"I'm not scared of failing; I'm fucking lazy" - Me.
@x32gx
3 жыл бұрын
Holy sh..! I'm doing my first reverse engineering ctf now (on HTB), and after watching this, on the 48th minute mark, I finally understood how to get the password! The JMP trick is brilliant. So easy. Thank you for a brilliant explanation! Gonna keep watching.
@comaOOO
Ай бұрын
Yes this video is just fantastic. I wish the people in the class were a little more enthusiastic - and that it was more clear on a phone what was happening.
@SmashGuru007
3 жыл бұрын
*Audience:* What's a DWORD? *Presenter:* Punches in "7BD6 D7C2" into calculator. "There you go. _That_ is a DWORD! Everyone got that? Cool!" 🤣
@comaOOO
Ай бұрын
I can’t believe how much I think like this guy - it seems - In a technical sense.
@comaOOO
Ай бұрын
I can’t believe how much I think like this guy - it seems - In a technical sense. Maybe that’s the wrong word. Executive functioning maybe ?
@lennysmileyface
5 жыл бұрын
How do you get malware from your own software exactly...?
@powerchimp
3 жыл бұрын
the answer is late, but if you still want to know then the answer would be: Dirty code.
@watchlistsclips3196
3 жыл бұрын
Are you still alive?? If you are add more videos. Expecting a lot from you
@user-lt7wm1hw3r
3 жыл бұрын
19:25 Introduction to assembly.
@bullymaguire7503
5 жыл бұрын
yea maybe one day ı can join skidrow thanks for help
@TalsonHacks
3 жыл бұрын
@no shows You're wasting your time, go to Google. Google's your best friend.
@TalsonHacks
3 жыл бұрын
@no shows Go learn the basics of reverse engineering, then try cracking. github.com/mytechnotalent/Reverse-Engineering That's a complete course for you to start RE.
@TalsonHacks
3 жыл бұрын
@no shows Yes, like when we say hacking is pentesting.
@TalsonHacks
3 жыл бұрын
@no shows no
@pythonner3644
3 жыл бұрын
Wtf is with this dude
@sinistergeek
4 жыл бұрын
Thank's for such a helpful video...Now i am lil bit more confident...Still n00b tho.
@edoardobarolo4680
6 жыл бұрын
I use a different technique that works any time. I insert a tag word "EDOARDO!" on the registration and than I pause the program and I search it into memory. When I found that I put an hard breakpoint (memory break W/R) to that area, so i ca go directly to the code that handles the string. Its easy with those little "crackme" but In a big commercial program is a different matter. There is obfuscatrion, anti debugger code etc etc
@yawnz9195
5 жыл бұрын
could u help me cracking a program
@PC-ie2ow
5 жыл бұрын
Thank you for posting this. Very insightful!
@purekillah
5 жыл бұрын
Fun fact, instead of changing the logic from the jump instructions you can also alter the zero flag. It would have also been helpful to teach them how to unpack within the debugger.
@SharonMessage
4 жыл бұрын
Nice
@zakariatalukdar2552
7 ай бұрын
This is so so good. It feels like reincartion of my cyber security career. Thank you so much. And Mate can you please upload the tools and files again? It's a 404 error
@lefteriseleftheriades7381
Жыл бұрын
The steganography challenge was disappointingly unrealistic.
@Robber7
7 жыл бұрын
You can see the password on app 6 if you just look at the strings in the functions that was called, I saw it instantly. If you read the first letter of every string it says the password :P
@docskinner7107
7 жыл бұрын
Im not going to get too shook up over this guy being a newby, sure there were a few faux pauxs but i found the demos useful.
@pdhrubapadasingha4947
3 жыл бұрын
Believing my password policy l entered different passwords within few days but l think hacker rejected my passwords.by their reverse engeneering process. Sometimes l forget my password due to trying of hard password. If reverse engeneering process make my password non active they can do destroyed my previous android micromaxQ382 with heavy virus by their reverse engeneering process. They also killed my small phone also. I request to CIA investigation process to execute my android with proper window connection l have no experience to connect window which can listening my own password only. I think their mashine to violet my password. Also they made my sim invalid with.the hacking purposes.
@pdhrubapadasingha4947
3 жыл бұрын
I am too poor to give money to international CIA investigation but l have a small property of faith to jeshu religion l have a cirtificate of catholic under mizo missionary this my only property. I want to connect phone pay but hacker did not accept my lP address. Sometimes they asked my bank account details. I believed them giving my bank details in their reverse engendered process my headen cv code is open in words l know they are hacking
@ahmedaghadi8281
2 жыл бұрын
@@pdhrubapadasingha4947 go and complain in cyber crime.
@hoodedwarrior8956
6 жыл бұрын
well I didn't look much since I only wanted to get a glimpse and this probably isn't it but really now.. who would hardcode a password into an app? :)
@ikickss
5 жыл бұрын
There used to be some database related books("master sql in 24 hours" those sort) that had example of embbed pswd. And liveoverflow showed an actual example of it. I tell ya... there are lots of idiots programmers out there brewing future disasters.
@AniruddhaGA
4 жыл бұрын
I can't find string comparing in password can anyone help me how to bypass password
@igaps5798
4 жыл бұрын
replace jne to jmp might help
@dylandylan4807
6 жыл бұрын
If I get protector as Armadillo(6.X-9,X), does it mean the software is packed with Armadillo?
@mIsPtr
4 жыл бұрын
*Resolution : 720p50fps* *Video : 10 fps*
@TalsonHacks
3 жыл бұрын
Since it’s a good content; I’m not complaining xD
@iceflake7853
7 жыл бұрын
I can't see the jump line at all. What have I done wrong? The spacing between the dot and the hex opcode (where the jump line is supposed to exist) is also a bit smaller than the one showed in the video and I don't find any arrow to increase its size.
@MulleDK19
7 жыл бұрын
Only watched the app6 part. And your solution of just patching the program is rarely valid in these challenges. But that shit was so easy anyway. First of all, those strings are not "encoded". They're simply an array of letters that the app uses to construct messages to print. It's just picking out letters from it when printing stuff. The array might as well have been a-z. The password you have to enter is not stored anywhere. Nor is it any one password but is any 6 letter string matching a certain pattern. All possible passwords can be brute-forced easily, within a couple of minutes. It must be 6 characters, must consist of only lower case letters where each letter means a=1,b=2,c=3, etc. Adding the value of the letters, they must sum 44, and must have a product of 16,200. Valid passwords include: atiefc, daoofc, eitfca, fetica, fydccc, ioleba, jolcca, lreeca, releca, tifeca, yfdccc. There are a total of 2640 possible passwords.
@shubyy5149
6 жыл бұрын
Hence the fucking name 'Reverse Engineering Basics'
@_____666______
Жыл бұрын
need tutorial about virtual protect/alloc
@AbhiramAbhiram-tm8hy
Ай бұрын
which ide you are using?
@uwuster
4 жыл бұрын
Yeah, I've followed a bunch of programming tutorials and I run Linux and they seem to work okay except for *insert thing works for the original poster * doesn't work for me and I get 1-2 syntax errors and find solutions for the syntax then boom the program works.
@peesicle
3 жыл бұрын
linux is da bomb
@pullupskrt
5 жыл бұрын
Is dumping a csgo cheat possible with IDA? I don’t have the DLL but I am trying to get it from the cheat loader and dnspy is not doing the trick.
@AbhiramAbhiram-tm8hy
Ай бұрын
how to set up vmware
@bobvines00
3 жыл бұрын
Why does the ZIP folder of files and tools contain four (4) files infected with malware/viruses according to Symantec Endpoint Protection?
@jamarallen08
7 жыл бұрын
Anybody get a Trojan hit on App 7?
@jamarallen08
7 жыл бұрын
HatOfTricks nah. My AVG flagged it and was wondering if it was a false positive
@ChristopherGray00
7 жыл бұрын
AVG is known for false detections
@ko.pi.pe.
7 жыл бұрын
He stressed to use a VM. Why didn't you? Did you think that advice didn't apply to you?
@barkeeper7887
4 жыл бұрын
Christopher Gray i used avg for 3 months and it Always detected either trusted programs or my own ones... avg is trash It never detected any real threats I uninstalled avg and got malwarebytes and it detected like 5 PUPs and like 70 registry keys and a crypto Trojan and shit AVG is basically adware
@iamavataraang
7 жыл бұрын
How do you know which type of software/method shown to reverse engineer to use?
@funtari7
4 жыл бұрын
Good question!
@BossBear01
7 жыл бұрын
hey lost of fun, for once i could follow what was done.
@WilliamLangbehn
7 жыл бұрын
sure sounds like samy giving the speech
@7027-s6f
4 жыл бұрын
William Langbehn yeah lol
@leetspak
3 жыл бұрын
hello 31337
@tomdot3980
3 жыл бұрын
Czy jest możliwe złamanie programu który wymaga usb klucza podczas uruchamiania się????
@invorokner282
2 жыл бұрын
it's not a program inside the operating system, if i understood you right, it happens during the initialization stage at the bios. maybe if you cleared CMOS/BIOS your problem will go away.
@-football571
3 жыл бұрын
I would like to get in touch with you about a project if you can provide me your email
@bleemy
5 жыл бұрын
If i have a demo program that gives 10 uses and also limits what the program outputs what would I do to expand this restriction? PM me for the application name if you can help me out please
@michailchalkiadakis96
3 жыл бұрын
i cracked the first app using notepad....
@HandyFox333
2 жыл бұрын
Is there a video on the topic that's not over 20 minutes?
@snudge763
3 жыл бұрын
how to remove anti debugger within the program?
@ersensylmz
3 жыл бұрын
hi my friend how can i reach you
@makprodplus9808
4 жыл бұрын
hi, how decompile app and rerun in android studio , is there any links ?
@investorslive1347
6 жыл бұрын
Only watch this if you're serious about cracking software and willing to spend a LOT of time learning and searching. First off, most programs worth owning are packed with a packer that obfuscates certain sections of code and it's a bitch to deal with this problem because the packers are constantly changing. Secondly, most of the auto unpackers are not updated, nor are packer identifiers such as PEiD or DIE described in this tute. So you have to unpack manually and create your own tools- another pain in the ass. This is always a cat and mouse game between reverser and programmer. Back in the 1990's there were rarely packed programs and cracking was easy. Now it's not worth it and spending hours living your life inside a debugger.
@misolaemmanueljrd.6685
4 жыл бұрын
Very Nice Tutorial! Or Presentation. Thanks!
@ellanwambugu4987
3 жыл бұрын
hey a noob here ..but i love your videos.. im trynna download but the drive wont lemme .any idea how to download without it being flagged as malicious??
@ellanwambugu4987
3 жыл бұрын
Nvm i got it
@mokranlechat
4 жыл бұрын
hi Dear, would you help to recover our PIN code on deapsea 7320 Generator?? it should be 4 decimal digits. for no limit trials. the code is recorded into hardware memory of the device. thanks alot.
@invorokner282
2 жыл бұрын
write a script that goes through it and brute force it, easier
@gandy9407
6 жыл бұрын
well it wont let download the files...
@FreakinKatGaming
5 жыл бұрын
Try DL in admin mod -_-
@archersterling4044
8 жыл бұрын
What program is he using for the initial analysis ?
@grftaNitro
8 жыл бұрын
Immunity Debugger
@CurrentlyObsessively
5 жыл бұрын
Can you add a link to this DIE software? unless that's an acronym -_- Edit: Nvm, it's called Detect it easy... add that to the slide...
@anthonymarquez2542
4 жыл бұрын
btw it is described in the first few mins of the presentation as detect it easy
@danibilel3415
5 жыл бұрын
can somebody explain to me what did he use detect it easy for in the 7th app ? i don't quite get what he did
@quicktutorials7662
3 жыл бұрын
Thank you!
@fightflowwithcomedy3300
3 жыл бұрын
sir plz upload more
@gametimewitharyan6665
3 жыл бұрын
Amazing Seminar, Loved The Presentation
@lasmiansitumorang81
6 жыл бұрын
Hi Sir. Can extend expire date of dongle emulator image with your tools?
@anthonymarquez2542
3 жыл бұрын
I just want to say thanks for this video.
@1Maestr00o3
5 жыл бұрын
why i can't press submit button in app2? it gets blocked when i pass the cursor over it
@Bash_Is_Bae
4 жыл бұрын
try using the "tab" key
@arzoo_singh
3 жыл бұрын
Awesome !!!
@kermitdafrog8
6 жыл бұрын
When I tried to install immunity it complains it can't find python27.dll
@kermitdafrog8
6 жыл бұрын
I finally got it to work by downloading the installer from their website and not from the link in this video. For some reason it didn't want to install python right or something.
@ayein9351
4 жыл бұрын
Thank you this course is awsome to learn in just 2h
@unevalkamlesh387
4 жыл бұрын
Thanks for making this stuff
@theninjascouttf2541
7 жыл бұрын
ahhhhh the hex editor way isnt working for me, ive changed the password and i still couldn't click on Submit (it didnt said "password is incorrect" it didnt let me clicked on it!) what should i do?
@obed3113
4 жыл бұрын
just press TAB till you focus on the "submit" button and then press spacebar ;)
@plekkchand
7 жыл бұрын
please expand your acronyms.
@supremeeditz814
6 жыл бұрын
I learned this yesterday...I understand it a little....Hope after this video i know a little more
@kynfali3857
6 жыл бұрын
so what the result??? do u find it benefit u. if not i wont watch it
@markyrocks69
4 жыл бұрын
This is awesome
@sijiasijia1854
6 жыл бұрын
怎么没人做中文的
@iNINO38
7 жыл бұрын
thanx man.
@message2test
7 жыл бұрын
cool!
@davidyanceyjr
8 жыл бұрын
This is dated information but remains relevant for introducing beginners to reversing.
@kralalrulz
8 жыл бұрын
+davidyanceyjr what about it is dated?
@davidyanceyjr
8 жыл бұрын
+kralalrulz It's 32 bit x86 assembly, there's no obfuscated code. Reversing a real world application - even 32 bit legacy code - obfuscation is prevalent. I didn't say it was irrelevant just dated. I did enjoy the video.
@davidyanceyjr
8 жыл бұрын
+Thomas Jefferson Incorrect dear sir. Calculus 1 will be relevant for eternity. 32 bit binary will be irrelevant in the next few years and 64 in less than 20 most likely.
@Runs-InCircles
8 жыл бұрын
Imposter!
@avi1212avi
7 жыл бұрын
+davidyanceyjr That's some nice info, is obfuscation make things significantly harder? what else is outdated? :)
@dannyv9561
7 жыл бұрын
at time 1h 19m 59s. look at the first character in each string. it tells you the password. the first character of each string is "password: !GOOD!!the password is: round1WOGNG !!!!" so much for not decoding that. lol
@MulleDK19
7 жыл бұрын
The strings have absolutely nothing to do with the password you have to actually enter. The strings are a simple dictionary to print "password:" "GOOD!!" and "WOGNG !!!!" to the screen.
@ReversingHub
4 жыл бұрын
great work man, really liked it. subscribed for more, keep it going!
@sent4dc
8 жыл бұрын
Haha. Debugging by dummies. Sorry, meant to say, "Debugging for dummies." Although it's quite entertaining to see him fumble all over the assembler code. Is there more videos like this?
@wornguys147
8 жыл бұрын
Nope there aren't new videos from Layer 8
@lolypopboy777
8 жыл бұрын
app3 is missing!
@1a4s4l7
5 жыл бұрын
can you change the mnemonics on any exectuable program? e.g. jne to jmp
@MattZelda
5 жыл бұрын
JNE is not the same as JMP JNE means Jump If Not Equal Where as JMP literally means just jump.
@compilationsmania451
4 жыл бұрын
@@MattZelda he knows that. He's asking whether you can change one into the other.
@MattZelda
4 жыл бұрын
@@compilationsmania451 Why would you want to? They're completely different instructions.
@compilationsmania451
4 жыл бұрын
@@MattZelda i guess what he wants to ask is whether there is a way to change particular statements in machine codes of executable programs to make it do something you want.
@MattZelda
4 жыл бұрын
@@compilationsmania451 In that case, yes. You can patch an executable.
@thesecret111
7 жыл бұрын
Please the app3.exe is missing!!!
@thesecret111
7 жыл бұрын
I had to stop the tutorial, until APP3 IS MISSING!! Anyway thanks for the video I would like to finish it.
@anonymous1177
8 жыл бұрын
No offense, but this is a tutorial by someone who has been mesing with assembly for 3 months only. And you see that
@ianguile7214
8 жыл бұрын
You are completely right. At the time I hadn't been doing it for very long, and was just getting into it, but I had a few friends who asked me to do a tutorial, as they had never done any reversing before.
@tperniciaro
7 жыл бұрын
Thats why its called "Basics"
@TheDavidlloydjones
7 жыл бұрын
Thomas, (but Ian too), Big logical error: no-nothings can comment on a polished finished proposition, but to teach basics -- the foundations of a subject -- you need to be an expert. It may be called "basics," Thomas, but you look like you're trying to make excuses for ignorances, something totally different. If you're just starting out, Ian, I suggest you stick to ten-minute videos about things you know really, really well -- not an hour and a half videos about something you don't have a command of. I'm outta here. Good luck -- but no, don't waste my time, thank you.
@CnCBonkers
7 жыл бұрын
I watched some of this because I'm looking for a decent reverse engineering tutorial for one of my buddies, and I agree with David Lloyd-Jones. For example, at 47:05, the tutor should have changed it to *JMP* , which basically means 'JuMP to where we want to go no matter what', which would have been the correct way to do it. But instead he used *JNZ/JNE* which basically means 'jump to where we want to go *_unless_* we actually enter the *_correct_* password' :D , which is a little confusing, especially for beginners. The proper method should be taught right from the start. I haven't watched the rest of it, but I'm guessing there are other... maybe not mistakes but... incorrect methods. *EDIT - I just noticed that this was uploaded a couple of years ago so I'm guessing that the tutor is an expert now :D
@TheDavidlloydjones
7 жыл бұрын
Fireworks, You're probably right. Ian, can you come back now? Maybe redo it on the basis of what you've learned in the past couple of years? And good luck to the both a' yaz in whatever you're up to. -dlj.
@Anon-tj7qb
8 жыл бұрын
Nibbles are quite useful when dealing with aslr entropy :)
@yawnz9195
5 жыл бұрын
I cant seem to crack a program i am trying to can you do it for me ?
@Yalimadad110
7 жыл бұрын
hi bro can u help me
@cherifaly6757
6 жыл бұрын
It took me 2mins to learn how to crack any software, I guess I am a genius.. Lol
@EmilParkour
6 жыл бұрын
I call bullshit. You don't even know what obfuscated code is if you think it takes 2 mins.
@cherifaly6757
4 жыл бұрын
@@EmilParkour I guess you are slow then.. I obfuscate codes in less than 1min, I unpack themida and vmp in less than 5mins,so don't fuck with me.. Lol
@TheDavidlloydjones
7 жыл бұрын
568 people have put up with your first minute of empty air: that's ten hours of people's time you've just wasted. Maybe spare us all your rehearsal and just put the actual program up on KZitem? Later: it turns out Ian really is just rehearsing, at the expense of us, his audience. Nobody has the right to do that. You should take this video down, and replace it with something worthwhile once you know what you're doing. I wish you well, you're obviously bright and capable. Come back when you're ready, OK?
Пікірлер: 170