Because if it's a button then the code is likely written into memory and then just jumped to on the keypress, rather than writing the button function each time.

>>57450676
okay ill give it another go :^)

have a bump, nice thread

File: ss.jpg (7KB, 233x346px) Image search: [Google]

7KB, 233x346px

>>57450497
also read picrelated while you at it, single best book on how computers started/work, makes it easier to understand asm

>>57450648
So is it a case of object orientated programming creating machine code that is far too abstract for a decompiler to reinterpret as C++? Because a computer being a procedural machine it doesn't actually "understand" OOP so the compiler creates code optimised as a procedural list of instructions?

>>57450690
there's a single jump that goes to some functiony where it makes some calls and jumps around
What's weird is that this happens on every buton press, so both login and quit button trigger it.
Was this supposed to be some function that takes any button press, identifies them then does whatever it's supposed to do?
This isn't even in the game , but rather the login and character select screen where anticheat shouldn't even be active

>>57450540
if simply clicking the button is enough, use autohotkey(and a VM if detection is an issue)

>>57450685
I think you're confusing me for two people.
Yes, I'm working on trying to fix the '98 version. Someone else mistook it for the original.

>>57450079
>kek
>the most nasty string obfuscation i've ever seen

>>57450690
>>57450772
also what I did was make a breakpoint on the call that's responsible for the sound playing
Since the button makes a noise every time you click it, I figured this is the only way to set a breakpoint on the button. After that, I just looked at all the places which call the sound making code and kept going backwards until I got that jump

So I found something but idk what to make of it

>>57450737
think of it this way: take C code, port it to java. now port this java code back to C. You won't get the same code of course.
It's like translating languages, if you translate a text into english and back you won't get the same text back, merely a similiar one. The differences between C and assembly are fairly big as well as compiler optimizations which transform the code(i.e. from a = 2 * x / 4 to a = x / 2)

>>57450772
>Was this supposed to be some function that takes any button press
Likely the event handler, I think the complexity probably comes from the login function having a lot to do to connect to a server. Authentication, checking the client version, parsing string information, etc.

Perhaps you should get some practice with a more simplistic game first where you know the start/login button just jumps to rendering the next screen?

I mean if reverse engineering is new to you (and it is for me as well), maybe games in general are too complex for beginners.

>>57450802
Also the game is almost certainly threaded and so maybe you're jumping back through the thread intended for sound? I know that sound is often programmed to be completely separate from the main game threads because juttering sound would be annoying.

>>57450977
Not him, but what are some good applications for beginners? I'm already proficient with C, know some basic assembly, read some RE tutorials and whatnot, but I still take hours to search particular values/pointers in memory and anything more sophisticated than that(eg. narrowing down a particular function that modifies that value and when exactly it does so) has been more or less hopeless, despite the fun of it, so far.

>>57451170
Maybe some sort of open source command line program? Mostly because they are smaller and you can also compare the source code to your findings to see if they were correct.

>>57451170
you can try cracking crackmes that other people write and also writing c++ programs and studying how they decompile, then writing more complicated ones

>>57451002
yea, this makes sense
The main problem I'm facing is finding where to put a breakpoint to catch that button call.
Look at the intermodular call, nothing makes sense

>>57451270
I'm afraid I can't help you there senpai

What's a good place to start with reverse engineering? Cracking old programs? Cheating in games? Trying to decipher Intel microcode patches to discover the secrets behind AMT?

>>57451688
Write your own login system, then open it in ida and try to crack it.

Also OP is a fag for using white theme.

So actually what application would you suggest to crack smaller applications and stuff? (got OllyDbg on windows, dunno about Linux, inb4 gdb is gay)

>>57451688
Make a graphics/resource viewer for your favorite 8-bit game

Is x64dbg good yet? It appears to be getting bloated by new features.

>>57449877
Newfag here. Why are you using 2 debuggers/disassemblers? IDA is a debugger too, no?

>>57452096
Not OP. I prefer ollydbg/x64dbg over IDA because you have to fiddle with a windbg server first to debug x64 applications in IDA. Also the debugger interface in IDA is broken and hard to use.

IDA is still top for static analysis of binaries.

>>57450474
It's shit.

>>57450378
well after 9000 NDAs and after you will agree to sell your firstborn son as a test subject and your wife as a sex slave if you violate it.
remeber that 8MB of memory is a huge amount and CAN bus is weird and non-deterministic POS

>>57452288
Programming for automotive systems, especially off the shelf solutions, is just plain not done in assembly. It's done in C with special guidelines.

>>57450618
A great book is practical malware analysis. It is aimed at being able to reverse malware but the same principles will apply to reversing too. If you don't care for that, use the following resources:

http://opensecuritytraining.info/IntroX86.html
http://opensecuritytraining.info/IntermediateX86.html
https://tuts4you.com/download.php?list.17 (recommended to run within a windows xp vm, same as the practical malware analysis book i recommended)
https://beginners.re/ (great book/pdf on reversing)

File: 1454640688625.gif (289KB, 400x400px) Image search: [Google]

289KB, 400x400px

>>57452157
You're right about IDA being shit when you attempt to use it with a windbg server. Especially kernel mode. Shit is borked.

Is 68k ASM good to start with?

>>57450244
There are applications in the security field, especially for governments etc. Also, while it isn't programming in asm, you can do malware analysis etc, which requires a solid understanding of asm.

>>57450469
look up lenas reversing tutorials on tuts4u. Its 32bit x86, but the concepts are very well explained. Its easy enough to pick up 64 bit once you understand 32 bit.

Anyone here Anyone here using Binary Ninja? How is it and how does it compare to IDA?

>>57450737
It doesn't really have anything to do w/ OOP specifically. It has more to do with compiler optimizations etc. The compiler does a lot of stuff to make the code smaller/faster, and its rarely something that can be translated reliably back to the original code.

C++ does add additional complexity with vtables etc, but even without the OOP stuff, you can't really get sensible source back from a program compiled with optimizations.

>>57454129
start with mcs-51

>>57449877
Used j2k many times. Need to find an updated version.

What's a good tutorial to learn 6502 assembly using a NES emulator?

File: explorer_import_2.png (84KB, 961x762px) Image search: [Google]

84KB, 961x762px

>>57454618
I heard its cheaper than IDA. As for better, idk.

>/ASG/ Autism Spectrum General

>>57449877
Best assembly language, and best windows IDE/compiler? Noob here wanting to learn

File: 1470722494432.png (11KB, 656x460px) Image search: [Google]

11KB, 656x460px

>>57456196
Also, what would be a good way to learn asm?

I saw practical x64 assembly, but other resources are appreciated.

>>57454618
Yes.
I feel like its too early to buy it. Lots of very important features missing. Right now i suggest Hopper on GNU/Linux instead.

>tfw I'm doing assembly programming for my systems class right now

god damn it you retarded fucking faggots, if you're going to use a shortcode you put it in the subject so that people who want to filter it can do that.

>>57454624
>>57450737

The only painful thing introduced by oop tends tends to be dynamic dispatch (objc / virtuals in c++).

>>57456324
>implying this will be a general instead of dropping off soon
these generals can never sustain themselves sadly.

>tfw no ollydb for loonix

>>57450540
maybe it's the first drop after the click which registers as the quickest signal and thus is the first action that comes out on the other end.

>>57450155
get that 800 page book about it

is radare2 the best linux reverser?

>>57454764
nesdev.com

How is NASM for beginners ?

Dishonored 2 crack when?

>>57457701
how?

>>57458882
shitty question, what exactly do you want?
some kind of renderer?
a bitmap decoder?
something else entirely?

>>57458904
push 0b800h
pop es
xor di,di
mov si, offset pepe
mov cx, 2000
rep movsb

anyone who cracks Cubase 8.5 will get 300 bucks from me ayy lmao

File: space.png (28KB, 785x572px) Image search: [Google]

28KB, 785x572px

>>57456196
>>57456221
Nasm is the best assembler. Notepad++ and nasm work fine. As for the best way to learn, compile what you want in C and set the output as assembly (or use a debugger) and follow along.

File: final-fantasy-x-how-to-get-gil.jpg (215KB, 1684x960px) Image search: [Google]

215KB, 1684x960px

>Install IDA in a VM
>"Decompile" unRAID's main binary file that does all the license checking etc
>Inspect the code for a bit, find that it simply uses an RSA public key to decrypt the keyfile you get when you buy the product and reads the license limitations from there
>Generate a new private/public key pair
>Replace the old public key with mine
>Create my own keyfile with basically unlimited limits
>Encrypt it with the private key
>Load it up and enjoy my limitless license

I'm not sure about the terminology anymore but damn it felt good man, my first time doing this kinda shit with native binaries. It was the best saturday in a while.

Stopped using the product after a while though, didn't like it very much.

>>57459666
why not GAS? it comes with most UNIX-likes.

File: bbiz404-d662b65a97.gif (2MB, 740x416px) Image search: [Google]

2MB, 740x416px

>>57460144
gas is ass. at&t syntax can suck my dick.

>>57460279
well if you need something very quick, it does the job

doesn't it have a special instruction for using intel syntax though?

>>57459061
When TEAM AiR fails.
Its time to move on

>>57460144
Im not that into asm but LITERALLY everyone uses nasm for some reason

>>57456196
>Best assembly language
HLA :^)

>>57450079
I'd be surprised if LoadLibrary succeeds, considering you haven't 0-terminated your why string.

>>57461280
Is AiR still around?
Last I heard from them was cubase 5 or something

>>57461295
>everyone
like every gnu tool uses at&t
only ppl that use nasm are 1337 wannabes

mov RAX, QWORD PTR [RDI + 16]

totally readable and alignes so nicely with all other instructions /s

movq 16(%rdi), %rax

>>57461295
FASM represent here. I also quite like NASM but since I've written an OS in FASM it has become my go-to assembler when I need one. Not that they're too different in the first place, just a preference thing I guess.

File: 1400204495295.jpg (36KB, 520x416px) Image search: [Google]

36KB, 520x416px

>want to get a good disassembler for static analysis
>everyone says IDA pro is the best
>over $3000 for the full package
>no student discount

that's double my monthly salary what the FUCK guys
how am i supposed to afford this?

File: 543px-The_Pirate_Bay_logo.svg.png (154KB, 543x615px) Image search: [Google]

154KB, 543x615px

>>57461555

>>57461555
crack it you dumb dumb

>>57461648
>>57461652
b-but i'm gonna get /marked/
http://www.datarescue.com/idabase/

>>57461555
x64dbg
Didn't try it myself so far, so sorry if it's shit (but at least it's free :^))

>>57461555

90 percent of their user base is russian, you think they buy their copies?

>>57461425
i dont mind the second way of doing things but do they really have to change the names of the instructions

come the fuck on

>>57461555
that reminded me of something

how nice is radare2?

>>57461831
This, someone please weigh in on this

Is radare2 an acceptable ida replacement?

is there any difference between

mov eip, address
jmp address

?

>>57461932
you can't mov to the instruction pointer

>>57461932
I don't think you can directly use the instruction pointer like that

>>57461932
you can't mov directly to the instruction pointer but jmp does that for you

>>57461555
hopper

Just use the money you saved on a mbp :^)

i almost want to write my own 6502 assembler some day, ca65 is just too complex

all an assembler does technically is translate mnemonics into opcodes and puts them in a binary file, doesn't it?

>>57449877
Any good sites, tutorials, books about assembly, executables, dynamic libaries, linking, OS, ... cracking basically?

>>57461555
The old adage goes that if you can't crack IDA Pro (or Numega SoftICE, to go back a bit), you're probably not pro enough to need it.

If you are, at least have enough forethought to null out the update check.

>>57459061
Um. I feel you may have radically (as in, two-three orders of magnitude) underestimated how much someone sufficiently skilled in the art to do that might consider charging you.

And sorry: I'm retired, and it's illegal now.

>>57450540
Maybe you can't see the wood for the trees. Try looking from up above instead of down below. See all the LuaJIT hooks? Seeking in that direction may be more fruitful: all of WoW's UI (and a great deal of the real server scripting!) is written in Lua.

You could see more by launching the .exe with -console, tapping ` on the login screen and entering

exportInterfaceFiles code

which will nicely dump the Lua source code into the Interface directory for some of the things you may find interesting, if I recall correctly.

And, careful of the anti-cheat, Warden, now. Fucking with things at a low level, cheating the variable tainting that's meant to stop addon developers scripting things only the stock UI is supposed to do, or anything to do with HotKeysHook or AHK is explicitly looked for and highly likely to get accounts/machine IDs banned.

>>57461831
>>57461881
I kinda like it, but that kind of thing is a very personal preference.

>>57462862
>The old adage goes that if you can't crack IDA Pro (or Numega SoftICE, to go back a bit), you're probably not pro enough to need it.

What disassembler/debugger should a beginner use to get started, then?

>>57462679
yeah, all you need to do is find an opcode table and learn the instruction format
http://www.oxyron.de/html/opcodes02.html

>>57462914
https://www.hex-rays.com/products/ida/support/download_freeware.shtml

Not the Anon you are replying too, but I would imagine that you won't be doing anything seriously complex for the time being so just use the free version for now.

How hard would it be for a good java/c/c++/python programmer to learn assembly

is it even worth it?

>>57463612
both are so different that there's no way you'll know how hard it is

just get a 6502 assembler and a C64 emulator and see for yourself

personally i find it simpler than high level stuff

File: S05E04 - All Happy Families... - Ehhhh.mkv_snapshot_23.45_[2016.10.26_12.22.14].jpg (112KB, 1280x720px) Image search: [Google]

112KB, 1280x720px

>>57461932

push 0xfeedb00b
ret
;or
mov rcx,0xdeefb00b00000000
jmp rcx

>>57462720
https://www.gironsec.com/code/RE_for_beginners-en.pdf
Try this book

File: ida.png (59KB, 1027x668px) Image search: [Google]

59KB, 1027x668px

>>57450469

Download IDA pro, drag file in, File > Produce File > Create C File

>>57450244
Web development

File: 1456450802536.gif (94KB, 514x510px) Image search: [Google]

94KB, 514x510px

How do I into IDA? The interface seems like a mess. I bought the book, but I don't have time to read it.

File: its_afraid.png (1MB, 1017x715px) Image search: [Google]

1MB, 1017x715px

Why should I use 32/64 bit scalar SSE floats instead of the 80 bit floats provided by the x87?

>>57462720
>>57464328 this is outdated
latest version is at beginners.re

So why haven't the folks at exelab broken denuvo and windows store protection? The closest thing I've seen is this video (or one like it.. not exactly sure if this is the one)
https://www.youtube.com/watch?v=-ijhx-X8DPE

>>57462862
thank you very much for the tips.
But yea, as I said I'm not doing anything you'd call cheating, just trying to make a script or program that'll log in, and create a bunch of characters using names from a list I give it.
Since I want to be able to run this multiple instances of wow, not all of them will be in focus thus I can't depend on automating it via mouse and keyboard manipulation

>>57464428
RTFM

File: 1478777094459.png (64KB, 626x368px) Image search: [Google]

64KB, 626x368px

I have 17yo strategic game.

I would like to find variable that store data for amout of gold and variable that store amout of specific building.

How one could find those variables?

Are people running games with ollydbg in background?

File: 1478828348181.jpg (571KB, 2658x2201px) Image search: [Google]

571KB, 2658x2201px

>>57450640
>>57450656
Anon here, this book explains basic x86 Assembly, but will teach you what you'd want.

>>57451170
try assault cube for playing around

>>57465468
cheat engine is what you're looking for

because every thread deserves a chance.

bump

>>57449877
bump

>>57465468
Sounds like something a good old fashioned Action Replay-style monitor could help with.

Ever used Cheat Engine before?

How did you get your l33t job?

I'm looking for an internship for this summer, do I even have a chance without contacts?
I can program, know a bit of C/Assembly, use Linux and understand some of the logic behind a computer. Where do I go next?

>>57461472
more like FASC(hild)

:^)

>>57450243
Why do you offer this when in the world exists divine gdb?

>>57450288
>white goods

You from Balkan senpai? Or is that expression used elswhere too?

Ontopic:
How do I into ASM ? I've had it at university but the course was rubbish

>>57470979
ASM is easy to learn

Just pick the architecture, learn about the registers, a few instructions like arithmetic, jumps, calls, and returns. It will be WAY more difficult to apply it to a 'useful' project

Wanting to learn LR35902 and ARM7TDMI assembly. What is the best place to get started with these?

Also anyone have any resources for PowerPC? I'd like to learn that as well, and apart from having a compiler for it (and a hardware emulator), I got nothing.

>>57470979
get a retro computer emulator, learn its architecture, do small projects like trying to display a sprite and eventually try to build on that

>>57450712
Once it gets to flip-flops, the logic gate arrays become difficult to understand intuitively (a flip-flop works as it does, but it's hard to get a good feel for it). Any tips on how to improve on grasping it intuitively?

>>57464955
Whoever made this video only did so to show how to deal with the protection and wasn't interested in releasing anything himself. I don't think anyone on exelab cares about releasing video game cracks, they only take protections apart for research purposes. From my understanding, this video shows how to get a working executable dump with rebuilt imports and disable first few checks (there are many throughout the game probably).

>>57459061
Some dongle protections have evolved to fucking impossible levels these days, not that I would know how to deal with one. That, or maybe the last few people dealing with them retired.

Are there any definitive books on x86 and x86-64 assembly? Some good and useful books were named here >>57450712 and here >>57450640, neither of these has x86 assembly as its main focus though.

So, is Intel SGX really going to make software uncrackable or not?

Intel or at&t?

>>57474127
I am under NDA, so all I will say is:

Not.

>>57474127
There's no such thing as uncrackable.

>>57474563
AT&T

>>57475423
However, there's such a thing as "uncrackable with limited resources within some reasonable timeframe".

>>57470979
Britbongs use that expression too.

>>57470549
Considering the current public reversing focus on infosec and malware analysis, you could do worse than go for some bug bounties, get your name out there? Or analyse some malware in the wild, maybe catch some ransomware, write a blog, get featured on Hacker News or retweeted by @SwiftOnSecurity or some shit?

I'm afraid you will actually need talent and hard work, no-one will hand-hold you here, you need the ability to self-teach and a naturally inquisitive attitude. It's a calling, not a meme career.

You will probably also need creativity to get noticed. I'm sorry. There's more people doing it now. On the other hand, there's also more diverse demand.

>>57474563
There's more than just those two, but I generally prefer Intel.

>>57473763
Correct: retired.

It's not exactly *evolved* to impossible - it has always been on the top end. Sometimes people fucked up and the hardware calls made hooks extremely obvious and it didn't do much, but lots of people made that mistake and half-assed things. We were decapping and electron-microscoping cores to do 100%s back in the day too, they just put more in them than shitty LFSRs now. Aladdin/Safenet might've started with crap dongles, but ended up with FIPS-certified crypto hardware very quickly.

>>57475557
Cracking really is dead these days, woodmann and exetools have barely any traffic and tuts4you is filled with smelly third world pajeets asking for unpacking scripts.

Is there a good study guide for studying and reverse-engineering DRM?

>>57476334
Depends on what kind of DRM. There's no single go-to guide because DRM comes in many shapes and forms, while some DRMs can use similar protection techniques, each one does things its own way. Let's say you want do crack software protected by a protector like Themida/Winlicense - go read guides on unpacking other protections and you'll notice in all cases you need to reach the OEP, dump, fix imports and so on. Now, what the protection does to prevent you from doing these things, that's for you to figure out, that's the beauty of reverse engineering.

>>57476593
I'm trying to study a proprietary EPUB DRM, specifically Fasoo and Ridibooks.

It works differently than iTunes/iBooks FairPlay or Adobe DRM.

File: reversing botnet2.png (274KB, 1920x1080px) Image search: [Google]

274KB, 1920x1080px

>>57475891
Hardly. Cracks still need get made.

how would i make IDA highlight an instruction if it references a certain string?

>>57450644
Because better alternatives exist

File: CFG.png (106KB, 1980x830px) Image search: [Google]

106KB, 1980x830px

these days with increasing complexity it is all about automation via satisfiability, and concolic execution mixed with smt's for constraint solving, aka writing tools to analyze programs for you.

File: assembler.png (83KB, 910x766px) Image search: [Google]

83KB, 910x766px

>>57479815
what a nightmare. does it decompile to psuedo-C?

>>57476801
Now I know this isn't going to be of much help, but DRM on media follows the same principle - you receive encrypted files that get decrypted at some point. Basically, you need to determine the cipher and how the software in question derives decryption keys. For simple DRM I would place breakpoints on CreateFile and ReadFile, then place a memory breakpoint on the buffer ReadFile just wrote the encrypted data. When you break on the memory breakpoint you should be in the decryption routine. If it's not obfuscated and it doesn't use white box crypto, you might get lucky and spot the decryption key in the clear on the stack.

At the end of the day you can just write a hook that dumps data as it's decrypted, but that's the lame method.

File: LeafyPiercingGermanwirehairedpointer-poster.jpg (56KB, 1280x720px) Image search: [Google]

56KB, 1280x720px

>>57473458
>tips on how to improve on grasping it intuitively?
if you want intuitive understanding, you should practice i.e. make your own basic calculator/computer. as a side benefit, you can later laugh in the face of plebs that 'build' computers with purchased parts

>>57450079
You're trying to look smart and failing.
Look again at your code.

>>57451270
See where the function is called from?

>>57475557
thanks for the pointers my man

>>57449922
goat game, best of luck anon

>>57449877
What have you done to jos2key?

>>57482050
It seems that while stuff involving OR and AND gates is relatively easy to grasp intuitively, NOR and NAND gate arrangements are much more confusing in how they work.

>>57461280
>>57462862
>>57473763
I was kidding.. kinda miss Team AiR but Team Utopia has been cracking lots of iLoK shit lately. eLicenser stuff doesn't seem to be possible though..

>>57449877
I've always been interested in malware, reverse engineering and this kind of stuff. Any book recommendations? Preferably something modern and up to date with modern practices, operating system internals,..

File: penk_gui.jpg (29KB, 400x400px) Image search: [Google]

29KB, 400x400px

>>57484177
I can think of nothing better than hopping on malwr.com and grabbing your own samples with a windows vm and some debugging tools then getting down/dirty with em. Youtube has plenty of malware reversing tutorials as well.

>>57452288
>>57450079
You are trying very hard to look smart and not doing a very good job either.