User Account

All Pages

What do the items in this list represent

Assignment Help Software Engineering
Reference no: EM132732295

Lab: Breaking Protections

In this lab, you will break protections using the patching approach. You will mimic the activity described in the text (Reversing by Eilam) on pages 358-364 however, you will use IDA Pro instead of OllyDbg as used in the text. Each question in this assignment is worth 20 points.
Execute/Run Key4.exe file from the class site-you'll need this program later in the exercise.

Run the program key4.exe. Enter any data into the two boxes and select OK.

1 If you download the book from the Wiley website, download the entire code set for the text but only extract key4.exe. Because the code set contains a malware sample from another chapter, you may have to disable AV to get the zip file to successfully download. Once you've extracted key4.exe, you can delete the downloaded zip file (or a subsequent AV scan may take care of that for you).

Q1: What do the items in this list represent?
Double-left-click on each of these four items in turn. It is recommend that you switch to IDA View-A to text view (it defaults to graph view). Text view will be easier to match the notes in the text. While you can go back to Imports and repeat the steps above to get to your list, it is simpler to right-click on MessageBoxA in the disassembly and select "Jump to xref to operand" from the pop-up menu-it's the same list.

Q2: What are the offsets (the value after .text: on the left of your screen) for the four Call MessageBoxA instructions?
Find the section of code referenced in the text (page 362). We're going to patch the instruction at location 00401341 with NOPs just as in the book, however, the steps are different in IDA Pro.
Left-click anywhere in the line numbered 00401341, then from the main menu select Edit: Patch Program: Assemble. In the pop-up that appears, enter NOP then OK (see below).

Q3: What was this value, now showing db 15h, before we edited the JNZ instruction at location 00401341?
In the dialog box that opens for location 00401342, also enter NOP, then OK.

Recall the previous message box about inconsistency between the disassembly and the debugger? IDA Pro was basically telling us that the debugger is not running our changed version of the disassembly, but rather still running the original program. To apply our change, we're going to generate a file of changes using IDA Pro and then apply the changes to the original executable using a separate program. Use Ctrl-F2 to kill the debugger process if you haven't already (but don't quit IDA Pro or close our session - we need to save those changes).
From the IDA Pro main menu, select File: Produce File: Create DIF File. Use the default location (which will be where the key4.exe file is), and name the file key4 (IDA PRo will add the .dif extension).

Q5: Paste the dialog box that appears after entering data into the key4.exe input boxes and selecting OK.

Reference

Eilam, E. (2005). Reversing: Secrets of reverse engineering. Indianapolis, IN: Wiley Publishing, Inc.

Attachment:- Hands.rar

Reference no: EM132732295

Questions Cloud

Rachel quick and maria decasa : What can Maria's mom do to make Maria's meal more appealing? Share two activities will help children and their families understand different cultures.
Effective strategies paper : Describe their team-building techniques and strategies used to transform their company.
Discuss art form or cultural development : Discuss one art form or cultural development that originated elsewhere but which is currently a part of American culture.
Chronic open-angle glaucoma vs. acute closed-angle glaucoma : Compare the symptoms, assessment, and diagnosis of chronic open-angle glaucoma with those of acute closed-angle glaucoma.
What do the items in this list represent : What are the offsets (the value after .text: on the left of your screen) for the four Call MessageBoxA instructions and Paste the dialog box that appears
Genome of organisms escape detection : Our DNA is subject to mutations on a daily basis. Why do most mutations that occur in the genome of organisms escape detection
Explain regulation of gene expression in eukaryotic cells : Explain the regulation of gene expression in eukaryotic cells. Explain how cancer is formed.
Establish good character with this audience : How does Heston establish his good character (ethos) with this audience? What are their likely political views in comparison to Heston's?
Prepare necessary accounts to close the books of the firm : Prepare necessary accounts to close the books of the firm - insolvent and only Ksh. 2,000 could be recovered from his private estate.

Reviews

Write a Review

Software Engineering Questions & Answers

  Characteristics and features of even-driven programming

Write a short guide to the basics of event-driven programming and to demonstrate your coding skills and techniques -

  How many phases do the ones you found on the web contain

Prepare a document (minimum of one page) answering the following questions: Do all these life cycles follow the same general path? How many phases do the ones you found on the Web contain

  Create a uml use case

Create a UML use case using the use case example. Each use case must have a minimum of 10 ordinary events and 3 alternative events. The actors in your use case will include the customer or member

  Create a program that runs a race

DSED05 - Object Oriented Programming and Data Structures - Create a Program that runs a race and allows betting on the outcome-(Not a Dog race)

  Give 3-4 features of the model which crystallized your

choose a software development methodology to be used for this project based on the specific need of the project and the

  1 to enable students to select and justify the choice of

1. to enable students to select and justify the choice of appropriate inputoutput devices and communication styles for

  Software development practices

Agile Development is a blanket term that covers a wide variety of software development practices many of which have been codified and documented.

  Create a wbs for the scope of the project

Determine the factors that must be considered and observed throughout the WBS development process and explain why.

  Project communications planning

Determine what aspects of your assignment communications planning would you adapt for large-scale transnational IT projects in which the project teams.

  Explain technique for developing prototype of user interface

Describe techniques for developing prototypes of user interfaces. You must add at least 5 critical issue UI design items to your interface. Remember to ensure

  Identify the functional software requirements for gui

Describe a GUI you designed so that others can use it; do not allow them access to the programming (black-box testing).

  Draw an appropriate er diagram

Draw an appropriate ER diagram - Use the symbols as prescribed in your course-textbook to draw the ER diagram (ERD) for the above case study.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd