Results 1 to 1 of 1
  1. #1
    Vitrix Maggot
    Vitrix Maggot is offline
    Member-in-training Vitrix Maggot's Avatar
    Join Date
    2013 Apr
    Location
    Brasil
    Posts
    58
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    43
    Thanked in
    24 Posts
    Rep Power
    0

    Types Of Loops In Reverse Engineering

    Well, I'll explain how to do a loop if they want to repeat any statement more than once, I'll post some examples and I'll comment on them to facilitate understanding, but let's first understand how a loop in reverse engineering.

    A loop in r (reverse engineering) is similar to the way it is done in any other language, will always have a control variable and a controller, and in our case the control variable can be a register or a memory location, and controller will always be a CMP. The difference is that the control register is not changed instantly, which you will control it.

    Well, I better explain, let's make a loop in C + +, pay attention.

    01: for (i = 1, i <= 10, i + +) {
    [...] / / Block codes
    03:}
    As you can see, our controller is the FOR statement and this loop control variable is the variable i, it starts containing the value 1. The condition is that when the variable reaches 10 the loop will stop, and to get there, the variavei i will be incremented +1.

    In reverse engineering, this same process would be compiled in the following way

    0001: MOV AL, 1 / / Starts the AL register (our control register) to 1
    0002: CMP AL, 0A / / Compares the value of AL (our control register) with 0A (10 decimal)
    0003: JE SHORT 0006 / / If the value of AL is equal to 0A (10 decimal) it jumps to offset 0006
    [...] / / If not, will execute the block of routines that should be located just below
    0004: AL INC / / Increment +1 in control register AL
    0005: JMP SHORT 0002 / / Jumpa to offset 0002 where is the controller loop
    [...] / / Continuation of routine
    I'll give you another example using the control, a place of memory.

    0001: MOV BYTE PTR DS: [00445566], 1 / / Guard at offset 00445566 (memory control) the value 1
    0002: CMP BYTE PTR DS: [00445566], 0A / / Compares the value of offset 00445566 (memory control) with 0A (10 decimal)
    0003: JE SHORT 0006 / / If the value of the offset is equal to 0A (10 decimal) it jumps to offset 0004
    [...] / / If not, will execute the block of routines that should be located just below
    0004: INC BYTE PTR DS: [00445566] / / Increment +1 memory control
    0005: JMP SHORT 0002 / / Jumpa to offset 0002 where is the controller loop
    [...] / / Continuation of routine
    So come on, we are forced ourselves to control our control variable, because if not routinely enter into an infinite loop. If you wanted to do an infinite loop (of course, that to make an infinite loop you will have to create a new thread, otherwise you will catch your main thread) you should just remove the drivers. In this case, you do not need to control anything, it just take a jump to the beginning of the routine, I'll show you an example.

    Infinite Loop.

    0001: MOV DWORD PTR DS: [EAX * 4 +00445566], 1 / / The calculation done in square brackets ([]) result in an offset, and this offset is inserted the number 1
    0002: INC EAX / / EAX Incremeta +1
    0003: JMP 0001 / / always Jumpa to offset 0001
    line 0001 we conducted a calculation to find out the memory location where the value will be inserted first. Suppose the EAX register is accumulated hexadecimal number 1, and the next line is responsible for performing the following function: EAX * 4 +00445566. In this scenario, let's turn it into something that we humans are accustomed to dealing, thus 1 * 4 +00445566.

    From this, just put the math into action and solve the equation, simple no?

    Soon after the calculation, the routine moves one to offset that is calculated, and after moving it increments +1 in register EAX and jumps to the beginning again.
    I admire most other programmers not paid any dick!!

    Admiro outros Programadores mais nao pago pau pra nenhum !!


    Skype: Vitor Monteiro

Similar Threads

  1. Anti Reverse-Engeneering Library
    By Vitrix Maggot in forum Assembler
    Replies: 0
    Last Post: 2013-07-05, 02:30 AM
  2. [Info] Java Application Analysis and Reverse Engineering
    By Bytesize in forum Game Research, Development
    Replies: 0
    Last Post: 2012-10-27, 08:32 PM
  3. [Doubts] About types of servers Aika
    By Milson22 in forum Aika Online
    Replies: 3
    Last Post: 2012-02-17, 10:33 PM
  4. [VideoTutorial] Basic Reverse Engineering: Code Cave
    By a4123278 in forum Programming Tutorials
    Replies: 1
    Last Post: 2010-11-29, 04:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •