About Articles Book Store Distributed RCE Downloads Event Calendar Forums Live Discussion Reference Library RSS Feeds Search Users What's New


Customize Theme

Flag: Tornado! Hurricane!

 Forums >>  Brainstorms - General  >>  How to Reverse Engineer a C++ PE file and look into its major functionalities ( Its Exposed functions , Main Application Process Flow )

Topic created on: May 3, 2012 18:20 CDT by Usman .

I have an executable file with 3 of its major DLLs. I need to reverse engineer it.

I need everything to know in it, e.g.:

The application flow
How the whole software is being made and how it works
What are the major OS functions it hooks and at which area it hooks those in the program source
What is its security level
I have software which protect the other executables by encrypting it, and I need to know the complete functionality of it thorughly which I described above.

  cod     May 7, 2012 02:49.28 CDT
You can start with static analysis using IDA (the release 5.0 it's freeware) and moving to dynamic analysis (using a debugger, monitor.. etc.)..

  NirIzr     May 7, 2012 11:37.59 CDT
actually, most consider debugging a simpler yet less robust method.
i'd suggest you start with dynamic reverse engineering, especially if you're new to the field, to get a "big picture" kind of view/understanding and only than dwell into the PE with static reversing.

do keep in mind that debugging is a less complete approach and don't forget to move on to static reversing when you get the hang of what goes on in the program.

and of course the most important thing - have fun!

  Usman     May 9, 2012 15:10.36 CDT
What do you mean by Dynamic Reverse Engineering?
From where Can I start? I need to reverse engineer a Encryption software ( which basically encrypt the other software and provide protection and it generates another file which basically is wrapper on to original file to which we want to protect ).

I need quickly to go into and what is the right way ? Dynamic Reverse Engineering makes it possible? What tool is available for dynamic Reverse Engineering?

  NickyBlue     October 3, 2012 23:50.42 CDT
May I suggest something ...comon join me!
why not create something magical ... :)


join my post "VirusBusterKit: A hype or reality?

Note: Registration is required to post to the forums.

There are 29,893 total registered users.


Recently Created Topics
Decompiling raw bina...
May/22
Incorrect bitness wh...
May/20
PaiMei stalker modul...
May/19
Attach to program us...
May/13
IDA PRO how to make ...
May/12
FACT: OpenRCE is dead.
May/08
Int 3 anti debug?
May/05
help needed - Beginn...
May/03
Attaching IDA Pro to...
Apr/27
File type
Apr/21


Recent Forum Posts
Ollydbg 2.0 - Plugin...
openrce...
IDA PRO how to make ...
codeinject
FACT: OpenRCE is dead.
codeinject
IDA Resource Viewer ...
r2x64
FACT: OpenRCE is dead.
djnemo
FACT: OpenRCE is dead.
codeinject
FACT: OpenRCE is dead.
pedram
help needed - Beginn...
araujo
Attaching IDA Pro to...
codeinject
Int 3 anti debug?
codeinject


Recent Blog Entries
nfljerseysmart
May/23


nfljerseysmart
May/23


laangels
May/22
The Reason You Need A Mark ...
laangels
May/22
Buy Albert Pujols Jersey an...
lowpriority
Apr/13
OllyMigrate Plugin for Olly...
More ...


Recent Blog Comments
clarisonic on:
Apr/03
New version of Ollydbg!
clarisonic on:
Apr/03
New version of Ollydbg!
trackerx90 on:
Mar/04
SuppressDebugMsg As Anti-De...
coachfactory on:
Feb/25
Portable Executable Format ...
coachfactory on:
Feb/25
A new Anti-Olly trick.
More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit