Description of the Exercise

Imagine that you have just implemented a C/C++ version of a Windows® 32-bit console application called “Password Vault” that helps computer users create and manage their passwords in a secure and convenient way. Before releasing a limited trial version of the application on your company’s Web site, you would like to understand how difficult it would be for a reverse engineer to circumvent a limitation in the trial version that exists to encourage purchases of the full version; the trial version of the application limits the number of password records a user may create to five. This limitation is very similar to limitations found in many shareware and trialware applications that are available on the Internet. The C++ version of the Password Vault application was developed to provide a non-trivial application for reversing exercises without the myriad of legal concerns involved with reverse engineering software owned by others. The Password Vault application employs 256-bit AES encryption, using the free cryptographic library crypto++, to securely store passwords for multiple users—each in separate, encrypted XML files.

Software for the Exercise

Password Vault C/C++ Windows Application
OllyDbg (machine code debugger-disassembler)

Solution for the Exercise

For instructional purposes, an animated tutorial that demonstrates the complete end-to-end reverse engineering of the C/C++ Password Vault application was created. The tutorial begins with the Password Vault application and OllyDbg already installed on Windows. Note: viewing the animation requires a Flash player, such as Ruffle.

Wintel Reversing and Patching Exercise Animated Solution