1. Software reverse analysis , Try to write the source code of this software
2. The algorithm of the software is analyzed , So as to know the purpose of the algorithm
Crack : After studying the mechanism of software , Or by modifying the program file , Or write the registration machine and randomly generate a valid serial number registration code , To break through its functional limitations .
Reverse debugging :
1. dynamic analysis : Use the dynamic debugging tool to load the program and run it , At the same time, you can pause to view various states at any time
2. static analysis : virus
tool :
1. dynamic --
Ollydbg:32 Bit dynamic tracking tool ,Ring3 Level debugger .
OllylCe: After revision by fans , essence OD.
IDA Pro: Interactive disassembly tool .
x32dbg and x64dbg
Stack :
Is a part of memory , Two properties :
1. Last in, first out ( First in, second out )
2. Address reverse growth ( The bottom of the stack is a large address , The top of the stack is a small address )
It is used to store data temporarily
Push Pressing stack Push words onto the stack
Pop Spring stack Pop words out of the stack
be careful : Both heap and stack are areas of memory , But not the same .
One , Memory allocation differences
Two , Differences in caching methods
Three , Data structure differences
Assembly instruction :
programing language :
classification : machine language , assembly language , high-level language ( currency )
Yes :win32 assembly , Easy language ( ordinary / static state ),Vb,C,C++,C#,Delphi
notes : Different programming languages have different entry characteristics .
Why identify entrance features ?
Although there is an identification shell / Tools of language (PEID/EXE info PE), But some new shells or others are indistinguishable .
Technology