Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-25-2023, 08:08
Jasi2169's Avatar
Jasi2169 Jasi2169 is offline
Family
 
Join Date: Sep 2015
Location: 127.0.0.1
Posts: 281
Rept. Given: 3
Rept. Rcvd 55 Times in 41 Posts
Thanks Given: 33
Thanks Rcvd at 433 Times in 173 Posts
Jasi2169 Reputation: 55
Rate different types in reversing ?

Hi guys as we know there are different types of cracking method for software, lets rate it

0. UNPACKING

1. KEYGENNING
2. PATCHING
3. CRACKING
4. HOOKING USING DLL/or javaagent etc any hooking/ loader
5. SERIAL

According to me; Unpacking is different but its on top, but letsvtalk about only general cracking methods, dont take unpacking/cryptog. Inside, you might have your own personal love for something, yes its not always available to do keygenning and other various factors like hardware lock/server check, but simple scenarios

Keyegnning > hook > serial > patching > cracking

I know cracking is only limited to one version most of the time and sometimes it's not possible to keygen or anything due to online or server checks or packing and we left with it.

Last edited by Jasi2169; 10-27-2023 at 10:32.
Reply With Quote
  #2  
Old 10-25-2023, 10:08
Jaspreet Singh Jaspreet Singh is offline
Banned User
 
Join Date: Oct 2023
Posts: 21
Rept. Given: 0
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 11
Thanks Rcvd at 45 Times in 14 Posts
Jaspreet Singh Reputation: 4
Quote:
Originally Posted by Jasi2169 View Post
Hi guys as we know there are different types of cracking method for software, lets rate it

0. UNPACKING

1. KEYGENNING
2. PATCHING
3. CRACKING
4. HOOKING USING DLL/or javaagent etc any hooking
5. SERIAL

According to me; Unpacking is different but its on top

Keyegnning > hook > serial > patching > cracking

I know cracking is only limited to one version most of the time and sometimes it's not possible to keygen or anything due to online or server checks or packing and we left with it.
This is actually the correct order:
Keyegnning > serial > patching > cracking > hook

Keygenning = many serials
Serial = 1 serial
hook = loader that does not work on some or many recent Windows OS
cracking/patching are almost same.
Reply With Quote
  #3  
Old 10-27-2023, 08:18
Moe Moe is offline
Banned User
 
Join Date: Sep 2023
Posts: 28
Rept. Given: 1
Rept. Rcvd 1 Time in 1 Post
Thanks Given: 3
Thanks Rcvd at 10 Times in 7 Posts
Moe Reputation: 2
Quote:
Originally Posted by Jaspreet Singh View Post
This is actually the correct order:
Keyegnning > serial > patching > cracking > hook

Keygenning = many serials
Serial = 1 serial
hook = loader that does not work on some or many recent Windows OS
cracking/patching are almost same.
This is a good summary. All other forms of cracking fall under patching (either in memory or on disk) or keygen.
Reply With Quote
  #4  
Old 10-25-2023, 19:39
Jupiter's Avatar
Jupiter Jupiter is offline
Lo*eXeTools*rd
 
Join Date: Jan 2005
Location: Moscow, Russia
Posts: 218
Rept. Given: 37
Rept. Rcvd 61 Times in 36 Posts
Thanks Given: 23
Thanks Rcvd at 158 Times in 46 Posts
Jupiter Reputation: 61
Lightbulb Classic approach?

At first you should understand your target and type of protection it uses.

What if:
- your target is not packed
- your target doesn't use serials
- your target doesn't use registration keys
- your target is virtualised
- your target is using remote computations and remote resources
- your target is using distributed nodes and micro-services
- your target is using specific dedicated hardware
- your target is using remote authentication and authorisation

So, it looks like you're targeting only 'classic' desktop applications using classic approaches.
  • No packing → no unpacking
  • No serials and no keys → no key generation
  • Virtualised code → de-virtualisation
  • Specific hardware → hardware emulation
  • Remote services → replacement services
  • etc
__________________
EnJoy!
Reply With Quote
  #5  
Old 10-25-2023, 20:29
Jaspreet Singh Jaspreet Singh is offline
Banned User
 
Join Date: Oct 2023
Posts: 21
Rept. Given: 0
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 11
Thanks Rcvd at 45 Times in 14 Posts
Jaspreet Singh Reputation: 4
Quote:
Originally Posted by Jupiter View Post
At first you should understand your target and type of protection it uses.

What if:
- your target is not packed
- your target doesn't use serials
- your target doesn't use registration keys
- your target is virtualised
- your target is using remote computations and remote resources
- your target is using distributed nodes and micro-services
- your target is using specific dedicated hardware
- your target is using remote authentication and authorisation

So, it looks like you're targeting only 'classic' desktop applications using classic approaches.
  • No packing → no unpacking
  • No serials and no keys → no key generation
  • Virtualised code → de-virtualisation
  • Specific hardware → hardware emulation
  • Remote services → replacement services
  • etc
Of course, for this question we assume that all the mentioned ways to crack it like keygen, crack are available and we want to rate which is better or worse...

@blu devil Hardware based protection is sometimes not possible to crack at all, if done correct. So I agree with you.
Reply With Quote
  #6  
Old 10-27-2023, 08:45
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 805
Rept. Given: 42
Rept. Rcvd 50 Times in 31 Posts
Thanks Given: 714
Thanks Rcvd at 1,113 Times in 514 Posts
chants Reputation: 51
Quote:
Originally Posted by Jaspreet Singh View Post
Of course, for this question we assume that all the mentioned ways to crack it like keygen, crack are available and we want to rate which is better or worse...

@blu devil Hardware based protection is sometimes not possible to crack at all, if done correct. So I agree with you.
Decryption is at the top of this as cryptography is based upon hard mathematical problems and has closer to theoretical soundness than all other methods. The rest, even hardware are security by obscurity in various forms.

Don't forget crippleware where code is literally absent from the target and must be painstakingly hand built back. That's also at the top of the list.

So that original list looks more like the common methods used but is incredibly lacking. A taxonomy of cracking would be a 50 page thesis if done properly.
Reply With Quote
The Following User Says Thank You to chants For This Useful Post:
niculaita (10-29-2023)
  #7  
Old 10-27-2023, 12:29
NON NON is offline
Banned User
 
Join Date: Sep 2023
Posts: 77
Rept. Given: 3
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 33
Thanks Rcvd at 21 Times in 16 Posts
NON Reputation: 2
Quote:
Originally Posted by chants View Post

So that original list looks more like the common methods used but is incredibly lacking. A taxonomy of cracking would be a 50 page thesis if done properly.
I agree. The list is a little incomplete.
Sometimes it's better to remain a little silent...

This is not 50 pages and is rather lame, but a good start. See this paper here:
Quote:
https://forum.exetools.com/showthread.php?p=128880#post128880
Much more coming soon!
Reply With Quote
  #8  
Old 10-25-2023, 20:20
blue_devil's Avatar
blue_devil blue_devil is offline
Family
 
Join Date: Dec 2011
Location: Observable Universe
Posts: 343
Rept. Given: 78
Rept. Rcvd 51 Times in 24 Posts
Thanks Given: 339
Thanks Rcvd at 496 Times in 168 Posts
blue_devil Reputation: 52
I will put dongles in the first place. Because those sticks might turn brick(I mean rubbish) and become useless. Then you need to call the c[o]mpany and ask for a replacement because dongle stick is not working anymore. So, of course, they will ask "hey what happened?" And you will answer "Hey we were working and the stick is not working anymore, we do not know what happened ¯\_(ツ)_/¯"
Reply With Quote
  #9  
Old 10-25-2023, 21:54
Jasi2169's Avatar
Jasi2169 Jasi2169 is offline
Family
 
Join Date: Sep 2015
Location: 127.0.0.1
Posts: 281
Rept. Given: 3
Rept. Rcvd 55 Times in 41 Posts
Thanks Given: 33
Thanks Rcvd at 433 Times in 173 Posts
Jasi2169 Reputation: 55
Quote:
Originally Posted by blue_devil View Post
I will put dongles in the first place. Because those sticks might turn brick(I mean rubbish) and become useless. Then you need to call the c[o]mpany and ask for a replacement because dongle stick is not working anymore. So, of course, they will ask "hey what happened?" And you will answer "Hey we were working and the stick is not working anymore, we do not know what happened ¯\_(ツ)_/¯"
I second that, thats really crazy,
Reply With Quote
  #10  
Old 10-26-2023, 23:59
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 1,126
Rept. Given: 334
Rept. Rcvd 228 Times in 119 Posts
Thanks Given: 265
Thanks Rcvd at 538 Times in 299 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
@Jasi2169
how about
- BF (bruteforcing) -looking for some password/etc for your target
- RSA priv key replacement + following kg-ing
Reply With Quote
The Following User Says Thank You to sendersu For This Useful Post:
niculaita (10-29-2023)
  #11  
Old 10-27-2023, 10:36
Asus Asus is offline
VIP
 
Join Date: Feb 2005
Posts: 587
Rept. Given: 113
Rept. Rcvd 27 Times in 13 Posts
Thanks Given: 133
Thanks Rcvd at 85 Times in 35 Posts
Asus Reputation: 28
I agree the first is UNPACKING.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 04:22.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )