First things first, I am not a reverse engineer but I aspire to keep learning the needed skills. I am currently taking the ARES course from elearnsecurity. Its been a hobby of mine for a few years now.
Second thing, you may want to use a virtual machine with a few reversing tools installed such as ollydbg, IDA, CFF Explorer, PEiD, PEView, and HxD hex editor. There are a bunch of tools that do similar or same things, its just a matter of preference and opinion. Especially if you are wanting to look at malware or other malicious files. Obviously, run those types of things in a VM!
Third thing, All of the executable files that I will be showing are my own creation. So I will not only be able to show you the operation of the executable, but I can also show you the source code. It might be some nerd stuff to do but its quite fun and educational to debug your own programs.
Lets go ahead and run the application to get the gist of what kind of user interaction it requires.
CMP DWORD PTR SS:[EBP-C],7
It would translate into this:
CMP DWORD PTR SS:5,7
Obviously 5 is not equal to 7, therefore we get the fail message. Awesome! We have figured out this program pretty well! For our last exercise, we will patch this program so that it will allow us to enter ANY number and give us the success message. There are a couple of ways that we can do this however I am going to remember that PUSH EDX instruction and just change the CMP instruction to compare EDX to itself which will always = true. Remember that EDX holds whatever value we entered.
Double click on the CMP instruction, you should get a pop up like this:
Hope you guys enjoyed. The next tutorials will not be as detailed because from this one, I will expect you to be a little more familiar with how to save files, looking at the registers and locations etc etc. Please leave a comment!