Flag: Tornado! Hurricane!

 Forums >>  Brainstorms - General  >>  OpenRCE 2.0?

Topic created on: July 20, 2012 18:07 CDT by pedram .

Hello all,

It's no secret that I've been unavailable to maintain OpenRCE in recent years. A large part of which is due to the fact that I sequestered myself in a coding cave to work on my latest endeavor, Jumpshot, which I finally launched last week on Kickstarter. I'm still heavily focused on the start-up but now that it's seen the light of day I'm starting to resume some normalcy in my life and a subject that has been on my mind for some time is how to reinvigorate OpenRCE. The layout is antiquated, articles require too much effort to collect and publish, the downloads list is out of date, my vision for distributed RCE never took off... all in all, the site either needs to be retired or receive an overhaul.

A key factor I feel to the survival and longevity of OpenRCE will be to switch from focusing on content hosting to content aggregation. I've chatted briefly with Rolf Rolles the moderator behind the RE sub-reddit and Danny Quist the creator of Offensive Computing, perhaps a merger of resources would be a valuable community asset. Though it's unclear exactly how that would be structured.

From what I last saw (though it appears to be down, at least at the moment) the  Woodmann Collaborate RCE Tools has done a great job documenting the vast library of available tools. That may no longer be a necessary resource for OpenRCE.

Most of you have probably heard of CrowdRE, a collaborative reversing tool released at REcon a month ago. Though the tool looks promising, there's been some publicly voiced hesitations in using a corporations private servers. Some clever folks have already released a compatible open source server called Cloud Nein, it lacks the server-side fuzzy matching but perhaps people are interested in spinning up a server on OpenRCE? Another stab at distributed RCE :-)

TL;DR: I want to start a discussion and field comments to determine the fate of the site.



  manizzle     July 22, 2012 22:04.15 CDT
As a young reverser i would really like to see the reopening of the distributed rce effort. One of my problems is that i reverse stuff like crazy but i dont really have a focus. Crackmes.de is a great place to sharpen my skills and see new problem sets but i want to do things that will eventually be useful to others in the reversing scene. Collaborative projects with other experienced reversers would be very useful in learning what type of open problems the community faces so people like me who are interested in both reversing and doing relevant research can actually move forward and not just stay stagnant. Plus i friggin love this site and the posters here. My idols. ;p

  pedram     July 23, 2012 09:02.34 CDT
Quick point of clarification. I'm not pushing to kill the site! I'd love to keep it alive but am looking for creative ideas to make it less stagnant.

  wishi     July 23, 2012 11:15.25 CDT
Hi pedram et. al.

OpenRCE was one of the great sources leading me into some reverse engineering. That's a while ago actually. I must say these days I do not understand way we pay any attention to the issue with CrowdRE and the cloud. I'm sure most readers here used BinCrowd. What is the difference and why should OpenRCE be BindCrowd 3?

Personally I'd like to see more events to establish a more transparent profile about what reverse engineering is, and how the industry can adopt it.

  pedram     July 23, 2012 14:12.11 CDT

Valid point. Mostly I wanted to throw an idea out to stir creative thoughts. Also, I wasn't aware BinCrowd was going to continue being around with the Google acquisition and all.

The link to this topic is starting to float around the community... let's see what ideas come up.

  arebc     July 23, 2012 19:06.08 CDT

I'd like to see the site stay but I'd like to see the spam problem go away. I have almost ditched the RSS feed a couple of times. The RE-Reddit is awesome but a flaw that I noticed is Reddit only indexes up to 1k links. Every time a new link gets added an old one gets lost into the world wide web. Be kind of cool to have them all indexed here for references or searching. Just a thought.

I'm happy to hear you are planning an overhaul for the site. Thanks for creating such a great place to learn.

  pedram     July 24, 2012 15:02.30 CDT
Thanks for the comments. I didn't realize that about reddit, there is feature #1 right there! Great idea.

I was thinking of making the site Twitter login only. Prevent spam and replace messaging in one step. Another benefit would be a script to monitor everyone's twitter feed and automatically bubble up frequently shared links to the site. Going along with the notion of moving from content creation to aggregation.

  igorsk     July 24, 2012 15:41.39 CDT
And what about the three of us who don't use twitter? :(

  RolfRolles     July 25, 2012 04:45.07 CDT
I'd note that if feature #1 is merely to archive links from the reverse engineering reddit, then I can't really support OpenRCE 2.0.  There already is an archive of the reverse engineering reddit:  the reverse engineering reddit.  The links aren't actually gone, they just aren't visible through the standard page-by-page enumeration after 1000 entries (for example, they are still returned as results in the search feature).

  remad     July 25, 2012 08:40.49 CDT
I'm guessing but I think the reason it was feature #1 is that it would be quick/easy and looked like it would provide *some* value.

The idea of a "Buzz word cloud" (just not the ugly graphics) with hot topics in reversing aggregated across multiple sources would be pretty neat and maybe even useful.

Hell just mirroring the Woodmann stuff somewhere that I can reliably get to would be nice.

  pedram     July 25, 2012 09:39.00 CDT
@RolfRolles: There goes feature #1 ;-) Which btw, I didn't mean #1 in terms of priority but the first new feature idea... I wasn't aware that links beyond 1,000 go off page, nor that they are archived.

@igorsk: It's just a thought! and as an off-the-top-of-my-head-solution, we can make all three of you admin accounts ;-)

@remad: Thanks for the comments!

I'm glad people are chiming in, turning into an actual dialog of sorts now.

  0ned   July 25, 2012 12:05.54 CDT
A Beginners section!!! and maybe a "stackoverflow" type of system. Much fun and addictive.This will make this site a whirlpool sucking reversers.

  arebc     July 25, 2012 12:21.29 CDT
> RolfRolles: I\'d note that if feature #1 is merely to archive links from the reverse engineering reddit, then I can\'t really support OpenRCE 2.0.  There already is an archive of the reverse engineering reddit:  the reverse engineering reddit.  The links aren\'t actually gone, they just aren\'t visible through the standard page-by-page enumeration after 1000 entries (for example, they are still returned as results in the search feature).

My bad. I thought they were gone. Just did a quick search for something I submitted two years ago and it's still there. One option would be to index all the pages that get submitted to RE-Reddit and search them.  Kind of an improvement on the old school custom Google OpenRCE search.

Also, I like the idea of monitoring/indexing popular links on Twitter. A lot of great stuff comes and goes quickly on Twitter. Can't say I like the idea of using Twitter logins. Odds are a lot of people wouldn't rejoin.

  pedram     July 25, 2012 14:05.52 CDT
I thought the custom Google search engine would be a great resource, but no one contributed to it so and the momentum died off.

While not specifically RE related, I did find this resource which provides trending information across all InfoSec subjects on Twitter:


  NateLawson   July 25, 2012 16:36.18 CDT

Thanks for soliciting comments. I agree that the current version of OpenRCE has died off a bit. That's to be expected -- peoples' approaches change, posting habits evolve.

I don't think a beginner's tutorial is a good use of the site. Woodmann is better for that. To teach beginners, you need an inspired person like Fravia+. I don't see anyone here taking that onus on themselves.

I like the twitter/Reddit aggregation and archive idea. It would be nice to make it per-person. For example, everything rolf says tagged #re or articles posted to Reddit.

This could be combined with an archive of previous in-depth blog posts made on OpenRCE or personal blogs. For blog posts, the user could configure whether each one should appear on OpenRCE or not.

I don't think coordinated reversing is a good plan. BinCrowd, CrowdRE, etc. are all solving that kind of problem. I think of this site as more of a library of in-depth articles.

Thanks for soliciting opinions and for your contribution of running this site.


  pedram     July 26, 2012 16:18.56 CDT
Thanks for the input Nate.

Coordinated reversing... dead idea. I threw it out there and the reaction has been visceral, plus it's non-trivial to implement.

The idea of tagging work by user is interesting. A feature to see the work (code, articles, blogs, etc..) of _____.

  Sirmabus     July 26, 2012 22:39.16 CDT
First well done on creating the site in the first place!

I think it's great the way it is, albeit just some things about the forum format I don't like. I prefer the more standard like phpBB or similar my self.

It's just obvious that you hadn't been maintaining or adding much in while.
No new articles and for a while the site cert was expired, etc.

Now that you are back, maybe just change the color scheme to give it a "fresh" feel if you will.
Moderate more, add new articles (if there are any in the queue). Maybe get some help moderating if you need..

  pedram     July 27, 2012 01:46.55 CDT
@Sirmabus: Thanks for the kind words! I unfortunately won't have the consistent time necessary to push peers to write articles. There's nothing in the queue without that effort and most people today seem to prefer publishing their work on corporate/personal blogs.

What do you guys think of the following...

- Make the primary focus of OpenRCE a search engine. Maybe around Google's custom search, maybe atop of Apache Lucene (been wanting to play with that anyway). We can feed various Twitter feeds, RSS feeds, articles, papers, etc. into the search engine. This will serve as a good archive as well, since things tend to move.

- Freeze the articles and their comments as is. No more new content. Feed all current content into the search engine.

- Freeze the forums as is. Again, no more new content and feed what exists today into the search engine. I'd like to encourage businesses to put their job postings on Reddit moving forward.

- Rename what we currently call "blogs" to "posts" and keep the commenting system on it. This provides a home for content from anyone who can't otherwise find a suitable place to post their work. Of course, feed this into the search engine as well.

- Kill "imagery". Or, if anything, move it to Flickr and allow anyone to post screenshots etc.

- Drop the internal messaging system.

- Keep the ability for users (who have requested and been given "level 2") to host files on OpenRCE.

- I'd like to switch the entire login system to Twitter. If that doesn't sit well with people however I can make it optional and add a CAPTCHA to thwart spam.

- Make the user directory "opt-in". For those who wish they can essentially have a bio page of sorts on the site.

- Keep the bookstore, add more books to it.

- Drop distributed RCE.

- Keep downloads. It's a good archive. I'd like to add commenting to downloads and get some help maintaining it.

- Drop event calendar.

- Replace live discussion Java applet with informational reference to IRC channel and a live list of Tweets containing the hashtag #OpenRCE.

- Keep the reference library. I'd be happy to host custom made reference materials, data etc...

- New look and feel. I'll ask my designer friends for some favors ;-)

</brain dump>


  djnemo     July 27, 2012 17:32.37 CDT
Hi perdram,
just do what ever you want but dont shut down the site ;)

i think we need to recategorized the forum there are many other kind of reversing and many other hot topics like Malware analysis, Rootkits, Exploits and Vulnerabilities and ...(there was a rootkit.com to talk about rootkits and now its gone)

the other thing that i have in mind is Reversing Api Database (something like microsoft MSDN that include Api's and many documentations) we can have a Database just for Microsoft Api or other development frameworks Api functions with enough documentation and code sample like microsoft debug api's , pydbg and ...

i will think more on this and share everything with you guys :D

* If you want the Site/Forum more More active choose active Moderators.

  NirIzr     July 30, 2012 19:30.20 CDT
djnemo - there are already quite a few documentation sites out there.. so we should probably focus on scraping them instead of creating a new one... plus an IDA scripts of course :-)

im also against the twitter only logins...

I think we should mirror downloads from, different sites as well... tuts4you & crackmes.de ...

the forums are quite dead for a long time now.. and I think most of don't use forums anymore (am I wrong?). I vote for a more live chattish question's place like IRC and a wiki-like FAQ for repetitive questions, with a web IRC client. I think it'll work nicely...

I think gathering and organizing tutorials and tweets will be hard to implement well but it might work, we'll have to wait and see :-)

  1sh1kawa     July 31, 2012 06:25.14 CDT
I'm new here, but i don't think, that forum is dead, there some interesting topics there and my questions were answered rather quick. May be stackoverflow model with tags and similar questions will be better, but still forum is really useful resource.
p.s. sorry for my English :)

  madb0o   August 3, 2012 13:54.56 CDT

"perhaps people are interested in spinning up a server on OpenRCE?"

CrowdRE now supports groups; perhaps starting an OpenRCE group for CrowdRE will be beneficial.  This would be a great place to store annotations for well known malware examples for beginners and anyone really to share annotations to establish best practices?  This tool was developed for the RCE community and there is already a great community at OpenRCE which can leverage the tool to share and learn.  If anyone is paranoid about sharing some annotation, then don't share *that* annotation, but there is plenty that can be shared for the benefit of the RCE community.  I'm happy to help get this going.

  solace     August 29, 2012 01:57.11 CDT
> While not specifically RE related, I did find this resource which provides trending information across all InfoSec subjects on Twitter:
> http://talkback.volvent.org/trending.html


I wrote this tool due to being frustrated keeping up with daily news, it's been running for a few months.  It does the job ok but far from perfect, so it's still a work in progress.  If you have ideas/suggestions i'd happily consider adding new functionality/feeds/whatever.

  pedram     August 30, 2012 16:05.14 CDT
@Solace: Small world, that's awesome!

@everyone-else: Sorry for going silent. Reviving the site is still on my agenda and the feedback thus far has been good enough to give me some initial direction. Just waiting for the free time and some resources to throw at redesign.

  anonymouse     September 6, 2012 10:31.52 CDT
hi pedram your jumpshot looks nice

as to this site try to stop the spam and try to inject yourself a little bit and probably it will be good enough

  pedram     September 6, 2012 11:57.42 CDT
Cursed spam! I will use a better CAPTCHA. Currently slammed with dev work. But I've got enough info to move forward. Just waiting on time and resources.

  codeinject     January 8, 2013 02:15.42 CST
First I'd like to recommend this read: https://www.openrce.org/forums/posts/2174#4707

Besides that I'd honestly just go for a Concrete5 site or soemthing. As well don't all RCE'rs prefer to hack around over writing websites. Hack, I don't have to manage it use Joomla for all I care.
What I'd recommend is to setup a bitbucket or something and allow people to send new modules etc. eg making OpenRCE a true community webpage. Including a bigger forum RSS feeds to some blogs etc etc. The CrowedRE BinCrowd died ( http://www.zynamics.com/bincrowd.html ), and I'd love to get a decent replacement (I've not yet tried CrowdStike) Also I'd love the idea that OpenRCE can 'host' the reversed versions for a lot of system dlls or other common parts (lets say some pdf readers, browsers etc). Allowing bindiffing with previous versions and what not. The most important thing OpenRCE is for me is a reference website with forums where EXPERTS lay around. Most forums are filled with kids who'm hack with CheatEngine and a lot of people post the same exploit tutorial over and over again.

Maybe add a part where (if enough Knowledge points aquired) you can start a blog. These knowledge points may function as a reference for how much a guy knows etc. A reward system often works well with communities. You know get reward points from your peers or demotional points from peer. I am honestly now just spewing a lot of poison on this board. As I have bnot thought any of these things through at all. 've just started my day and I had a lot of coffee. Thus well take my advice/ideas with a sack(not a grain) of salt. Add a CAPTCHA for sure and Password recovery.

At least I'd love to get things moving during feb, march and I'd love to help. I am nearly done w/ my thesis and therfore I'd get some spare time. Let me know :)

Note: Registration is required to post to the forums.

There are 31,016 total registered users.

Recently Created Topics
Ultimate Hacking Cha...
let 'IDAPython' impo...
set 'IDAPython' as t...
GuessType return une...
About retrieving the...
How to find specific...
How to get data depe...
Identify RVA data in...
Immunity Debugger Re...

Recent Forum Posts
How to find specific...
Problem with ollydbg
How can I write olly...
New LoadMAP plugin v...
Intel pin in loaded ...
OOP_RE tool available?
OOP_RE tool available?
Should binaries be n...
Problem with ollydbg
!findtrampoline Immu...

Recent Blog Entries
Android Application Reversing

Breaking IonCUBE VM

Anatomy of a code tracer

IAT Patcher - new tool for ...

CryptoShark: code tracer ba...

More ...

Recent Blog Comments
nieo on:
IAT Patcher - new tool for ...

djnemo on:
Kernel debugger vs user mod...

acel on:
Kernel debugger vs user mod...

pedram on:
frida.github.io: scriptable...

capadleman on:
Using NtCreateThreadEx for ...

More ...

SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit