Long before there are so many engineering essentials in the reverse engineering industry today, we used the word "cracking", which is full of independent spirit and casual breath, to refer to the cracking behavior in the early days to resist the inherent closed characteristics and monopoly essence of commercial software culture. Early crackers are not as lucky as today's reverse engineers. They have many powerful and rich automated analysis tools and mature methodologies. However, the spirit and culture embodied in these pioneers are worth learning.

Orc, the originator of Cracker, is one of the legends who are both engineers and philosophers. As the earliest sermon on cracking, 18 "How to crack" written by Orc is widely circulated. In addition to pure technical content, there are many spiritual metaphors and philosophical thoughts. In his works, the formidable decompiled code is called "Code Tree", and the cracker who has the honor to step into this territory is like an ascetic hunter in the jungle of mountains and rivers. They searched hard along the clues left by the goal, waiting for the moment when they met head-on. However, the perfect fortune and good karma will not easily care for ordinary novices. Before they get the common truth, they may inevitably experience the sadness and joy after touching the hidden mirror again and again, the self-doubt and longing when they are lost in the code jungle, and the sigh after the dark flowers bloom. For those who are old-fashioned, the process of cracking is more like a spiritual practice, which helps you find yourself and find a better self in this journey. +ORC mentioned more than once in his courses that practitioners should not forget the Zen of cracking when cracking.

Perhaps any fascinating culture or skill can't escape the fate of rebuilding order under the tempering of commercial torrent, just like punk culture and rock music. With the convening of various black hat and gray hat conferences, more and more security enthusiasts and hackers emerge from the underground, trying to seek success in this profit-driven industry ecology. Therefore, in this industry where the division of roles is gradually refined, the cycle of black hat exploitation and white hat emergency is alternately shortened. For the leaders of various black hat organizations and security agencies, it has become the primary problem they need to solve to stick together a group of gifted but often unusual and expensive security engineers and find a balance between their creativity and engineering controllability. Whoever can handle this problem better can often seize the opportunity in this game situation where every second counts.

Python language seems to have become the trend direction in this evolution trend, and it is also the demand of the security technology community. This wizard, which has a simple and fast scripting language and rigorous engineering characteristics needed to develop large-scale projects, has become a kneading agent among many hackers. There is a popular slogan in Python community, "Life is short, please use Python", and the idea embodied in Python coincides with what hackers and reverse engineers expect today. This may help us to explain why many excellent security projects and hacking tools choose Python. For example, Bai Mei, which enjoys a high reputation in reverse engineering, is a project realized by pure Python. Pedram Amini, the author of "White Eyebrows" and a big bull in the industry, has always had a good preference for Python. Another praiseworthy debugger tool, Immunity Debugger, is the work of a well-known security organization, Immunity Inc Based on Python's powerful low-level operating ability and engineering characteristics, the hackers of Immunity abstract an API between the low-level and upper-level applications of a complex operating system. From this, we can appreciate the wisdom and excellent strategy of Dave Aitel, the leader of Immunity Inc and an old hacker, in designing security products and cooperating with many security researchers. These are very worthy of reference and study by domestic institutions with unsatisfactory safety technology research and commercialization development.

In the process of translating this book, I debugged the code involved in the book, found some problems in the original book, and sent an email to Mr. Justin, who confirmed this.

Thanks to Hannibal of Team 509 for proofreading this book, which is my source of confidence in completing the translation work.

Thanks to my friends Zhao, Zhao and Zhao for their generous help.

Thanks to Mr. Bi Ning from Bowen Publishing House for his tolerance and understanding of the mistakes I made in my first translation!

Ding Yunqing

20 1 1 February in Shanghai