<aside> <img src="/icons/die1_gray.svg" alt="/icons/die1_gray.svg" width="40px" /> WRB 1.0 - Finding Main Function of any program

</aside>

• Used Programs:

For preface, how do we reverse something? We should have TOOLS! you can use x64dbg, or IDA (But I don’t recommend because it is not good for learning assembly or raising your reversing sense.) to reversing something.

Soooooooooo! Let me cut off the start.

Firstly, there are unnecessary codes. (like kernel32 header import, etc..) you don't have to pay attentions on this, so you should ignore these and find some necessary codes, lol.

Like, you have this program like this in Visual C++ 2012:

#include "Windows.h"
#include "tchar.h"

int _tmain(int argc, TCHAR* argv[]) {
  MessageBox(NULL, L"Hello World!", L"www.reversecore.com", MB_OK);
  return 0;
}

If we open this in x64dbg, (You can download it in here) the interface will show like this:

• Figure 1.0.1: EntryPoint

These two are all stub codes (which is automatically included by Visual C++), you should find main function that we need to find in the stub codes. (Also, EntryPoint means that if you run the program, the entry point is the first code that program executes.)