HACKING LESSON 10 - 4th MAY 2007

In the last chapter we saw that how a protection mechanism is created, which was demonstrated using a very simple c program which ask user to input a password and if the password matches the correct value it displays a message “Password OK”.

Now we will see how to crack that password.

Note: This chapter only covers the basic i.e. how these things are done; we do not guarantee that it will work on every program. However, the process remains the same.

What we are trying to do here is called Reverse Engineering. Though we cannot generate the source code from the executable file but we can have an idea what the source code looks like.

There are lots of software’s available which can generate the binary code and assembly instructions from the executable file. Therefore, if the reference password is stored in the program itself (like the one which we created) and is not converted to some other form then it can easily be tracked just by looking at the binary code of the file.

SOFTWARE’S

1). A HEX EDITOR: A hex editor is a computer program that allows a user to edit compiled programs and binary data-files. Hex editors most often present data in hexadecimal format, because it is easier and also because computers tend to work with 8-bit bytes of information. In short, these programs are able to edit the executable files.

2). A DISASSEMBLER: This program can convert the executable file into assembly language. In Short, these programs can help you understand that how a program is working which is necessary to change the way it is working. E.g. if the program will run only after providing the correct password, then by using a Disassembler its function can be changed to accept every password as the correct password.

In order to work with a Disassembler a person needs to have a good understanding of all the assembly language instructions such as JMP, PUSH, POP, etc.

Try Hacking Test 4 in order to know how these software’s are used.

17 comments:

Unknown said...

this is all about Windows 98and XP. Doyou have the solution for Windows2000? If yes please let us know.

Anonymous said...

i've missed out lesson 7..... can u please mail it to me at the following e-mail address...

kforkushank@yahoo.co.in

thanks
Kushank

$ said...

All the previous lessons are posted on the blog under different topics, such as - windows registry, search engine etc.
U can take the lessons from there itself.

Unknown said...

well..its not realted to this topic. it is a request. i am making my own site(a subdomain) but the source code is mine. i needed help for the notice board section. can i create a java script which will store all the comments that a user inputs in a text/html or whatever type in my account or just e-mail me??? i know html and xhtml but not java scripts. can anyone help me with this?

Counter Strike Cheats said...

i have joined u now plz mail me previous lessons at fazi_no1@hotmail.com

$ said...

Give us ur email id we'll connect u to some real time programmers....

Unknown said...

can you mail from the starting cause i have started my lesson today

Anonymous said...

i went thru all the three sam's,
the one registry shows nothin,
the 2nd one has a size of about 200kb and other one has 15kb, why does these two sam's hv diff size?

$ said...

all lessons are posted on the blog under different topics such as search engine, windows registry, etc.

$ said...

the SAM file in system32>config stores the user names, password hashes and lots of other information about the users account.

SAM in windows>repair is the backup file which only contain some useful information but most of time in LAN this file is deleted by the admin.

Sandeep said...

I have send u the C program to ur specified email address ...

$ said...

Tnx Sandeep

Counter Strike Cheats said...

Plz Help !!!

THe prograam writtten having sme bug i cant remove it because i dun use that languge so what to do help plz !!!

harin naik said...

hey i haved missed my lessons 5,6,7 can i have this, or can u just post all the lessons line by line... that will b of g8 help

$ said...

Syed........

We have recd the program from other users. Tnx for trying.

$ said...

Harin.........

All the previous lessons are posted on the blog under different topics, such as - windows registry, search engine etc.

U can take the lessons from there itself.

Unknown said...

nice website