Flag: Tornado! Hurricane!

 Forums >>  Brainstorms - General  >>  How to Reverse Engineer a C++ PE file and look into its major functionalities ( Its Exposed functions , Main Application Process Flow )

Topic created on: May 3, 2012 18:20 CDT by Usman .

I have an executable file with 3 of its major DLLs. I need to reverse engineer it.

I need everything to know in it, e.g.:

The application flow
How the whole software is being made and how it works
What are the major OS functions it hooks and at which area it hooks those in the program source
What is its security level
I have software which protect the other executables by encrypting it, and I need to know the complete functionality of it thorughly which I described above.

  cod     May 7, 2012 02:49.28 CDT
You can start with static analysis using IDA (the release 5.0 it's freeware) and moving to dynamic analysis (using a debugger, monitor.. etc.)..

  NirIzr     May 7, 2012 11:37.59 CDT
actually, most consider debugging a simpler yet less robust method.
i'd suggest you start with dynamic reverse engineering, especially if you're new to the field, to get a "big picture" kind of view/understanding and only than dwell into the PE with static reversing.

do keep in mind that debugging is a less complete approach and don't forget to move on to static reversing when you get the hang of what goes on in the program.

and of course the most important thing - have fun!

  Usman     May 9, 2012 15:10.36 CDT
What do you mean by Dynamic Reverse Engineering?
From where Can I start? I need to reverse engineer a Encryption software ( which basically encrypt the other software and provide protection and it generates another file which basically is wrapper on to original file to which we want to protect ).

I need quickly to go into and what is the right way ? Dynamic Reverse Engineering makes it possible? What tool is available for dynamic Reverse Engineering?

  NickyBlue     October 3, 2012 23:50.42 CDT
May I suggest something ...comon join me!
why not create something magical ... :)


join my post "VirusBusterKit: A hype or reality?

Note: Registration is required to post to the forums.

There are 31,038 total registered users.


Recently Created Topics
Ultimate Hacking Cha...
Jun/21
CreateMutex
May/31
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Immunity Debugger Re...
Aug/03


Recent Forum Posts
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
OOP_RE tool available?
van7hu
Should binaries be n...
Kolisar
Problem with ollydbg
nullx42
!findtrampoline Immu...
skycrack


Recent Blog Entries
crystalwade
Jul/20
test

nieo
Mar/22
Android Application Reversing

halsten
Mar/14
Breaking IonCUBE VM

oleavr
Oct/24
Anatomy of a code tracer

hasherezade
Sep/24
IAT Patcher - new tool for ...

More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...

djnemo on:
Nov/17
Kernel debugger vs user mod...

acel on:
Nov/14
Kernel debugger vs user mod...

pedram on:
Dec/21
frida.github.io: scriptable...

capadleman on:
Jun/19
Using NtCreateThreadEx for ...

More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit