Underground InformatioN Center [&articles] | |
[network & security news] [RSS & Twitter] [articles, programing info] [books] [links, soft & more...] [soft archive] | [home] |
Tools (dead-listing from IDA) 00402601 call ds:MSVBVM60_596 ;rtsInputBox d eax. Wow! Its my serial. bpr eax eax+5 00402607 lea edx, [ebp-0A8h] 0040260D lea ecx, [ebp-24h] 00402610 mov [ebp-0A0h], eax 00402616 mov dword ptr [ebp-0A8h], 8 00402620 call ds:__vbaVarMove ;not interesting 00402626 lea ecx, [ebp-98h] 0040262C lea edx, [ebp-88h] 00402632 push ecx 00402633 lea eax, [ebp-78h] 00402636 push edx 00402637 lea ecx, [ebp-68h] 0040263A push eax 0040263B lea edx, [ebp-58h] 0040263E push ecx 0040263F lea eax, [ebp-48h] 00402642 push edx 00402643 push eax 00402644 lea ecx, [ebp-38h] 00402647 push ecx 00402648 push 7 0040264A call ds:__vbaFreeVarList ;not interesting 00402780 add esp, 20h 00402653 lea edx, [ebp-24h] 00402656 lea eax, [ebp-0B8h] 0040265C mov dword ptr [ebp-0B0h], offset loc_401FD8 00402666 push edx 00402667 push eax 00402668 mov dword ptr [ebp-0B8h], 8008h 00402672 call ds:__vbaVarTstEq ;that's it!!!F5. SoftICE will pop at: cs:653C045E REPZ CMPSW JZ FUCK_U_CRACKER d esi. 310032003300340035003600 d edi. DF00CB002000CA006C00E800E9005400Hmmmm. Looks like the correct serial is 'ЯЛ КlийT'. (serial is best viewed with DOS-mode ;) Serial:='alt+223'+'alt+203'+' '+'alt+202'+'l'+'alt+232'+'alt+233'+'T'; Ok. Change JZ with JNZ and do some F10 until you get: cs:653C04AC CMP [EBP-04],EBX ebx=10h [ebp-04] is length_of_the_serial*2Correct serial should be 8 symbols long. Ah.Almost forgot. There is a nag. Lets remove it. Run SC and click on the nag menu. Look at the 'Program Event' window -_Click MsgBox[not interesting for us ] In the 'Details' window you see: CRACKME.EXE!0000248B(no debug info) In IDA at 0000248A: 0040248A FF 15 28 10 40 00 call ds:MSVBVM60_595 ;rtsMsgBoxWhat are you waiting for? Run your favorite hex-editor and change those 6 bytes with NOP. Thats all Thanx for reading and... ...sorry my terrible inglish ;) Greets to... Genocide Crew members All my friends (you know who you are) All crackers in the world ;) Corbio corbio@mail.ru Genocide Crew Member uinC Member [c]uinC
Все документы и программы на этом сайте собраны ТОЛЬКО для образовательных целей, мы
не отвечаем ни за какие последствия, которые имели место как следствие использования
этих материалов\программ. Вы используете все вышеперечисленное на свой страх и риск. |
[network & security news] [RSS & Twitter] [articles, programing info] [books] [links, soft & more...] [soft archive] | [home] |
Underground InformatioN Center [&articles] |
2000-2015 © uinC Team |