pirates having a newer version than paypigs editionYour place to discuss Reverse Engineering or Malware Development and share current projects.If your looking to practice your reverse engineering skills PicoCTF is one of the best places to start, followed by crackmes.oneAfter getting decent on those you may want to move on to HackTheBox and challenges.reRE>Getting Startedhttps://github.com/tylerha97/awesome-reversinghttps://opensecuritytraining.info/https://www.coursera.org/learn/malware-analysis-and-assemblyhttps://malwareunicorn.org/workshops/re101.html#0https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/https://github.com/onethawt/reverseengineering-reading-listhttps://guyinatuxedo.github.io/index.html>Youtubershttps://www.youtube.com/channel/UC--DwaiMV-jtO-6EvmKOnqghttps://www.youtube.com/@LiveOverflowhttps://www.youtube.com/@stacksmashinghttps://www.youtube.com/@LowLevelLearninghttps://www.youtube.com/@_JohnHammondhttps://www.youtube.com/c/MalwareAnalysisForHedgehogshttps://www.youtube.com/@lauriewired/videos>Tools/Otherhttps://remnux.org/https://github.com/mandiant/flare-vmhttps://ghidra-sre.org/https://github.com/hugsy/gefhttps://github.com/radareorg/radare2https://cutter.re/https://github.com/hasherezade/pe-bearhttps://learn.microsoft.com/en-us/sysinternals/downloads/procmonhttps://x64dbg.com/Malware Development>Resourceshttps://www.vx-underground.org/https://github.com/rootkit-io/awesome-malware-developmenthttps://github.com/cr-0w/maldevhttps://0x00sec.org/
I get so utterly confused using IDAit's all just gibberish to methe only times I've successfully done something was by manually rewriting the entire C disassembled program, but that only works on tiny programsI wanted to figure out a game file's format but with only the files and the game exe it sounds like a painful deed
>>102395222Man, after logging in to Htb after a long time, it now turned to a corporate recruiting shit show.Would not recommend. OverTheWire or just getting a virtual machine from vulnhub and taking a crack at it seem a good way to learn these days Imho. Thanks for coming to my ted talk.
I know it's a massive thing for a beginner, but are there more detailed/advanced guides to decompiling?all of the videos I find use extremely basic examples that don't hit real challenges
>>102397267beginners.re
>>102397267I'm assuming you're talking about decompiling native binaries.Getting a readable decompiler output is all about datas. Start by creating a header with some dummy structs defined and import it into your favorite decompiler. As long as you get the sizes right, code will already appear more readable. Then you start naming the struct members, and determining their actual types, by the context of what you see.
thoughts on radare2?
>>102398066it sounds pretty cool, but I've never used it
>>102395222whats the deal with this general, it always on page 8/9/10. Is it because of regulatory concerns smart anons don't post?
>>102399591I wonder that too, I've never seen a reverse engineering thread reach bump limit except for an IDA pro leak
>>102399591it's because no one knows how to do shitI don't want to learn basic stuff, I want to pick up IDA and with a single-click find the assembly I want and with another have it spit out readable code
>>102395222>pirates having a newer version than paypigs editiondid 8.4 leak?
Anyone has a link to the newer IDA version?
>>102399797Official beta of 9.0, downloadable straight from hexrays. No idea if it's still up, probably not.
One time I hex edited a crack to generate licenses for an updated version of the program. It was just changing a .0 to a .5 but I felt pretty 1337 Thanks for reading my microblog don’t forget to like and subscribe
>>102397267Just do crackmes, you can also pickup the harder ones and dont solve them but you have to spent time on them (a lot of time). If you want to get good don't use decompiler, it will really hurt for like 2 weeks but after that you will be able to read assembly pretty easily looking just for call instructions and their args and figuring out on the fly what is going on. You have to create this analytic mindset. If you have really big binary you have to have some strategy how to get to your target. You have to realize it's just a code that has to be executed. All you have to do is to find that code, you can use some visual cues like something was printed to console before your target action was triggered. You have to come up with some strategies and then evaluate them as you traverse the binary. If you want to reverse some bigger software you will have to use decompiler and ida has the best one.
>>102399591/g/ have no RE community especially now that 80% are shills, zommers and stormfags, all the hobbyists use dedicated forums.there is a better chance to see this general thriving in /diy/
>>102400225https://files.catbox.moe/8cyf8f.txt
>>102395419skill issue
>>102395222test
>>102401842it truly is, and it pains me to no endI wish I had focused on mods and hacking games when I was younger instead of fucking websitesit's a massive pain to headbutt your way into it now
How can i monetize RE?
The way I understand reverse engineering is that you are either:1. Doing security research for malicious software2. Trying to learn a non-malicious method somebody used to do something so you can copy it3. Wanking yourself with puzzle challengesWhenever I try to look at resources it's always about #1 or #3. How can I learn more about #2?
Huh, never seen this thread before. Thanks for sharing it, Anon. I will take a look at the links in the OP.
>>102401908Job
>>102401908making private hacks for games
>>102401895It's quite tricky but that's how I got my start in it about 4 years ago. It took months of reading, watching videos and experimenting, but I managed to write a mod for a certain old game in pure assembly and patch it into the executable. It's insanely satisfying to know that real people are actually playing my mod right now. If that feeling sounds appealing to you, I have good news, it's totally doable to learn it later in life. I'm 29 now, and I started reversing at 25 (though I've been programming since 11). But it does take a long time and you kinda have to live and breathe this stuff for a while.I'm currently getting paid to reverse engineer a very popular, but closed source, mod for the same game.
>>102399591part of it is because most of /g/ really doesn't understand computers on a deep enough level to be able to reverse anything. another part is that unless you're doing malware triage or something, talking in detail about what you actually do is often enough to identify you. so basically, yes.
>>102402006problem is... there no white hat job except malware analytics
>>102402883You can reverse commercial products to find vulnerabilities and responsibly disclose them. That's white hat...But it's true, the career path here isn't very obvious. And most regular job listings you find online are US-based, so good luck if you're from anywhere else...
>>102401091>diyI see the ohm microcontroller threads on diy and they manage, this board is flooded with v tourist and tech support because no one goes on wsr but I don't see why reverse engineering would fit on diy because at that point everything genuinely g related would go there
>>102395222>pirates having a newer version than paypigs editionIt's newer, and having literally all of the decompilers is nice, but it's unstable as fuck. You can really tell it's a beta.Crashes literally every time I detach the debugger, and also half of the hotkeys stopped working for God knows what reason.
is ChatGPT a qualified reverser? wdyt?
>>102404794use o1-preview
>>102404905but I would have to pay... :^(
>>102404950>payask free tier gpt for good strategies monetizing your novice reverse engineering skills
>>102405001touche.
>>102405160looks like you got a solid plan anon, see you back when you can afford a plus subscription
>>102395222LD_PRELOAD is awesome. Is there a practical way to observe the unencripted https traffic of a program, sirs?