Resultados 1 al 2 de 2

Tema: Reverse Engineering & Memory Hacking of Packed Programs

Ver modo hilado

Mensaje anterior Mensaje anterior   Próximo mensaje Próximo mensaje
  1. 30 marzo 2021, 10:56 #1
    Avatar de nguoivohinh
    nguoivohinh
    nguoivohinh está desconectado Experto hombre
    Fecha de ingreso
    agosto 2015
    Mensajes
    7.353
    Agradecido: 303

    Predeterminado Reverse Engineering & Memory Hacking of Packed Programs

    7ce62f0d3e305045331ffe4bbc01e83b - Reverse Engineering & Memory Hacking of Packed Programs
    MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch
    Genre: eLearning | Language: English + srt | Duration: 15 lectures (1h 44m) | Size: 1.31 GB

    Learn how to reverse, debug and patch packed programs - without unpacking - by using Cheat Engine

    What you'll learn:
    Bypass anti-debuggers
    Patch Memory
    Use x64dbg debugger
    Using Cheat Engine
    Using ScyllaHide Plugin
    Using SharpOD Plugin
    Using built-in hide Debugger functionality
    Using Trainers (Loaders) for Process Patching
    AOB Code Injection
    Direct Byte Patching
    ASM scripting for app hacking
    LUA scripting for memory hacking
    Designing Trainers (Loaders) with CE's Form Designer
    Break and Trace
    Modify program behaviour
    Packing and Disassembling Crackmes using Popular Packers
    and more...

    Requirements
    Assembly language is helpful but not compulsory
    Windows PC
    Already know how to use x64dbg debugger
    Familiar with Cheat Engine

    Description
    If you had always wanted to learn how to reverse and patch packed programs - without unpacking, then this is the course for you. This course is a follow-up from the earlier course on Reverse Engineering & Memory Hacking. It is the practical application of what you have learnt in the first course. If you think that packing and anti-debugging is good enough to prevent reverse engineering, then you may be in for a surprise. In this course, I will show you how to test the effectiveness of several popular packers by packing crackmes and then reversing them - without unpacking.

    Traditionally packed programs are unpacked before debugging is carried out. This is because a packed program's file cannot be patched. Much of software protection has centered on making it difficult to unpack programs. However, the important question is: how effective is packing, obfuscation and anti-debugging as a means to prevent reversing? This course explores several packers to find the answers.

    We will do the analysis using a tool called Cheat Engine, which is a prominent tool used by game hackers. This tool could also be used to study and analyze packed program's processes that is running in memory. You will learn how to perform debugging in spite of anti-debugging being implemented. There is no need to unpack and dump memory. Instead of unpacking and then patching the dumped files and fixing IAT (Import Address Table) tables, we will write scripts to hack memory using byte patching using an advanced technique called AOB (Array-Of-Bytes) Injection, by injecting code into code caves (inline memory patching). In this course you will learn how to do all of the above and more.

    At the end of this course you will be able to gauge the effectiveness of software packers, obfuscation and anti-debugging protection and also to have a good idea of how to implement extra countermeasures to improve the security of software.

    In all the practical exercises and walkthroughs, we will use Crackme's which I have written. You will learn how to pack them using several popular packers and then hack them using Cheat Engine.

    What you will learn

    How to set hardware breakpoints and debug packed programs in spite of anti-debugging protection

    Doing Break and Trace to identify Algorithms for reversing

    Identifying addresses to do memory patching

    Writing custom trainers (loaders) using Cheat Engine to hack and patch memory

    Modify program behavior

    Process Patching programs

    Creating Lua Scripts for process patching

    Test the effectiveness of Anti-Debugging technology

    Packing crackmes using popular packers

    Hack the packed crackmes and patch their memory during runtime

    Prerequisites:

    Before taking this course, you should preferably be already familiar with how to use x64dbg and Cheat Engine

    Windows PC

    Some knowledge of Assembly would be useful but not compulsory

    Who this course is for
    Anyone who wants to know how to assess the effectiveness of packers against Reverse Engineering
    Software Developers who want to implement extra layer of protection in addition to packing and Anti-debugging
    Reversing hobbyist who wants to level up their skills to take on packed software
    An introduction to Software Protection for anyone who wants to get started in this field

    9745ad5c9f64fbaf5fb686a4e5652525 - Reverse Engineering & Memory Hacking of Packed Programs

    Download link:
    Contenido oculto. Ha de estar registrado, y pulsar el botón "Gracias" para visualizar sus enlaces de descarga.
    Si trás registrarse todavía no visualiza el botón de "gracias", pulse la tecla F5, para refrescar la página.
    Citar Citar

  2. El siguiente Usuario agradeció a nguoivohinh este mensaje:

    Rivinorman (23 julio 2022)
« IAMAG Master Classes Bundle 2022 | Growth Academy »

Etiquetas para este tema

Permisos de publicación