Lena's Tuts Corrections: 01. Olly + assembler + patching a basic reverseme
Posts 1–2 of 2 · Page 1 of 1
Lena's Tuts Corrections: 01. Olly + assembler + patching a basic reverseme
Lena's Tuts Corrections
01. Olly + assembler + patching a basic reverseme
I have noticed that this Reverse Engineering section has never flourished, let alone started on MPGH, which is a shame as Reverse code engineering is one of the most crucial if not the most important skill needed as a game hacker. Therefore in an effort to learn reverse engineering and create some content in this forum I will be starting a series called "Lena's Tuts Corrections". -why06
Introduction:
Having tried Lena's Tutorials before and failed to keep up, I know that even though the tutorials claim no knowledge is needed, a good understanding of Windows API's and some basic assembly knowledge can make a lot of difference. Most important though is the knowledge not to take everything you hear at face value even when your a noob starting out. There are Some errors in Lena's Tutorials. This guide will show newcomers some of the few errors in grammar/vocabulary/code to look out for when learning from Lena's Tutorials. It also serves as a general summary and introduction to what to expect from each tutorial.
What this covers:
This tutorial covers some basics of using OllyDebug, and is an excellent introduction to OllyDbg in its own right.
It will introduce the following assembly instructions: CALL, MOV, JMP, JE, JL, TEST, AND. You should know what these do before you begin the tutorial, though they are explained in the tut.
It will also introduce registers, the explanation given in the tut is adequate for what you'll be doing.
Flags: O,Z,C,and S are used. I reccommend you know them all and under what condition they are set.
A few Windows API's are covered. You should understand how to call the API's in C++. What they do is explained in the help file. It is important to know that API calls place their return values in the EAX register.
Errors: Grammar/Vocab: She uses the word "resume" a lot. What she means is "review" in almost every case.
Code: At one point where reviewing the ReadFile API she claims that the parameter pBytesRead, address at 402173h, "would have been filled by CreateFile". This is not true. that parameter is set by the function using it; ReadFile. Also it is utterly unimportant to the reversing session. The parameter that you should pay attention to is the file handle (0xFFFFFFFF) and the Buffer (at 40211A).
Last Word:
Practice! If you can not complete the ReversMe without viewing the tut, you haven't learned to do it on your own. When you can your ready to move on.
What's Included:
The tut ofcourse
A document on the basics of assembly language
The reversme
A list of OllyDbg Shortcuts
GoodLuck! *File uploaded to decrease stress on tuts4you. As well as to provide a backup if their server fails.*