HEHE look at the program,what do u see? hehe well u see to textA boxes and u need to fill the name + serial to make the crackme/program work.
enter your favorite name Mine is:
first name: Shani
serial: 123456 <= very easy to remember ;)
open your fav black debugger SoftIce ;)
set a nice breakpoint BPX HMEMCPY
press f5/ctrl+d
Press OK on the Try It... button...BOOOMMM Sice poped up ;)..for me aleast..j/k :)
we are in the Hmemcpt hehe ;)
press F12.(to be in the crackme/program code) i presses 7 times untill we see in the code window this: RET [return], we dont want to be in RET or any loop, so i pressed f12 five more times untill i didn't see any RET command :).
after u wont see any RET command u will be at this code:
XXXX:YYYY LEA EDX,[EBP-0C]
now what??? easy....TRACIG....:)
press f10 to trace...then look for CMP and MOV <= those are good commands for us ;).
ok this will be very short for u to trace..trace un till u will see this:
xxxx:0042508f CMP EDI,ESI <= this compare our fake serial with the right serial that is generated acording to the name and the program algo.
how to see ou fake/right serial?? well this is easy to...since we dont know what esi/edi holds and "d" wont show it for us we will use "?" ;)
type:
? esi <= will show us in the code window our fake serial
? edi <= will show us in the code window the correct serial/
so for me it's"
name = shani
serial = 246048656
what have we done so far:
1.enter serial/code and ect.
2.bpx HMEMCPY
3.press f12/F10
4.? ESI/EDI
you know what?? YOU HAVE CRACKED ANOTHER CRACKME/PROGRAM ;)
