Forward
Greetings,
and thanks for checking out this new little project of mine! If things go
as planned, this should be a very up-to-date and informative little publication.
It's purpose will be to keep the reverse engineering scene supplied with up-to-date
news about the scene in general, new protections, coding, sites, resources,
and even an interview now and again :) This first issue is a trial run, so
the format and such could change.... if I get positive feedback, I'll work
harder to make it better... if I get negative feedback, I'll listen to your
suggestions. If you're looking for frills, you're not going to get them...
the purpose of this publication is for information, not for looks or anything
else. With all that said, please enjoy this first issue, and e-mail me your
comments and/or criticisms: Volatility@ImmortalDescendants.com
Enjoy!
Volatility
Scene
News
Each month I am going to try to
bring you up-to-date scene news, which may come in the form of articles, rumors,
or even opinions. This month, due to lack of good articles, just random
notes:
Hiew is now shareware, with
a VERY interesting keyfile RSA protection. Give it a try if you're up to it,
but you should pay for this wonderful editor!
IDA 4 is out
There is a massive undertaking in the works, of collecting full books, dealing
with many topics, for publishing online. More on this in a later issue.
After MANY bogus releases of Soft-Ice 4.0, Soft-Ice 4.1 seems to be pretty
stable.
DirectX 7.0 Final is out.
Amateur releasing crack groups coming and going daily - isn't helping the
scene out at all.
Protection Of The Month
This section will address
a different protection each month. The protection won't necessarily be difficult,
but should be different and/or interesting. Your solutions will be posted
if you mail them to me, otherwise, hopefully you learn something from it :)
This month's protection is for Ultra Zip Password Cracker available at:
http://members.xoom.com/m53group.
(80,874 Bytes)
The program is encrypted. Once
the encryption is beat, your end-goal should be to write a key generator.
Good luck! (*Update* Writing a key generator is, in fact, impossible for this program, as pointed out by minus_idiot and alpine... instead, this program uses hashing... still an interesting protection! Thanks guys, and I apologize to all of you for false information... I'll make sure to dig deeper in the future)
Tool
Of The Month
This month's tool probably can't
be classified as a "tool"... rather, it's a VERY nice resource.
I'm sure you'll agree.
The file is a patch for W32dasm, there are versions available for both 8.9,
and 8.93. The patch was written by _duelist, and once applied, allows Visual
Basic applications to be disassembled in Wdasm!!! Of course the listing won't
be as complete as a normal app, since VB uses it's dll's for most of it's
functions... but all the String Data References, and imports will be there!
Try it out, I'm sure you'll love it!
The file is being hosted at LaZaRuS' site, available here: http://members.xoom.com/little_timmy/duelist.
Excellent work duel!!!
Code
Of The Month
This month's code comes from a
recent essay. The essay deals with a very obscure and innovative method of
reversing a program, along with some nifty and handy coding. The essay is
by Neural_Noise, and is entitled "How to crack Conseal PC Firewall in
an 'unusual' way". Rather than list the entire essay and code here, I'll
just give you the link. It's available here: http://members.xoom.it/neural/conseal_eng.zip.
Neural is a very innovative reverser, and uses very interesting methods...
you may want to read his other papers here: http://neudump.cjb.net.
Link
Of The Month
This month's link is
http://win32asm.ownz.com.
Iczelion's site is sure to become the greatest reference for Win32 Assembly
programming. From beginner, to advanced, this site has everything you need
to learn Win32 Assembly.
Interview
Of The Month
This month's interview is with
knotty, also known as knotty Dread. He is a good friend, and one of the most
innovative reverse engineers I know. Knotty can be contacted via EFnet on
#cracking4newbies. For some stimulating conversation, stop in and give
him a shout-out :) Knotty's group, DREAD, can be reached here:
http://dread99.cjb.net.
[Volatilit]
First off, what got you interested in Reverse Engineering?
[knotty] I dont know what got me in RE really.. I know that I got into
cracking via a stupid way..
[knotty] I was searching a crack for a cd with a protection
[knotty] and found it, and on that very site some cracking tuts
[Volatilit] I'll bet alot of people started that way... I did as well
[Volatilit] What is your favorite thing about Reverse Engineering,
and what is your greatest achievement?
[knotty] well, RE is a state of mind for me, I've always been thinking
the other way round, and I think that RE is just that in computer-world
[knotty] and my achievement? I wont even dare to speak that out.. I'm
a bit proud of some essays I've got here, but they're far from finished, so
cant say anything about that
[knotty] I think that DREAD is something I'm at least happy about
[Volatilit] yeah, talk a little about DREAD for some readers who may
not know... what are you all about, and what are your ideals, and plans?
[knotty] DREAD is my lil group, Dutch Reverse Engineering Artistic
Decypherians are we, and acronymed that's DREAD
[knotty] we're a group of quite relaxed reverse engineers and coders,
making projects and cracking things in ways not very obivious
[knotty] that doesnt mean that they're wrong, or way more difficult
[Volatilit] just much more interesting, and satisfying?
[knotty] yes, that's at least why I started it. I got bored from cracking
itself really soon after I started it
[knotty] I've been in some cracking groups, but didnt like the hush-hush
mentality at all
[knotty] that backfired into the relaxedness of DREAD..
[Volatilit] What is your current occupation, if you don't mind me asking?
[knotty] I'm a CS student, AI-degree
[Volatilit] Ok, this ties into my next question... what are your current
and/or future plans... for real life, and your online work?
[knotty] whoa.. well, finishing study sounds good.. getting a job that
lies in my future plans sounds great.. and that is? I'm no coder at heart,
so I wont be bashing the keys and then clicking compile for the rest of my
life..
[knotty] I do like the hardware-side of this world, but know what a
shitty work that is.. always keeping up with things..
[knotty] I seem to have the tendency to always take a lead in projects,
and maybe I can squeeze some bucks out of that
[knotty] in fact, being a manager or coordinator of a software (or
whatever..) project sounds nice..
[knotty] online? well, I think that DREAD will let hear some more of
itself in the future
[knotty] also, I'm busy with the Visual Assembler project, and a bookproject
[knotty] and all sorts of sideprojects which suck up even more time,
but I cant catogorize that fast
[Volatilit] Do you plan to keep up your "innovative" methods of reversing,
and sharing the knowledge?
[knotty] that's my nature, so I'll have to
[knotty] I cant just think the easy and obvious way.. admitted sometimes
you do more work than you should while doing so, but you'll learn more most
of the time
[Volatilit] Reversers generally get a very bad rap... what is your
general perception of the community, where it's heading, the people you've
met along the way?
[knotty] well, I think that the RE-scene is picking up.. more and more
people I meet like to 'just' do something with a prog, instead of blindly
cracking it
[knotty] and I'm not saying cracking is bad, I like it very much
[knotty] and can still taste the adrenaline of my first crack..
[Volatilit] I personally, think the people (the TRUE people) who are
in the scene, are very caring, and helpful... as well as having a different
outlook on life... do you agree?
[knotty] yes, the 'real' RE-scene people are rather cool, helping,
etc. The scene is very open, and that's one of the things I really like about
it
[knotty] when I started, I got in contact with the (I thought then
:P) 'gods' in no time
[Volatilit] Do you think some of this "god-like" status is getting
a bit out of hand? I mean, we were all new once, and we're all only human
:)
[knotty] yes, I sure think so. Some of the people, and I dont need
to name any, as we know who we're talking about, and if not, what are you
doing here? We're all quite equal, and I know many crackers who can do magic,
but people dont even know the first character of their name/nick
[Volatilit] well, I guess that's all I have... I thank you for your
time knotty
[knotty] np, if you need any more, you know where to find me
[Volatilit] sure do :)
Credits,
Greetings
Thanks again, for checking out
this first issue. I hope you've found it helpful, and interesting. Please
don't hesitate to send me your comments. Any additions for the next issue
will be MUCH appreciated.
Credits and thanks for this issue go to: _duelist, Iczelion, Neural_Noise,
LaZaRuS, knotty, and the authors of UZPC.
Personal greetings fly out to: alpine, knotty, Latigo, LaZaRuS, Lord Soth,
Lucifer48, Neural, Tornado, WarezPup, Yoshi, and everyone I forgot (probably
MANY)