How To Reverse Engineer Using OllyDbg

To start with obfuscate, we are taking one reverse engineering tool, which is OllyDbg. The other aspect of this is how to reverse engineer any EXE to crack the licensing problem in the software. 

Obfuscation is a complex term which is  nearer to reverse engineering, that shows you the way to secure your source code from reverse engineering. Reverse engineers analyze your source code in assembly language and try to manipulate that source code using debuggers and by that, it removes the security or licensing or maybe they make an alternative software.

So, to remove such a possibility, we can include some meaningless extra code in your source code so that a reverse engineer cannot easily break the software and this is all about the obfuscation.

How to reverse engineer

In here, we are taking a keygen.exe that is having some requirement such as Enter you name, Enter your password. And, if you get matched with the correct details, you crack the EXE otherwise – nice try !

Download Ollydbg: OllyDbg 

Figure1 Keygen.exe

As you can see in the above image, the details are wrong and that is why the wrong password message gets printed. Now, what we are going to do is that we will simply try to surpass this whole wrong password thing to – Right Password with the help of OllyDbg.

OllyDbg is a 32-bit assembler level analyzing debugger for Microsoft® Windows®. Emphasis on binary code analysis makes it particularly useful in cases where source is unavailable.

We will upload this EXE in OllyDbg, then we will debug this file so that we get the source code where we can analyze the code with the help of the right jump conventions in the assembly language. We will find those jumps and make them non-operational, that will simply surpass the matching details and print the right password message.

Figure2 OllyDbg

As you can see, the EXE file is loaded in the software. The source code you see is  X86 assembly language and might be messy if you work  it for the first time. Below, I have shown the reference architecture of X86 registers which are quite useful while dealing with assembly language.

To understand in an efficient way, try this link: x86 Instruction Set

Now, we will start to debug, so that we can find the exact referenced string to work out. We are finding the string – Right Password. Once we find that, we have to check out if it's calling convention code - A jump.

Figure3 x86 assembly code

Now, we will find out the two jumps that actually make the comparison and matching for our name and password with its logic. So, what we will do here is that we just skip that logic by putting nop – non operation, by selecting that jump >> right click >> Binary >> Fill with Nop.

Figure4 Non Operation jump

Now, test your EXE again to see if it is working or not and if it gives the direct Right password message or not. There are many ways to do it; this is just the beginner level. However, you can find its right password by putting breakpoints and analyzing the ASCII dump that got created in the software.

X86 Instruction Set For Reference

I hope you liked it. Thank you for reading, Have a great day.


Build smarter apps with Machine Learning, Bots, Cognitive Services - Start free.

Start Learning Now