home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Reverse Code Engineering RCE CD +sandman 2000
/
ReverseCodeEngineeringRceCdsandman2000.iso
/
RCE
/
E_bliss
/
eb_tut26.txt
< prev
next >
Wrap
Text File
|
2000-05-25
|
3KB
|
91 lines
Tutorial Number 26
Written by Etenal Bliss
Email: Eternal_Bliss@hotmail.com
Website: http://crackmes.cjb.net
http://surf.to/crackmes
Date written: 18th Jul 1999
Program Details:
Name: CrackMe 1 by tazdevil[4110]
Tools Used:
SoftIce
Cracking Method:
Serial Sniffing
Viewing Method:
Use Notepad with Word Wrap switched on
Screen Area set to 800 X 600 pixels (Optional)
__________________________________________________________________________
About this protection system
This program requires a Name/Serial to register.
_________________________________________________________________________
About this tutorial
Since this is my 26th tutorial, I will presume that you have read the
previous ones. So, my description on how to use the tools will be reduced
unless there are new methods.
This is a very short tutorial to show what serial fishing is like and
how easy it can be.
_________________________________________________________________________
Softice
First, run the CrackMe. Type in any Name and Serial you want.
Set the hmemcpy breakpoint in Softice by typing "bpx hmemcpy".
Exit Softice by pressing F5.
Click on the OK button to register.
hmmm. Softice didn't pop??
What this means is that the CrackMe must have validated the serial while you
are entering the serial. This is quite common. So, since the bpx has been set,
just type in one more char for the serial.
Softice will pop.
Now, keep pressing F12 until you get to the program's code and not windows'.
After some time, you will see below.
00401766 E809B00100 CALL 0041C774 <- hmemcpy is called inside
0040176B 8D4DFC LEA ECX,[EBP-04] <- thus you land here
0040176E 51 PUSH ECX
0040176F 8D45F8 LEA EAX,[EBP-08]
00401772 BA78563412 MOV EDX,12345678
00401777 E8B8990300 CALL 0043B134
0040177C FF45F0 INC DWORD PTR [EBP-10]
once you see this place, if you were to type "d eax", "d ebx" or
other registers, every time it changes, after the call at 00401777,
you will see ecx and edx changing colour which means that the value they
contain have changed.
type "d edx" and you will see your correct serial in the data window.
CrackMe Cracked!
__________________________________________________________________________
Final Notes
This tutorial is dedicated to all the newbies like me.
My thanks and gratitude goes to:-
All the writers of Cracks tutorials and CrackMes
and also to all the crackers that have been supporting my site and project forum.