Princess' Tread Monday, 22-Feb-99 17:47:48 Here are my thought on the program so far (Only half way there) My .dat file is like this 0B 00 50 72 69 6E 63 65 73 73 20 0D 0A 24 22 A1 …. Then 100 bytes… The one hundred bytes I have something in but it is unimportant at this moment This will get be through all the checks until it checks the encrypted 100 bytes. (it will write to the screen Registered to Princess) but will overwrite that when it checks the next 100 bytes. The program first accesses the .dat file at 0122 . Here it looks for two bytes (in reverse order) on my case 0B 00 This is the length of the user name Princess (I had to put in a space at the end of the name as my Ultra Edit kept putting in a return at the beginning of the file as it recognized the 0A as a line feed, therefore messing up my checksum) Next it puts the user name at 0667 At 0169 - 0177 it creates a checksum from the username which it compares with the checksum in the .dat file (reverse order [ 22 A1]) At 019C - 01AF it decrypts 100 bytes with the help of the 30 bytes from table at 01B1 - 01CD and the bytes at 660 - 666 These 100 bytes overwrites the bytes at the beginning of the program with new code ( a new created table) This alters the line numbering slightly. (At first I thought this might have been some sort of logo. If you put them in 9 lines of 11 each they almost make a nice large Z or matrix. In other files Ghiribizzo have used matrixes) At 01DA the user name is printed on the screen with "Registered to" (this will be overwritten as my .dat file is now) From here we jump to 053E where the last 100 bytes from our .dat file is put into 0667 and is manipulated in the next bit of code. (exactly what it does I have not yet gotten to understand) It is interesting that the generated bytes at 0100 and the bytes picked up from the .dat file is both 100 bytes. Princess Princess |
Princess' Tread (Princess) (22-Feb-99 17:47:48) |