View Full Version : About jump over the crc check
Ollyxyz
July 10th, 2007, 00:48
hi
im newbie in ollydbg and assembly language.. i just wanted to ask how to jump over the crc check.
please a brief explanation would be really helpful
thnx in advance
blabberer
July 10th, 2007, 01:43
jump before JMI sees you like this
ZaiRoN
July 10th, 2007, 03:22
First of all you have to identify where the crc is located at. Once you know you can try to jump over the check.
Suppose you have something like:
Code:
...
push esi
xor eax, eax
<crc check instructions>
inc edi
pop esi
...
If you want to avoid the crc check you only have to jump over it. The best way is to add a jump instruction directly at the beginning of the crc check. The jump will lead you at the end of the crc check instructions block, at "inc edi". In this way you jump over the crc check.
naides
July 10th, 2007, 05:32
That is deep, profound stuff,
ZaiRoN!
Ollyxyz
July 10th, 2007, 05:40
thanks alot zairon
Ollyxyz
July 10th, 2007, 06:28
zairon , can u please also explain what really crc check it is and where can i find that, like .dll files or .exe
if its tht then how really can i edit /jump over in ollydvg
thanks in advance
squidge
July 10th, 2007, 07:19
sounds like someone needs to learn how to use ollydbg first and read the faq
crc checks can be found in .dll, .exe and others.
zairon has explained how to jump over in ollydbg already.
FrankRizzo
July 10th, 2007, 08:55
A CRC can be many things. Some of the more simpler types are the checksum type where they SUM (add) all the bytes in a file, or section of the code together, and then expect the result to match what it was when THEY did it. (So, if you change anything, the sum is different, and they know you've been tampering in there).
Another type is to XOR (Exclusive Or) all the bytes together, and check them much the same way as mentioned above.
The simple (at least in theory) way to find the checksum routine in a program is to set a READ breakpoint on the address that you intend to change, and run the program. When the program reads the address the breakpoint triggers, and you'll be in the middle of the function doing whatever type of math it's doing to compute the check. From there, you should be able to find the CMP or whatever that's checking it, and disable it.
This was a "cracking 101" level discussion, if ANY of it didn't make sense, you need to study as was mentioned above. I would recommend an assembly tutorial, and the Olly documentation if you don't understand. The initial learning curve is steep, and don't ever expect to know it all, but you CAN learn this. It just takes time.
FR (23 years experience, and still don't know it all).
LLXX
July 12th, 2007, 10:43
Looks like
someone lacks a few billion neurons

Ollyxyz
July 12th, 2007, 20:47
well, from where i should start to learn asm? i mean before asm shud i learn any specific languge?
evlncrn8
July 13th, 2007, 00:15
read your signature.....
Powered by vBulletin® Version 4.2.2 Copyright © 2020 vBulletin Solutions, Inc. All rights reserved.