PDA

View Full Version : Reversing an app that uses RPC services


me255
September 16th, 2008, 14:45
Hello,

I'm currently investigating the licence check of an application.
The application uses a service and a front-end.
Within the frontend application you can add a key and a licence file.
So far, I can say the licence file & key are checked using a RPC call.
The RPC call is directed to a service that is loaded at the start of the computer.

My problem is I can't follow the RPC call and then I can't see how the licence checks are done. Are there any tricks to make it easier ?

I'm currently using Olly and dbgrpc

Thank you in advance !

Kayaker
September 16th, 2008, 19:08
Hi

There's no reason I should have to tell you this, but the first hits for 'dbgrp' in google yield a "primer" on debugging RPC with WinDbg. If you haven't tried it then I don't think you've exhausted your preliiminary research.

http://kobyk.wordpress.com/category/rpc/

me255
September 17th, 2008, 12:17
Thank you for the reply. I've already read the link you provided (that's where I learned of dbgrpc) but I have a hard time using Windbg and attaching it to my service process.