Fravia's little learning
tools
Updated September 1999 |
I'm restructuring this, bear with the 404s |
[official +HCU tools]
~ [useful tools]
~ [good 'tooling' pages]
There is not a single cracked or pirated copy of software on this or any other
page of my site. There are not even links to pirated or cracked copies.
There is no need, since you will learn not only how to understand, reverse and
modify any software you fancy but also how to find on the web
everything you want (BTW, if you do not know how to search
the web, leave this cracking stuff alone for a while, go learn
"searching" and come back only when you are done
You'll therefore find here only shareware
(uncracked) or our own programs, or programs so old and obsolete that
nobody cares for them (but us).
OK, now listen carefully: the main tools you need to reverse engineer like a glove any software application that
crosses your path are mainly the following ones:
Official +HCU tool
1) Softice THE debugger! Fetch it already cracked from
everywhere (but my site), or get it ftpmailed
in one of its complete versions,
or download a trial (or complete) version from
numega's own site (search the ftp) and crack the time
limit of its trial versions using +HCU's
project2, or either buy it:
it's an INCREDIBLY
good tool, it deserves to be paid for. Softice for DOS, Windoze95 and NT in its various versions
is the OFFICIAL +HCU debugger since 1997. Btw, there is NO NEED to have
always the absolute last version of any program, even if the last version 4 promises some
inetersting web-debugging possibilities,
you'll still go quite a long way with good old (and stable) sice 3.25!
Hope it's not necessary to recall you that you can make MACROs with Softice, here a nice
couple by Incubus++:
macro PARAMS = "dd ss:esp+4" and then bpx GetDlgItemTextA DO "PARAMS"
or else
macro GETTEXT = "db (ss:esp+4)->8" and then bpx GetDlgItemTextA DO "GETTEXT"
Official +HCU tool2) BRW, Borland resource Workshop version 4.5, fetch it from the web, get it from
a "real" programmer or buy it, as you like. (Well, you won't need
to buy it... a lot of magazine's cover CD have carried for next to free the COMPLETE copy
of Borland C++ version 4.5 -see my blackboard- and
you'll get this phantastic tool there!). BRW beats SRS and beats WRE (the
resource editors of the concurrence) and therefore
is the
OFFICIAL +HCU resource
editor 1997.
Official +HCU tool | ~ |
Ilfak Guilfanov |
3) IDA (Interactive disassembler, by
Wizard Ilfak Guilfanov) version 3.7 is THE tool
you need to work. Quine's essays have underlined
its incredible performance capacities. This IS the
OFFICIAL +HCU
disassembler 1997. Crack the demo version using Quine's essays, fetch a regged version from the web
or buy a copy of it, Guilfanov deserves it, he's a great programmer!
Official +HCU tool4) Wdasm (version 8.9), fetch a demo
versions from the web and crack it
using the students' essays that you'll find it inside +HCU's
Project 0, or
fetch a real complete version from the web, or buy it (it's a good tool, it deserves it :-)
Hope it is not necessary to recall you that wdasm (8.9) is also a good debugger,
not only a disassembler...
If you use it as a debugger (as you should at times :-) just load
the process, then use the "goto code location" option in the MAIN top window to go to the part of code
you want to breakpoint into, then use
F2 to breakpoint there (see the yellow box), then, in the smaller "right" debugging
window, DO NOT FORGET to checkmark the first four boxes:
Enable Documented API Details (default)
Eable Undocumented API Details
Enable Local Function Details (VERY IMPORTANT!)
Stop Auto on API
And now you'r set for some wonderful debugging sections with wdasm. Watch the "left"
debugging window and the API calls while you just "step over" on the 'right' debugging window...
and you'll see!
5) An Hexeditor, we use mostly
PSEDIT (DOS, powerful) or Hexworkshop (Windoze), you'll find hexeditors
everywhere and you'll crack all sorts of hexeditors reading +HCU's Project 1.
Many crackers find hiew_565.zip a very useful hexeditor.
6) Filemon & Regmon & Vxdmon... shareware (with source code!). You'll find them
for download on my own site too, see below. Once you use and understand the
utility of filemon you may also want to check
my essay about filemon reverse engineering" too!
7) A good wordprocessor (MS-Word 97 won't do for huge files, I
use old powerful
Wordperfect version 4.2 (DOS) or Ultraedit (Windoze)
8) A brain, see if you manage to find one somewhere
All other tools on this page may be very useful as well at times... download
what you fancy and enjoy!
Forgotten realms
Hey! I almost forgot... actually when you'll have to perform real work
"inside the dark codewoods" you could need this
Muster as well)
Tools to calculate inter alia in Hexadecimal
Hey! I almost forgot... actually when you'll have to perform real work
"inside the dark codewoods" you better use the BEST TOOL for our calculations:
base calculator (ver 1.3)
by John Zaitseff (GNU freeware!)
as well (zipped: 148.156 bytes)
Hey! I almost forgot... actually when you'll have to perform real work
"inside the dark codewoods" you could need this
base converter as well (An Hexworkshop add-on: zipped: 58.717
bytes)
Tools to catch a window (or box) through its DIMENSIONS
Hey! I almost forgot... actually when you'll have to crack windows that have
a predefinite width and height you could need this
ruler as well (zipped: 24.323 bytes)
Well, actually, even better... when you'll have to crack windows that have
a predefinite width and height you could use this
winshow utility as
well (zipped: 57.958 bytes), the original module has
been ameliorated by Frog's Print, porting it to hexvalues inter alia,
and you'll find his version inside this zip as well
Tools to fish strings
Hey! I almost forgot... actually when you'll have to find and extract
strings in unicode from your targets you could need this
peek utility as well (zipped: 24.323 bytes)
Other pretty good pages for "tooling"
Just a small choice... everything is on the web!
Some VERY good tools for stalking (inter alia) on the Basilisk's
tools page
Some good tools for hexediting (among other things) on
LordSomer's page
Couple of good tools for Windows95 Registry (thoroughly explained) on
Michael's page
Tools for Virus programming (which is useful in order to learn Assembly) on
Jwool's page
Very good tools on a very good page, at
Mammon's
Very good tools on a very good page, at
Stone's
Tools and icecreams (quite a lot) on
Aesculapius' page
Tools and icecreams (quite a lot) on
ACP's main page
One of the best sites that you'll find for tooling around is
LordCaligo's main page
__Tools you'll find HERE on my
page__
I know that some of the following links are down... Censorship and syn-attacks have broken some minor "luggage" pages of mine...
I'm repairing everything (albeit slowly)... but you'll be able to find
the missing tools elsewhere using these NAMES and performing an archie search or a ftp search
spray asm 5.623 the *TOOL* to dump memory... +ORC's
recommended
stepdos
zip 19.088 intercept the int_21... zipped with
the stepdos.asm file!... +ORC's recommended
int13
asm 16.253 for those annoying disk accesses
sniff
zip 9.699 I made this tool myself... a brute
"sniffer" for "dead" files
memscan
zip 9.492 the first "visual" cracker tool...
+ORC's recommended
kgb zip 6.137
Horak's masterpiece for intercepting interrupts... zipped with
the *.asm file!... +ORC's recommended
map zip 23.959
Clockwork's MAP... complete with Nigel nagscreens... crack it
with +ORC's lesson 3.2
psedit
zip 67.308 Psedit version 4.4., by Gary
Craider... +ORC's recommended
codebar
zip41.103The key to the magic world of
barcodes (see +ORC's lesson C.1)
joetools zip
90.702Tools & Files you need for Uncle Joe's
Crackbook - UNP is also here
Resdump
zip11.889Little utility newbyes'll need to
crack windows programs (see my Taskman lessons)
Hiew
zip40.624 Learn how to use it... substitutes
(and how!) DEBUG and SYMDEB*
Old PSP version
2.1430.046Ancient copy of Paint Shop Pro,
useful for +ORC's lesson 9.2
ums1.zip125.493 A very old (uncracked)
strategic game, see +ORC's lesson 3 in order to crack it yourself
Peek version
11 11.492 String extracting useful utility, gets
Unicode strings inside windoze's targets too
hiew_565.zip 345.242 Hexeditor and more
watch.zip19.890Useful snooper
utility by Mike Williams (Version 2)
symdeb.zip 40.624 Good old
symdeb, what would we do without thee?
strings.zip40.624A Dos string utility that
cuts the mustard
winshow.zip57.958fish a window through its
width and height (Frog's Print modified version included :-)
cust.zip1.459.190The Customizer! Modify any window parameter!
Send your own API calls! Play with grayed buttons! (Very easy Cinderella protection,
ideal crack for newbies)
ucfpd114.zip63KA very powerful
unpacker (not for beginners though)
isdcc.zip52KA powerful
Installshield decompiler, by adq
grep.zip 4.620grep! The dos ported unix command!
You learn to use this well (and you understand how these 4000 bytes works) and you'r
almost a Perl/unix Fravia buff! :-)
POWERFUL OLD AND/OR FREE STUFF
A complete c compiler: turboc version 1 by Borland
turboc.zip (594.717 bytes pkunzip with the -d option)
A complete disassembled disassembler for your jokes and pokes!
dsasmsrc.zip 103 KbSang Cho's [pure C] "code for decoding": a complete disassembler with source code? Yeah!
dsassm02.zip 66 KbSang Cho's win32program disassembler: a complete disassembler with source code? Yeah!
A complete exe to c (old and beta) renderer
exe_2_c.zip 217.923, an old experiment made in Jerusalem :-)
__Some special tools on other
pages__
wcb.zip 103.496 Windows Code Back disassembler...
+ORC's recommended
Bizatch1 zip 96.674 The first WINDOWS95 virus!
(Courtesy of Vlad) With source code!
Bizatch1
zip 96.674 Another copy
ida35b.zip 1.300.000 V 35b Russki GOOD
Interactive Disassembler, the one that works with
DOS4GW
pooldemo.zip 200.122 Download it and crack it
with +ORC's lesson 1
dmpexe12.zip 38.234 This solves
the problem of the new exe-packers: interacts with
softice
dongspy.zip 27.304 Donglespy: to start
studying dongle_cracking in Windows 95 (BTW:it's "pipeta!")
trackmem.zip 30.234 As the name says (+ORC
recommended)
gwbasic 60.436 A very old Microsoft
basic interpreter (Version 3.2): what for? Who knows
;-)?
filedump.zip 2?514 As the name says (+ORC
recommended)
ia.zip 300.453
This is a copy of the IABROWSE.EXE program you should have cracked
for the 1996 +HCU (see+ORC's
lessons C1, C2 and C3), better than nothing, if you cannot find
a complete CD-ROM with this protection scheme (You'll find ia.ini
in my orc.htm page).
__Some OTHER powerful tools__
ivyspy.zip 52.913
Show me my heaps!
pview95.zip 22.711
You thought ps.exe was a good killer?Mark Russinovich's register monitor! 102.536
Win95 OS is STUPID! have a look at what happens at your
monstruous register (deep inside windows 95) every time
a program runs! (Can be pretty useful for our trade :-)
Tekfct95.zip! 516.442
Well, an INCREDIBLY useful tool for our trade! Don't forget to
check the 'search' DLL facilities!
gnb.zip 115.549
Not a tool: a very old (poor AI, yet very good for
two humans) napoleonic strategic game! (needs quite some
reverse engineering to find out its funny commands!)
vxdmon.zip! 60.260
Well, virtual drivers need checking too!
Mark Russinovich's File system monitor! 94.324
Have a look at how many files are accessed every time a
(suspect) program runs! (a really useful tool for our trade :-)
I was
so excited about this very good program that I completely reversed it, see
my filemon serie essays!
useful tools
homepage links
+ORC
students' essays
+HCU database
anonymity
counter measures
CGI antismut
cocktails
search_forms
AntiMicro$oft
mail_Fravia
Is reverse engineering legal?
(c)
Fravia 1995, 1996, 1997, 1998, 1999.
All rights reserved