Thursday, March 29, 2012

Reverse Engineering books

"Practical Malware Analysis" by Michael Sikorski and Andrew Honig.
We can recommend this book for the beginners in RE. It gives good overview of the very basic techniques and tools each researcher must know.
Most common techniques are Basic (Initial) Static and Dynamic Analysis of the target to observe its behavior in the wild. Then Advanced Static and Dynamic Analysis to identify how that logic realized.
Short overview of the OllyDbg, IDA Pro and WinDbg is enough to start working with that very powerful tools. May be later you will find that IDA Pro covers almost all functionality of OllyDbg.
Described simple Anti-Disassembling, Anti-Debugging and Anti-VM techniques. Added notes on C++ reversing, Position Independent Code (PIC), 64-bit targets.
Posted by at
Labels: ,

Wednesday, February 1, 2012

Howto: Where is the emulator' devices?

Most often emulator has control device and one or few virtual devices, representing dongles.
Right click on 'My Computer' and select 'Manage' menu item.

Then choose 'Device Manager'

Emulator control device usual in the 'System devices' branch, like on the image above.
Virtual dongles must be in the corresponding branches. For example, 'Universal Serial Bus controllers' or 'HID devices'.
Posted by at
Labels: ,

Monday, October 17, 2011

ANN: Essays about the software licensing

We start the series of articles about software licensing. Our articles aimed to different group of readers, so you can use labels at the side panel to filter category.
Articles marked with "Home users" explain usage rules of protected software, common problems and instructions to resolve them. "Reversing" label intended to reverse engineers and would be historical notes about our software research experience. "Developers" label is for the software developers. Articles with such label will include tips and tricks on software licensing. And for sure "Offtopic" label for all other essays.
If you want to publish something related to software licensing or ask a question, feel free to send us an e-mail to support@nodongle.biz.
Posted by at
Labels: , , ,

Windows Vista, Win7: Emulator does not start.

Lets check the possible reasons if hardware key emulator (virtualization software) does not start.

  1. You try to use 32-bit solution on the 64-bit system or vise versa.
  2. Emulator system driver does not have a valid signature
  3. Emulator requires extra license
  4. You do not have Administrator privileges
  5. Anti-VM or Anti-Debugger protection
Problem 1 symptoms are
 * devcon.exe tool shows 'devcon failed' error during the installation
 * In the "Device manager" - "System devices" you can find 'Unknown device'



Problem 2 symptoms are
 * After a solution installation virtual device has status 'Error 37' or 'Error 39' or 'Error 52'




Problem 3 symptoms may differ and depend on the protection features.

Problem 4 symptoms are
 * devcon.exe tool shows 'devcon failed' immediately after start
 * No new devices in the "Device manager"



Problem 5 symptoms may differ and depend on the protection options.
Posted by at
Labels: ,
Subscribe to: Posts (Atom)