#Tutorial_In_Arabic_0x1

تعلم استخدام ghidra و radare2 لتحليل البرامج و حل التحديات


رابط التطبيق CrackMes.One

سكربت بايثون معتمد على دالة Check
Pass_Gen.py

الفيديو بواسطة
@Mohamed_Abozaid1

#New_Cracking_Era

☛ Solving a Simple CTF based on C Programming Language Using Ghidra and Cutter

◉ strncmp() In Official C Documentation

int strncmp( const char* lhs, const char* rhs, size_t count );

◉ For The Source Code and The Compiled App Check Comments

☛ Github Source

☛ For Ghidra

☛ For Cutter

☛ For radare2 Plugins

𖣘 There is a typo in the video it should be strncmp not strcmpn, I apologize for that

➭ By 𝓜𝓸𝓱𝓪𝓶𝓮𝓭 𝓐𝓫𝓸𝔃𝓪𝓲𝓭

#New_Cracking_Era

In this video you will not learn to mod an app from Google play

This is a basic video for people who want to understand the logic of the apps

The video is based on UnCrackable-Level1

I hope that you will enjoy with it
*sorry if some words aren't clear

Credit : @Mohamed_Abozaid1

⌲ Cracking a Windows Application

➜ in This Video :

◉ in x86 64 assembly learn :
- loops
- conditions
- control flow
- decrement
- saving values in registers and switching between them

◉ Understand The logic To find the password

◉ Control application stack flow to bypass the checks for the correct password

◉ New function in C/C++ (memcmp)

◉ an overview about using radare2 and commands

➜ By @reverseengineer101 | @Mohamed_Abozaid1

➜ YouTube :
https://youtube.com/@reverseengineer101

➜ Facebook :
https://www.facebook.com/profile.php?id=61563280511293&mibextid=ZbWKwL

Something great is coming 😉

@reverseengineer101

If you are asking about this
This is a solution for the owasp challenge UnCrackable-Level2
In this tutorial you will learn how to analyze full the app and understand its behavior, to bypass root detection by Frida and manually by patching the app, find the activation code which will be in the native code and this will open your eyes on how the integration between java codes and native codes is also what is JNI at the and finally how to patch disassembly by radare2 to bypass the checks of the secret code and more !

I know that there are a lot of people solved that change but I worked on it in a different way with various methods to solve problems

Tools you should know :

1 - radare2 :
> official website :
https://rada.re/n/
> github :
https://github.com/radareorg

2 - Ghidra :
> official website :
https://ghidra-sre.org/
> github :
https://github.com/NationalSecurityAgency/ghidra

3 - IDA Free / IDA Pro (Hex-Rays) :
https://hex-rays.com

4 - Cutter :
> official website :
https://cutter.re/
> github :
https://github.com/rizinorg/cutter

5 - iaito :
> official website :
https://rada.re/n/iaito.html
> github :
https://github.com/radareorg/iaito

6 - reflutter :
https://github.com/ptswarm/reFlutter

7 - B(l)utter :
https://github.com/worawit/blutter

8 - Apktool :
> official website :
https://apktool.org/
> github :
https://github.com/iBotPeaches/Apktool

9 - Jadx-gui :
https://github.com/skylot/jadx

10 - dnSpy :
https://github.com/dnSpy/dnSpy

11 - Binary Ninja :
https://binary.ninja/

12 - x64dbg :
https://x64dbg.com/

➜ Solving OWASP's challenge UnCrackable-Level2

➜ You can consider this video a crash course (Beginner Friendly)

➜ APK full analysis

⚠ This app is made for security testing and reverse engineering propuses

❍ Tools and Resources :

🔗App link : https://mas.owasp.org/crackmes/Android/#android-uncrackable-l2

◉ Frida releases : https://github.com/frida/frida/releases/tag/16.4.8

◉ Radare2 :
https://rada.re/n/

◉ Jadx-gui :
https://github.com/skylot/jadx

◉ APKtool :
https://apktool.org/

◉ Keytool :
https://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html

◉ Jarsigner :
https://docs.oracle.com/javase/8/docs/technotes/tools/windows/jarsigner.html

◉ adb :
https://developer.android.com/tools/adb?hl=ar

⊷ Genymotion :
https://www.genymotion.com/

◉ Java :
https://www.java.com/en/

◉ Python :
https://www.python.org/

⊷ If you are interested about the OS (Kali Linux) :
https://www.kali.org/

➜ Keep Supporting Us @reverseengineer101

I will upload on YouTube ASAP