nezumi-lab
January 22nd, 2009, 18:19
not Baghdad actually, just Borland stuff. it’s russian jargon. borland => baghdad (they sound quite similar). well, you want to hack a Baghdad program? and breakpoints do not help you to hack it fast? well, guys…
set breakpoints on library functions. IDA-Pro recognizes them and once they have been recognized and addresses determined - feel free to use any debugger - Olly or Soft-Ice.
the most interested functions are listed bellow (of course, the list is incomplete, just gives you an idea what to do):
http://nezumi-lab.org/blog/?p=86
set breakpoints on library functions. IDA-Pro recognizes them and once they have been recognized and addresses determined - feel free to use any debugger - Olly or Soft-Ice.
the most interested functions are listed bellow (of course, the list is incomplete, just gives you an idea what to do):
@TControl@GetText$qqrv ; TControl::GetText(void)btw, there is a good plugin for Olly - GoDup ("http://www.openrce.org/downloads/details/103/GoDup") (by godfather+) allowing to use IDA-Pro signatures directly.
@System@@LStrCmp$qqrv ; System::__linkproc__ LStrCmp(void)
@Sysutils@Now$qqrv ; Sysutils::Now(void)
@Sysutils@DecodeTime$qqr16System@TDateTimerust2t2t2 ;; Sysutils:ecodeTime(System::TDateTime,ushort &,ushort &,ushort &,ushort &
@Sysutils@StrToInt$qqrx17System@AnsiString ; Sysutils::StrToInt(System::AnsiString)
@Controls@TControl@SetVisible$qqro ; Controls::TControl::SetVisible(bool)
@Controls@TControl@SetText$qqrx17System@AnsiString ; Controls::TControl::SetText(System::AnsiString)
@Mask@TCustomMaskEdit@GetText$qqrv ; Mask::TCustomMaskEdit::GetText(void)
http://nezumi-lab.org/blog/?p=86