![]() | |
Re: Re: Re: Re: Simple solution Wednesday, 03-Feb-99 04:14:02
Greetings Prencess, I am sorry to say that you are missing something important about how the program works. First whether the byte we are talking abou is number 10h or 11h realy is not important, it all depends how you count my first number is 0 not 1 and that is to be consistent with the way computer represent numbers. The issue on which we differ is the content of that byt. It is true the program chechs for a noe zero byte at that location, but sisnce you have a none zero value in byte 20h (my way) or 21h (your way) the resulting code generated during the two calls to 401116 and the call to 4011c1 generates a 12 bytes of key. I have thoroughly discussed this in my thread, take a look at it if you have the time. You will be able to see it for yoursel if you look at the memory 40204b. The jumped you noped has nothing to do with by passing any thing, all what it does it forces the program to pass the copmarison and load eax with 00000001. For your convinience, I included the bit of code below. :004011FA B903000000 mov ecx, 00000003 ;Number of loops to be done :004011FF AD lodsd ;Load eax form memory address in esi, the real key.Esi is otomatically incremented by 4 :00401200 8B1F mov ebx, dword ptr [edi] ;load ebx from memory address in edi, the fake key :00401202 83C704 add edi, 00000004 :00401205 3BC3 cmp eax, ebx :00401207 750C jne 00401215 ;You noped it there will be no jump :00401209 90 nop :0040120A 90 nop :0040120B 90 nop :0040120C 90 nop :0040120D E2F0 loop 004011FF ;this will loop back until ecx=0 :0040120F B801000000 mov eax, 00000001 :00401214 C3 ret Best regards, Joseph Joseph |
Princess's Tread (Princess) (29-Jan-99 15:08:40) |
|
Copyright © InsideTheWeb, Inc. 1997-1999
All rights reserved.