Reversing and Cracking first simple Program – bin 0x05

Video is ready, Click Here to View ×


A very simple reversing challenge for Linux

GitHub: https://github.com/LiveOverflow/liveoverflow_youtube/tree/master/0x05_simple_crackme_intro_assembler
http://crackmes.de
http://www.hopperapp.com/
https://www.hex-rays.com/products/ida/
https://github.com/radare/radare2

-=[ 🔴 Stuff I use ]=-

→ Microphone:* https://amzn.to/2LW6ldx
→ Graphics tablet:* https://amzn.to/2C8djYj
→ Camera#1 for streaming:* https://amzn.to/2SJ66VM
→ Lens for streaming:* https://amzn.to/2CdG31I
→…


37 thoughts on “Reversing and Cracking first simple Program – bin 0x05”

  • Fox

    January 11, 2019 at 5:51 pm

    Is there a way for me to run ELF files running mac OSX

    Reply
  • manish chhetri

    January 11, 2019 at 5:51 pm

    dud which sound is used in the videos when rabbit goes away

    Reply
  • Moin Ahmad

    January 11, 2019 at 5:51 pm

    my question is —
    initially main was on 0x1165
    but at time of execution main is at 0x0000555555555166
    I want to break on 0x00000000000011b0 but it says the address is not valid..

    disassembly output of my–

    (gdb) set disassembly-flavor intel

    (gdb) disassemble main

    Dump of assembler code for function main:

    0x0000000000001165 <+0>: push rbp

    0x0000000000001166 <+1>: mov rbp,rsp

    0x0000000000001169 <+4>: sub rsp,0x20

    0x000000000000116d <+8>: movabs rax,0x3332312d434241

    0x0000000000001177 <+18>: mov QWORD PTR [rbp-0x8],rax

    0x000000000000117b <+22>: lea rdi,[rip+0xe82] # 0x2004

    0x0000000000001182 <+29>: mov eax,0x0

    0x0000000000001187 <+34>: call 0x1040 <printf@plt>

    0x000000000000118c <+39>: lea rax,[rbp-0x12]

    0x0000000000001190 <+43>: mov rdi,rax

    0x0000000000001193 <+46>: mov eax,0x0

    0x0000000000001198 <+51>: call 0x1060 <gets@plt>

    0x000000000000119d <+56>: lea rdx,[rbp-0x12]

    0x00000000000011a1 <+60>: lea rax,[rbp-0x8]

    0x00000000000011a5 <+64>: mov rsi,rdx

    0x00000000000011a8 <+67>: mov rdi,rax

    0x00000000000011ab <+70>: call 0x1050 <strcmp@plt>

    0x00000000000011b0 <+75>: test eax,eax

    0x00000000000011b2 <+77>: jne 0x11c7 <main+98>

    0x00000000000011b4 <+79>: lea rdi,[rip+0xe5e] # 0x2019

    0x00000000000011bb <+86>: mov eax,0x0

    0x00000000000011c0 <+91>: call 0x1040 <printf@plt>

    0x00000000000011c5 <+96>: jmp 0x11d8 <main+115>

    0x00000000000011c7 <+98>: lea rdi,[rip+0xe53] # 0x2021

    0x00000000000011ce <+105>: mov eax,0x0

    0x00000000000011d3 <+110>: call 0x1040 <printf@plt>

    0x00000000000011d8 <+115>: mov edi,0xa

    0x00000000000011dd <+120>: call 0x1030 <putchar@plt>

    0x00000000000011e2 <+125>: mov eax,0x0

    0x00000000000011e7 <+130>: leave

    0x00000000000011e8 <+131>: ret

    End of assembler dump.

    (gdb) break *main

    Breakpoint 1 at 0x1165

    (gdb) run

    Starting program: /root/l_exe

    Breakpoint 1, 0x0000555555555165 in main ()

    (gdb) ni

    0x0000555555555166 in main ()

    (gdb)

    0x0000555555555169 in main ()

    (gdb)

    0x000055555555516d in main ()

    Reply
  • r3xt0r88

    January 11, 2019 at 5:51 pm

    Are you always using Ubuntu as your primary and daily Linux distribution?

    Reply
  • rajon rondo

    January 11, 2019 at 5:51 pm

    Is there a way for programs to not allow you to change the values of the registers like that in order to make it a little "safer"?

    Reply
  • ANGRY MAN

    January 11, 2019 at 5:51 pm

    i can't understand a bit ??

    Reply
  • nikhil t

    January 11, 2019 at 5:51 pm

    2:20
    immediately guessed 2 was number of arguments (one is executable and other is key)
    am i right?

    Reply
  • Şahin Kureta

    January 11, 2019 at 5:51 pm

    This playlist is perfect! Thanks for all your effort! WOuld you consider doing something similar for Java applications?

    Reply
  • PASTRAMIKick

    January 11, 2019 at 5:51 pm

    Most common jumps:
    je (jump if equal, zero flag = 1)
    jne (jump if not equal, zero = 0)
    jb (jump if unsigned lower, Carry=1)
    jbe (same as above with or equal)
    ja (jump if unsingned greater)
    jae (same as above with or equal)

    List goes on to more specified flag relative jumps, signed lower/greater jumps and a few weird ones.

    Reply
  • Nothing could turn out really something.

    January 11, 2019 at 5:51 pm

    hey bro can you make more video like this one about this type of stuff ?

    Reply
  • Mikhail T

    January 11, 2019 at 5:51 pm

    Made this crackme return the actual valid key when given the wrong one. That was a lot of fun, awesome videos.

    Reply
  • Abhijit Lamsoge

    January 11, 2019 at 5:51 pm

    I love your videos. Just a strings/readelf/objdump/IDA/FET on this license_1 file reveals the key.

    Reply
  • Vikas Rv

    January 11, 2019 at 5:51 pm

    Plz plz plz do some challenges involving windows binaries too !! Thanks

    Reply
  • Zal Chan

    January 11, 2019 at 5:51 pm

    Great content, however the pace is pretty quick. I don't expect you to hold anyone's hand or anything, but wow It takes a lot of time to wrap your mind around those concepts

    Reply
  • Verde Denim

    January 11, 2019 at 5:51 pm

    Very well presented! Looking forward to seeing more.

    Reply
  • Miscritz Brotherzz

    January 11, 2019 at 5:51 pm

    OK

    i got stuck in
    set disassembly-flavor intel

    i was typing * FLAVOUR *

    Reply
  • Miscritz Brotherzz

    January 11, 2019 at 5:51 pm

    in this case u can just open the file in any text editor and then copy paste something that looks like a key

    Reply
  • Austin

    January 11, 2019 at 5:51 pm

    This helped me out so much. Thank you.

    Reply
  • r3xt0r88

    January 11, 2019 at 5:51 pm

    Cool!
    But for reverse engineering stuffs, don't we need assembly? This is programme cracking? I don't really get the difference of learning assembly and testing and this with c ? Is this method also called memory corruption?

    Reply
  • Tornado 711

    January 11, 2019 at 5:51 pm

    crackmes.de is down 🙁

    Reply
  • Kenichi Mori

    January 11, 2019 at 5:51 pm

    Crash all /use/bin/ directory 0

    Reply
  • Harshit Joshi

    January 11, 2019 at 5:51 pm

    When I do "set disassembly-flavour intel" it returns this "No symbol table is loaded. Use the file command" so I know how to make gdb read symbols from a file with "symbol-file" but how do I get the symbols file ? I am unable to find it online.

    Reply
  • DecomPiler

    January 11, 2019 at 5:51 pm

    Liked for AT&T Syntax bashing

    Reply
  • Jonathan Nichols

    January 11, 2019 at 5:51 pm

    I hope someone sees this. I thought he said the string cmp will compare two strings and return 0 if they are the same. does the arrow that directs to the strings not being the same say =0? PLEASE ANSWER!! I love your videos you are single handedly going to get me a job in IT

    Reply
  • muniategui

    January 11, 2019 at 5:51 pm

    crackmes.de is rip you might want to give the link to https://crackmes.one/ which stores most of the crackmes of de and new ones

    Reply
  • unlokia

    January 11, 2019 at 5:51 pm

    Your teaching style demonstrates one SIMPLE thing, VERY WELL: It just goes to show, if one's mind doesn't naturally gravitate to – and understand – ASM – it doesn't matter HOW "1337" all these "H4X0R5" online think they are – none of it means ANYTHING if they can't translate it smoothly and concisely for people who aren't in their "club" – you are the EXCEPTION, and you teach SO WELL.

    God bless you and thank you, I mean it from the bottom of my heart.

    Reply
  • Ashutosh Srivastava

    January 11, 2019 at 5:51 pm

    i watched it yesterday, didn’t get it. Today i could follow through each and every step

    Reply
  • Hamed Pour

    January 11, 2019 at 5:51 pm

    God I am so happy I found this channel! You have just made my sunday great. Thank you sir. Looking forward to your new vidoes on the Island

    Reply
  • FOOZZY CAT

    January 11, 2019 at 5:51 pm

    I didn't understand shit

    Reply
  • TheDarkHorseUprising

    January 11, 2019 at 5:51 pm

    you can also solve it with "set $rip = 0x40060b" 😛

    Reply
  • Behnam Azizi

    January 11, 2019 at 5:51 pm

    great tutorial!

    Reply
  • putsomure

    January 11, 2019 at 5:51 pm

    Thanks for taking the time to do this in such an easy-to-understand professional manner

    Reply
  • Hemanth V. Alluri

    January 11, 2019 at 5:51 pm

    To anyone who just finished this video and believes that they should learn some more about assembly and registers before moving on, here are some sources I found to be useful, to get you started (it helps to know C and what a call stack is beforehand):

    1. https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/x86-architecture
    2. http://www.cs.virginia.edu/~evans/cs216/guides/x86.html
    3. https://www.intel.com/content/dam/www/public/us/en/documents/manuals/64-ia-32-architectures-software-developer-instruction-set-reference-manual-325383.pdf

    Note: this list is just to get started, you'll need to do some research on your own too.

    Try making some C programs of your own and compiling them, then go through it's disassembly in gdb.

    Reply
  • Gabriel G

    January 11, 2019 at 5:51 pm

    Thank you so much!!

    Reply
  • Jix Sas

    January 11, 2019 at 5:51 pm

    Just use ollydbg would make your life easier

    Reply
  • Mr. Houghton

    January 11, 2019 at 5:51 pm

    when you disassembled the program, I know the first column is the memory address but what is this second column with numbers like <+8> ?
    Also, I did a little research and wanted to confirm, when you "step" through the program you type ni, does ni stand for next instruction?

    Reply
  • 01 23

    January 11, 2019 at 5:51 pm

    this is the first video from the playlist that clicked for me

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

*
*