Hi all,
this time the announce is very special for two reasons: this is another tutorial I wrote these days and it is the number 200
yes, we released so far 200 original unreleased tutorials, this is an astonishing result and I wish to thanks all our fellows in this adventure and all of those who contributed in writing tutorials and genarally speaking keeping our community alive and so active. Let continue this wonderful experiment we call ARTEAM have to live for a long time till.
This is the tutorial.. Reversing Of A Protection Scheme Based On Drivers: Sandboxie Sometime happens to fall into an interesting protection which reveals to be nicely implemented and nice to describe into a tutorial. This time is the turn of SandBoxie, a program that has an nice protection schema. I thought it could have been useful to reverse and document in a tutorial, mostly because I used a lot a combination of OllyDbg and IDA Debugger. This time I preferred using IDA as much as possible to understand the code and then OllyDbg only to verify the assumptions done. This method of investigation is usually very common when you have to analyze malware, but also very handy, because IDA allows saving of reversing sessions, code editing, name changing and so on.
I added to this new version the complete process of keygenning the program, the methods, the sources and all the required explanations. Useful to people willing to learn the whole process that starts from the initial analysis of a program to its complete keygeneration.
Sources included.