TechnologyInsanity.com

This is pretty awesome that they’re doing this. I just started to watch this first video, and when I get the time I think I’ll go through all the lectures they’ve put up. I have not yet gone to college, I screwed up and didn’t learn how to drive in time for college. So for this year I’m just doing affiliate marketing full time. Well, that’s not an entirely bad thing since I make $2 – 3K profit per month. I might be able to push further with it since I have the time, but that’s getting a bit off topic

Anyway, when I do go to college I’m going to be looking at programming. (Right now I only know some scripting languages & VB.NET) So these videos might be a good intro for me.

Here’s the first one.

While I was browsing Wikipedia I found that there is such a thing as LOLCODE. Here’s an example called “FILEZORS”

HAI
CAN HAS STDIO?
PLZ OPEN FILE "LOLCATS.TXT"?
	AWSUM THX
		VISIBLE FILE
	O NOES
		INVISIBLE "ERROR!"
KTHXBYE

I think someone is taking LOL cats too seriously. I think that if you use this type of code too long you may develop a tendency to have terrible grammar Also, I find the code very confusing. Perhaps someone out there is getting a kick out of making this programming language, but really I think it’s a waste of time and their talents could be used for something more productive. I’m not going to lie, I enjoy looking at LOLCATS, but this is just taking it too far in my opinioin.

This has to be one of the easiest crackme’s I’ve found, it’s called Diablo’s Orion crackme 1. The only way you could really fail is if you have no knowledge whatsoever. The problem is, some programs protections are just as simple. Anyway, we want to load up the program in ollydbg.

Then we hit play, the screen comes up asking for a code.

That’s good, lets give it a code. I’ll put something random like cheesepie, and hit Ok.

Now I’m going to pause the program in ollydbg by hitting the “pause” button in ollydbg. Then I’ll just view all the calls made through the call stack.

Let’s go to 00439002  and set a break point at PUSHEBP, the beginning of the command. (By double clicking on the line in the dissembler) Now I’m going to press play on the program and try entering my code, cheesepie again.  Bam! It breaks on my break point.

What’s this? The registers already say “Wrong Code! Try again”. OK well I think it’s time to go back to the call stack and see if there’s something before that.

There is. Let’s go to 004016EC.

Again, I’m going to set a memory break point at the top of the command at PUSHEBP. I’m going to get rid of my old break point by accessing the B (Breakpoints) in ollydbg. Just looking through the code I see something interesting. It seems there’s some ASCII text possibly being compared to something. Still, I’m going to rerun the program and break on my new break point.

It looks like there’s a JE coditional jump that would give me the happy message, so I could probably just change this line to “jmp” which just jumps always over the unhappy message. So I could do that, but I’m not going to bother. The code is for the crackme is actually standing right in front of me, so why not use that.

***vErYeAsY*** is the code.

It also goes on to show a naked woman after you hit ok  so if you’re offended by that I don’t think you should try this crackme. It took me all of 5-10mins to get past this kind of protection, therefore I’m calling it preschool stuff. If you’re interested and want to learn more, I suggest you head over to tuts4you.com and do Lena’s tutorials. I’ve done them all myself, but I feel like I need to do them again to be honest. I only reverse for fun, there’s many like me out there.

A goal of mine is to someday be able to reverse trojans/malware because I find them very interesting. That kind of thing could be done with IDA Pro or in a VMWare box, I’m guessing. They’re usually packed and spliced with something, and unpacking I’m not so good at, but that’s a major thing in reversing.

In an interview on IGN.com Rockstar noted that

In the seemingly inevitable event that some dirty pirate manages to crack GTA IV PC and make it available, what are the advantages and disadvantages to using a legitimate copy over a pirated one?

Rockstar: Aside from the fact that warez are a great place to pick up a Trojan or key logger, using a cracked copy of GTA IV PC will result in varying changes to the game experience. These can range from comical to game-progress-halting changes.

Rockstar Games rewards loyal, paying customers and will offer incentives and downloadable content that will only be available to registered users of the game, running non-hacked copies, via Rockstar Games Social Club.

A reverse group calling themselves “fed0r” seems to have gotten rid of all trigger issues and the game runs just fine, so users of various torrent sites note. It only took 2 days with a 29kb file no less.

I’m really not sure exactly what needs to be done to really encrypt a file, but whatever these game companies are using now isn’t working, at all. I’ve done my share of reversing (with reversemes). There’s people out there that all they do is reverse. To understand a reverser, you have to sort of done it yourself. I have, and it’s highly addictive, even with just reversemes. I respect companies copy protections so I have never touched retail  programs.

I think game companies need to hire more reverse engineers to crack their protection, and then add code that will make that method not work.