I know there is a patch out there to fix this, but I just wanted to know how it is done. I would like to get started learning how to crack. I have the concept down. I understand what is suppose to happen. I understand that I can look for certain strings that pertain to "Evaluation" "Expired" and so on. I even noticed what files need to be edited.. AxCsOptions.dll and AxCS.dll. I can find the strings but I don't understand what to do next. In some most of the cases I have seen the application had 1 location to edit to avoid the popup window, this one shows me 10 locations where the string is relative. Anyways, keep in mind I have a slight learning disablity so I would need someone who is a little patient with teaching me the basics. Thanks for your help.

If you have actually read our FAQ, which was specifically called to your attention on your way into these Forums, you would already know that WE DON'T TEACH YOU THE BASICS! The BASICS are something YOU are supposed to RESEARCH on your own, by reading alot of information about BASIC reversing on the internet, and reading many tutorials, again available through YOUR OWN research on the internet.

What YOU are supposed to DO, is AFTER you have spent some considerable "Time" and "personal effort" LEARING THE BASICS, you are supposed to attempt to actually reverse something simple and when you then get stuck, you are supposed to come here, or some other Forum, and ACTUALLY SHOW that YOU have made that EFFORT and STUDY and HAVE actually attempted to find the answers to YOUR question on the internet and/or these forums, BEFORE you post a question here.

As has been said many times, this is NOT a Kindergarten, where someone takes you by the hand and LEADS you to the promised land of "reversing" game or program "X" or "Y", particularily when you apparently haven't invested some substantial time and effort of your own acquiring the "basics" of "reversing."

What your post demonstrates, is that YOU actually haven't spent very much time, on your own, attempting to learn those BASIC skills necessary to actually become a "reverse code engineer."

For example, you are looking for a string which leads to a "popup window" and you declare you want to "avoid the popup window." You apparently do not understand that this will ONLY prevent the window from coming up and will, most probably, do absolutely nothing "useful" to prevent the program from checking for its status and whether or not the "evaluation" period has expired.

What you need to do is go back and do a substantial amount of more detailed study of the BASICS. For example, how does a program KNOW it is "licensed" or an "evaluation"?? How, and maybe more importantly, where does the program keep the method and information by which it keeps track of "how long" you might have been "evaluating" it???

What good is it going to do you if the window saying the "evaluation is over" doesn't "popup, but the program, itself, still knows you have had it on your computer for 35 days or "whatever" the limitation may be???

What you need to do is spend some quality time READING information easily avaliable on the net, about HOW programs attempt to protect themselves from your prying eyes and how they might go about the task of determining "how long" the program has been on your computer and the various methods of making that determination and where the mechanism which attempts to conceal that process, from "reverser's" like YOU, might be concealed and how.

If, in fact, you actually have a "learning disorder", and are not simply making that statement in the hope we will cut you some slack for your complete failure to follow our clearly posted Rules, then that simply means the YOU will have to work that much harder, YOURSELF, studying by yourself about the basics YOU need to research, find, and understand.

There is NO EASY PATH through the dark codewoods. Finding the correct path takes substantial time and personal effort. It certainly appears that you have not yet "invested" much or either that time or effort.

Regards,

unfortunately, I am not joking about the learning disability. I wouldn't wish it upon my worse enemy. I have managed to get by in life. That said, let me tell you I don't care about you or anyone bashing me.. I don't know you and you don't know me.. so what purpose would it serve? Anyways back to assistance... I do have a question and maybe you can assist me.

It is going to be a step by step thing here.. but for I have figured out how to change certain things about the program like "Unregistered to Registered" //yeah i know woop woop. who cares right? well, Im learning.. the next thing I was going to do is change the registered name from "-" to of course my name..

the part has me kind of stumped because it checks a registery key.. but when I alter that key it changes it right back.

here is the source

.text:1100AC50 dd offset aAlicensedetail ; "ALicenseDetails" <- this is in the registry under the next statement and the next, example: \General\LastOptionKey\ALicenseDetails
.text:1100AC54 dd offset aLastoptionkey ; "LastOptionKey"
.text:1100AC58 dd offset aGeneral ; "General"
.text:1100AC5C dd offset dword_11022788
.text:1100AC60 dd offset dword_11022798
.text:1100AC64 dd offset dword_110227A8
.text:1100AC68 dd offset dword_110225C8

so now, I traced it to

.text:1104A778 aHisProductIsLi db 'his product is licensed to:',0
.text:1104A794 ; ---------------------------------------------------------------------------
.text:1104A794 add eax, 690010Eh //which from what I figure is adding some address to another?
.text:1104A799 mov ebx, 1200C308h /is moving the data to this address I guess?
.text:1104A79E pop es /pop i think gets data, I am assuming from es?
.text:1104A79F add [eax], bl /now I think it is adding the data back to bl?
.text:1104A7A1 jmp large dword ptr ds:1 /i guess now we are suppose to jump somewhere, but i dont get it. large dword is a large variable, ptr is pointer i think.. which is usually a address in memory ds:1 i have no clue

Before this goes into another long round of post/counterpost that has nothing to do with RCE...
It's amazing how often first time posters think JMI or someone is "bashing" them, when in reality he is posting useful advice, even though they may not recognize it as such.

The underlying message here is that you need to learn the Basics. Yes, you know that, and that's why you're here. I mean the VERY basics, which is evident from your post that you are confused about.

To start with, you've mentioned a target by name. We'll let that pass for now, but that does go against our rules and policy, so you're not going to get detailed help in cracking this specific target anyway.


I guess everyone starts with some target that strikes their fancy, but I would honestly suggest you totally forget about cracking this target for now and concentrate on reading a few basic tutorials and do a few guided crackmes. Really, I mean it. It will pay off in the long run.


You see, the problem right now is that you are unable to recognize or read assembly instructions. The code you posted after the .text:1104A778 aHisProductIsLi is NOT code. It may be random bytes which are converted to a licensed name or something like that, or may have nothing to do with the ascii text at all. IDA has disassembled them as instructions, but it's up to you to be able to recognize whether or not that is correct and if they should have been declared as data or undefined instead.


The main thing you're doing wrong is that you're reading the instructions (which aren't really valid instructions anyway), backwards.

>add eax, 690010Eh //which from what I figure is adding some address to another?

No. IF this was a valid instruction in this context, it would be adding the value 690010Eh TO the value already in the EAX register.

>mov ebx, 1200C308h /is moving the data to this address I guess?

No. Again, the instruction would be moving the value to the EBX register.

>pop es /pop i think gets data, I am assuming from es?

No. It's an invalid instruction in this context.

>add [eax], bl /now I think it is adding the data back to bl?

Again you're misinterpreting the *direction* of the instruction. BL would be added to the contents of the address in EAX, not the other way around.

etc.


So, now that you've got a sense of how assembly instructions are *supposed* to be interpreted, this should point out one of the BASICS that JMI mentioned which you should study.


Kayaker

um, i fixed the title because of the name of the company. Sorry about that.. I'm really not trying to make enemies here... just trying to make friends. I have a hard time learning something by reading it. It has always been easier when someone teaches me. Since I don't know anyone with these types of skills I figured I would look here. Thanks for the useful advice guys. Sorry if I got a little defensive.

Is there any videos on this? something that would tickle my fancy besides crackmes. That's like taking dummy classes for no credits in college. I know, it prepares you for the future but is sure sucks and it makes it even harder to learn something when I am not interested in it.

The first thing I ever read when I became interested in reversing is: "How to crack" by the Old Red Cracker.

http://www.google.com/search?hl=en&sa=X&oi=spell&resnum=0&ct=result&cd=1&q=how+to+crack+%2Borc&spell=1

If video tutorials work better for you google "lena151 tutorials".

cosmicneo:

Just to make it clear, you are not making any "enemies" here. I do not take it personally when our Posting Rules are either ignored or not followed. It is part of my job function on these Forums to remind new users of what is expected of them and what I post is often intended as a general reminder to other's who may come later and skip actually reading the FAQ.

As has been suggested, if reading and remembering what you have read is a problem, video tutorials might help you a great deal. Lena has some useful ones and there are others you could search for on the net.

"How to crack" by the Old Red Cracker" is also available here on our server.

http://www.woodmann.com/fravia/orc1.htm

There are a number of useful links at the bottom of these Forums with substantial information for those just starting out in reversing.

Regards,

If you are not good with documents, then try here.

http://video.reverse-engineering.net

But eventually you will have to get used to documents to get more high quality information. Good luck.

I obviously have no idea what you mean by a learning disability, but if it's something laid on you by a modern educator, I would ignore anything they have told you. All this modern crap about attention-deficit disorders is a cop out to excuse parents who have parked their kids in front of television sets as babysitters. Whereas dyslexia would be a bummer to a kid who didn't understand, adults who suffered that as a child have gone on to overcome it. The converse of that is a Richard Feynman, whose father was encouraging him to explore science at the age of five.

There is such a thing in psychology as 'learning to learn'. When I went to university, I had to learn how to learn. No one holds your hand at university, as they do in school, and you have to learn how things are done or you sink. There is an actual process of repetition, taking and condensing notes, review, doing problem sets, etc., that is involved in learning. Even beyond that is the process of insight and learning to recognize it and have confidence in it.

There are systems for ingesting information and skills. It takes some people longer to learn the same thing but persistence will pay off unless you have an actual brain impairment. A situation like that reminds me of those parents who have children with Down's Syndrome, in tears, because they lost a race at the special Olympics. I question putting children with brain impairments in competition, understanding from years of highly competative sports how emotionally challenging a loss can be. By the same token, I don't know why someone would take up RE if he/she had an impairment like DS. Then again, that's not for me to say.

The fact that you feel you have the ability to learn reverse engineering suggest to me your brain is working adequately. Perhaps if you outlined the difficulties you are having, it would be easier for people to help. I know people who are petrified about going back to school because they did badly in the first place. Once your confidence is shot, it's hard to try again. Going back to school for me would mean going back to a point where I completely understood what I was doing, even if that meant going back to grade 1. If you start any later, you will always have that hole in your understanding of a subject, and it will come back to haunt you.

Reversing is not something you can go back to school to learn. We all have difficulties and we all learned with very basic packages like those mentioned in another post (+ork). There's a reason JMI went after you, as he does everyone and it's because he knows what it takes to learn RE and has posted a large sign at the entrance saying 'read the FAQ'. All the steps are there. If your learning disability prevents you understanding that, I don't see how anyone can help you with anything in RE.