iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (1)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Cracking with D0WNGRADE (1)
  • D0WNGRADE
    Posts: 220
    [align=center]D0WNGRADE[/align]

    [align=center]Lesson One ~ Introduction[/align]

    What is Cracking?
    Cracking is modifying software in some way to remove or add "features".

    How do I do this magic?!
    Whoa there young grasshopper. There are some things you'll need to know before doing this "magic". :)

    Grab a debugger. (I recommend GDB. It comes with most *NIX systems) Now we're going to crack our first program! I've created a simple C file that you can view here. Open a terminal and compile it to a file called "test":


    gcc vulnerable_code.c -fno-stack-protector -o test


    Then run the file:


    ./test


    You should see:


    ::D0WNGRADE's Cracking Test::
    Usage: ./test [arg 1]


    So we see it takes one argument. In this program, the argument is stored into a buffer variable that is 20 bytes. So, inputting something more than 20 bytes long will overflow that buffer. We normally wouldn't know how big the buffer is without some testing, but more on that later.


    ./test AAAAAAAAAAAAAAAAAAAAA
    (there is 21 'A's)

    This should produce a "Segmentation Fault". This basically means there was an error that caused the program to crash. That means we've found out how to crack it! Now, we could attach GDB to the process while ./test is running...but sometimes when it crashes the memory addresses can change during debugging. (due to the debugger attaching to the process) So, we'll enable something called "core dumps" (AKA cores). Cores are basically a "crash report" that GDB can read. So, to enable core dumps, type the following:


    ulimit -c unlimited


    That enables core dumps that can be an unlimited size. Now run ./test again, you should see: Segmentation Fault (core dumped)
    Now, in the directory you have ./test in, use the "ls" command and you should see a file named "core"! Now, we can run that in GDB like so:


    gdb --core core

    (where the second "core" is the name of the core file)

    In the next tutorial we'll look over how to write an exploit using the information from GDB!

    Thanks for reading!
    ~D0WNGRADE
  • Xin
    Posts: 3,251
    Nice tutorial keep them coming :)
    Xin
  • D0WNGRADE
    Posts: 220
    said:


    Nice tutorial keep them coming :)



    I'll be making the second one soon. Thanks for the support! :)
  • pusoy23
    Posts: 19
    can you crack also a premium dll?
  • undead
    Posts: 822
    nice tutorial
  • chroniccommand
    Posts: 1,389
    Great tut. Good for when you wanna preform exploits such as BoF's too. You should make some gdb tutorials including things such as disassembling a function in that program and find registers.
  • D0WNGRADE
    Posts: 220
    said:


    Great tut. Good for when you wanna preform exploits such as BoF's too. You should make some gdb tutorials including things such as disassembling a function in that program and find registers.



    Thanks for the reply! :)
    I'll look into writing something about functions and registers. :D
Add a Comment