Greyhound2004
July 20th, 2008, 17:06
I am working on a target that gives you the usual 30 goes and the usual option to register with name and serial number. I have found that the number of uses count is stored in a dll file in ascii. When you exceed 30 uses it writes ascii 51 to
the dll file. You can zero the count even after 30 uses. Looking at this dll both with a hex editor and with Wdasm it seems to contain nothing but two ascii characters in locations 012C and 012D the file length is 1024 bytes long.
I previously established that the program exe is packed with asp v2 and have expanded it into a new unpacked exe using aspack die. This seems to work ok.
I'm thinking that when the prog starts it must read the 'number of uses' value in and compare it to 30. I've tried looking for things like 'GetOpenFileNameA' to set a break point on.
What I would like to know is how does a prog like this know what file to open?
Where would the file name be stored and in what form?
The program itself uses none of the usual message box api calls.
-------------------------------------
learning slowly and a long way to go !!
the dll file. You can zero the count even after 30 uses. Looking at this dll both with a hex editor and with Wdasm it seems to contain nothing but two ascii characters in locations 012C and 012D the file length is 1024 bytes long.
I previously established that the program exe is packed with asp v2 and have expanded it into a new unpacked exe using aspack die. This seems to work ok.
I'm thinking that when the prog starts it must read the 'number of uses' value in and compare it to 30. I've tried looking for things like 'GetOpenFileNameA' to set a break point on.
What I would like to know is how does a prog like this know what file to open?
Where would the file name be stored and in what form?
The program itself uses none of the usual message box api calls.
-------------------------------------
learning slowly and a long way to go !!