Reverse
Engineering
The
reproduction of another manufacturer's product following detailed examination
of its construction or composition.
Reverse engineering is taking apart an object to see how it works in order to duplicate or enhance the object. The practice, taken from older industries, is now frequently used on computer hardware and software. Software reverse engineering involves reversing a program's machine code (the string of 0s and 1s that are sent to the logic processor) back into the source code that it was written in, using program language statements.
When Reverse Engineering is used?
Reverse-engineering is used for many purposes: as a learning tool; as a way to make new, compatible products that are cheaper than what's currently on the market; for making software interoperate more effectively or to bridge data between different operating systems or databases; and to uncover the undocumented features of commercial products.
Reverse
engineering is needed whenever the documentation is lost or it never existed.
Having the source helps.
In software design, reverse engineering enables the developer or programmer to add new features to the existing software with or without knowing the source code. Different techniques are used to incorporate new features into the existing software.
Disassembler
A
disassembler is a computer program that translates machine language (Machine
languages are the only languages understood by computers) into assembly
language (A programming language that is once removed from a computer's machine
language. Machine languages consist entirely of numbers and are almost
impossible for humans to read and write. Assembly languages have the same
structure and set of commands as machine languages, but they enable a
programmer to use names instead of numbers.) The inverse operation to that of
an assembler. A disassembler differs from a decompiler, which targets a high-level
language rather than an assembly language.
The debugger we are going use here is OllyDbg
Decompiler
A
decompiler is a programming tool that converts an executable program or
low-level/machine language into a format understandable to software programmers.
Compiler
A
compiler is a software program that transforms high-level source code that is
written by a developer in a high-level programming language into a low level
object code (binary code) in machine language, which can be understood by the
processor.
Obfuscation
Obfuscation,
in general, describes a practice that is used to intentionally make something
more difficult to understand. In a programming context, it means to make code
harder to understand or read, generally for privacy or security purposes. A
tool called an obfuscator is sometimes used to convert a straight-forward
program into one that works the same way but is much harder to understand.
C, C++ and Perl are among the languages usually considered to lend themselves to obfuscation. Java byte code is easy to decompile and thus vulnerable to reverse engineering. The code is often obfuscated to protect it from such an attack.
OllyDgb
OllyDbg is a 32-bit assembler level analyzing
debugger for Microsoft Windows that emphasis on binary code analysis. Named
after its author, Oleh Yuschuk it traces registers, recognizes procedures, API
calls, switches, tables, constants and strings, as well as locates routines
from object files and libraries.
Registration
This software is a shareware. To use this program on a
permanent basis or for commercial purposes, you should register it by sending
filled https://www.ollydbg.de/register.txt
to Ollydbg@t-online.de. The
registration is free of charge and assumes no financial or other obligations
from either side - just be fair.
The
write up is for educational purposes only
If you want to continue - Download Ollydbg 32 bit and
install the program
Now open Ollydbg & press C which opens CPU. You will notice
4 windows coming up
Open new file which you want to change and right click on
the first window and look for "search for" option and click on
"All referenced text strings"
Now you can see the new file is made, right click and search
for the option "Search for text"
On search for text write REMINDER and uncheck case sensitive
& check entire scope & press Ok
By this time a new page will create for JE SHORTRAR
Now double click and rename JE SHORTRAR to JMP SHORTRAR then
click with file with NOP assemble, click on the edited line & copy to
executable
All modification and Copy all
New file will come, save the file (Save file to desktop for
easy access)
Resource
Hacker
Resource Hacker also known as ResHacker or ResHack is a free
resource extraction utility and resource compiler for Windows developed by
Angus Johnson. It can be used to add, modify or replace most resources within
Windows binaries including strings, images, dialogs, menus, Version Info and
Manifest resources.
Download Resource Hacker & install
Go to file menu & choose the file you saved recently in
the Desktop
Go to about us & change trail to full version/registered
then click on compile script.
Visit OllyDbg and Resource Hacker website if you want to
learn more.
.png)
.png)
.png)
0 Comments
I'd love to hear your thoughts!