OPCDE Crackme Solution


image

Thanks to Mohamed Saher for publishing a complete 63 pages solution for the Student Crackme.

This solution is a great opportunities for beginner to learn about reverse engineering but also understand in more details the Micro Virtual Machine used in it.

Access to the full solution HERE.

Table of Content

1 Introduction

2 Prerequisites

3 Outer Layer Analysis

  • 3.1 File Format Information

4 Inner Layer Analysis

4.1 Disassembly

  • 4.1.1 Startup Entry-Point
  • 4.1.2 main/wmain Entry-Point
  • 4.1.3 VM Interpreter/Dispatcher Entry-Point

4.2 VM Analysis

  • 4.2.1 VM Architecture
  • 4.2.2 VM Instruction Format
  • 4.2.3 VM Instructions
  • 4.2.4 VM P-CODE
  • 4.2.5 VM Interpreter/Dispatcher
  • 4.2.6 VM Disassembler

5 Possible Solutions

  • 5.1 Abstract Static Analysis
  • 5.2 Dynamic Analysis via Debugger
  • 5.3 Concolic and Symbolic Execution
  • 5.4 Constraint Solver

6 Extra

7 Conclusion

8 Acknowledgments

9 Contact

10 GPG Key