| How to useUpdated: December 1998 |
[IDA] ~ [SOFTICE] ~ [SMARTCHECK] ~ [WDASM] ~ [RESOURCE EDITORS]
[OTHER TOOLS] ~ [TIPS & TRICKS]
Make sure you check (and contribute to) the tools of our trade messageboard!
Reversers need tools: from debug.com (the swiss knife of a cracker) to Smartcheck, a great variety of 'snooping' and reversing tools have been produced, many by great programmer wizards, some of them by ourselves... this section of my site will just give you some 'basic understanding' about the main tools of our trade: Ida, Softice, Wdasm... you would be well advised to visit my various tools pages in order to gather other possibly useful tools. Keeping my 'don't steal, reverse!' traditional code of conduit, you will NEVER be able to find any stolen or cracked application on my site. There's no need. Not only the 'uncracked' versions are very easy to reverse, but also, as explained elsewhere, everything is on the web already, regged and complete if you'r a lamer, as trial version if you'r a real reverser... you just have to find it. But I'll tell you something: I paid for ALL tools I use (albeit through pseudonymous addresses and identities :-)
Yes, I paid for wdasm -for instance-, since I, personally, never use a tool that I find really useful more than a year without registering it. I register them (when I find it fit, of course, not when somebody else would like me to) even if the protections are a joke (as it often happens... at times I have the impression that Numega -for instance- is just faking a 'sort of' bogus and easy to reverse protection on all its beautiful products... probably in order to spread million copies of (stolen) softice in every corner of the world). This 'registering' attitude is not just silly 'correctness', which does not mean anything to us, the reason is much more deep: being 'quit' is vital for your own development: of course we crack protections but we don't (and won't) STOP there! As soon as 'real' reversers 'really' use somebody else's code (which does not happen too often, after all) they want to modify it, they (usually) want to create something new with it, and this is great fun, and this is useful, and this teaches us a lot... so the price we gladly pay is the price of our own pleasure.
IDA
IDA PRO 3.7 Commercial -very powerful- disassembler for almost any type of processors and file types. Made (with Watcom C and Borland C++) by the russian genius Ilfak Guilfanov.Freeware version of Ida Pro "Ida37fw" can be found in the simtelnet collections.
IDA
IDA PRIMER
Ida's philosophy, main settings, how to start
by +Mammon
21 October 1998
IDA
THE GREAT IDA PRIMER
Mammon_'s Tales to Fravia+'s Grandson
by +Mammon
30 October 1998
IDA
An IDA enhancer
Patching the IDA.WLL
by Jean-Marc
12 November 1998
SOFTICE
Softice, the debugger par excellence, its first dos version have been made by the mightiest programmer gods of this planet in the forgotten times of the older ones... Numega has since provided all reversers with a series of incredible ameliorations of its tool.
A tough tool to use, though. OF COURSE you should read the (heavy) documentation, available almost everywhere. Don't go shooting around targets with this weapon without knowing what it can do. IMO you would be then well advised to
Start with good wizard +Mammon's
Mankind comes into the Ice Agethere you will find a COMPLETE 'how to use Softice' text with two VERY IMPORTANT exercises:
Debugging an existing application and Regaining Lost Access.
No beginner should be left alone with Softice without this mighty help!
Of course, if you are a total newbye, and cannot even INSTALL softice, you better have a look at
siceinst.htm:
The Ultimate Beginner - Session 1: SoftICE Install for Beginners, by i_magnus
SOFTICE
SOFTICE PRIMER
Softice's breakpoints, an interesting list
by +Greythorne
SOFTICE
SOFTICE PRIMER
Softice's conditional breakpoints settings and macros
by Rhayader
SOFTICE
SOFTICE PRIMER
Extending NuMega's SoftIce for Windows 95 using Protected Mode Debugger services API
by Iceman
SOFTICE
Project two: a complete +HCU project
about Softice
You'll follow the 'history' of cracking and using softice reading many essays
by various students
SOFTICE
How to trick
Numegas registration routines (and download everything you want from Numega's site)
disassembling Softice itselfby +OCHE SATRIANI & +OBLEK
So you wanna register sice with your own name and 'correct' serial number? Nothing easier...
SMARTCHECK
Smartcheck, by Numega, is another incredible reversing tool. Smartcheck is a 'flow analyzer", that, if the settings are correct will easily let you individuate which parts of an alien code are running when something you are investigating happens, giving you the exact code location that has called a particular API or hook.| 27 Oct 97 | Snatch | ~ | snatch1.htm | An interesting tool: Numega Smartcheck 5.0 | proj 2 proj 7 |
~ | fra_0094 |
| 7 Nov 97 | fravia+ | ~ | anonma2.htm | An interesting tool: Numega's Smartcheck | proj 2 proj 8 |
~ | fra_00A5 |
| 25 Feb 98 | Hs2L | ~ | smartc_2.htm | An example of VB Cracking using SmartCheck | proj 8 | ~ | fra_00EA |
| 04 May 98 | +Indian_Trail | ~ | ind_tra1.htm | BEGINNERS:Pluckit 3.0 ~ Hip Hip Hurray for Smartcheck | proj 8 | ~ | fra_010F |
WDASM
Win32dasm V8.9 W32Dasm is a Windows Program Disassembler/Debugger by Peter Urbanik, URSoftware.A demo version can be found in the simtelnet collections.
WDASM
Project zero: a concluded +HCU project about wdasm
You'll follow the 'history' of cracking and using wdasm in nine essays
by various students
RESOURCE EDITORS
| 26 May 97 | fravia+ | ~ | ultrae2.htm | An interesting tool: BRW | unass. | ~ | fra_001C |
| 31 Mar 98 | F_KingKrazy | ~ | kk_cunei.htm | How to perform some magic reversing with good old BRW | unass. | ~ | fra_00FE |
| 02 Dec 98 | LordCaligo | ~ | caligo4.htm | Using BRW: How to make passwords hidden by "stars" visible | howtouse | ~ | fra_016F |
 Programmer's corner |
 Our Protections |
 How to protect better |
 Packers & Unp |
OTHER TOOLS