|
-notepad maximized with wordwrap on
-tutorial no.1 written by tracer_v
-dificulty: easy/medium for newbies
-tools: SoftIce any version but i prefer v4.0 and also a
BRAIN hehe
1. Hi there newbies this is my first tutorial on cracking:)
and i'd chosed this little program because i've read the
tutorial of <TeCh~LoRd> who cracked it with w32dasm so i
think that are lots of people that do not use w32. i
cracked this one with SoftICe. So let's get crackin' k?
2. Let's learn on how this little app works well:
-the dir has like about 217.760KB
-Swlipi32.exe 83.456KB
-we see some files not realy important i think:)
-use quick view to see the breakpoints but in our case they
are hidden :(
3. Start the porgram and a notice appears (it sucks) and
our little box with enter password yeah!. Enter a random
code e.g. 11223345 and don't press enter yet. Load sice and
breakpoint on GetDlgItemtexta (e.g. bpx getdlgitemtexta) we
use "a" at the end because it's a 32bit app. If something is
wrong on the breakpoint introduction check the winice.dat
and remove the quotes on:
EXP=c:\windows\system\kernel32.dll
EXP=c:\windows\system\user32.dll
EXP=c:\windows\system\gdi32.dll
ok so we're on sice and press F11 and the dasm will say
that we are in SWLIPI32 ok that's good it will show like
this:
CALL USER32!GetDlgItemTextA --- our breakpoint
CALL 00401C84 --- trace this call with F8
TEST EAX,EAX --- a zero flag boolean that shows 0 (false)
JZ 00401E68 --- jump to the messageboxa Invalid password
annoucement
CALL 0401C84
.
.
PUSH 004119D8 --- not important(yeah right:)
LEA EAX,[EBP-50] --- i see something very interesting here
our data in eax remains constant after this so this
function loads our great serial number ehe test it "d eax"
and it shows ZD6-kP8-B634
-enter our serial number and finish u've made it u realy
cracked this application
-this is the most easy to cracked all that u need is to
understand the protection scheme
-so what do u think was it dificult? i don't thinks so u
all need practice and if u don't understand something pls
email.
Credits
Written by: tracer_v
email: tracer_v@hotmail.com
13/12/01 |