Reverse Engineering

Update to GDB patches – fix for a "new" bug

I was messing around with SoftwarePassport and Amit Singh’s tiny executable to find out why GDB doesn’t breakpoint in those two executables. I thought it was due to incomplete headers, but GDB can’t also breakpoint into nicertiny, which has the segment/section added (otool/otx problems can be fixed by manually adding the missing section – there is enough padding space in the header to do that so SoftwarePassport developers might want to fix that)....

There’s a new protection in town, Software Passport, from the developers of Armadillo :-)

A reader sent me the link for a new software protection package called Software Passport (here). This is from The Silicons Realms, the makers of Armadillo for Windows. Since I’m as curious as a cat, I started giving a quick look on it, to see if it has any interesting things related to anti-debugging and anti-disassembly. The good news is that there are some new tricks that I haven’t seen before, for example, GDB can’t trace the initial loader....

It’s not my war but...

I just saw the following at MSJ and the reaction there is simply childish, to not digress much about it. The author of Remote Buddy leaves the post below, asking for them to stop distributing cracks on his software. As a response, tons of links with the crack are published and they start complaining about the price. I really hope that these guys one day get what they deserve, their works pirated or them exploited by their bosses and underpaid....

Universe’s best and legal Mac OS X reversing tutorial for newbies (or maybe not!)

I have decided to re-release my beginners tutorial, this time based on a crackme, so it deserves the upgrade to Universe instead of World. It includes patching, serial fishing and a keygen. I have updated some errors that I found in the original tutorial. Reversing and breaking protections is a great hobby and fantastic knowledge to possess. The problem is that many abuse this and want to profit from it. I really don’t like not sharing knowledge because sharing also allows me to progress, seeking new challenges and learning new things....

Another update to gdbinit for iOS and ARM support to ptool.pl and offset.pl

I have fixed some of the missing stuff in gdbinit for iOS. Now the jump conditions are displayed for ARM and Thumb modes and the stepo command is working for ARM and semi-working for Thumb (to be fixed in the next release). Also implemented minor cosmetic changes. The tools to show Mach-O header information and calculate offsets to be patched were also updated to support ARM binaries. Offset.pl is by default interactive (you can choose from the available architectures in the binary, if fat), and ptool....