Toby
March 20th, 2009, 15:32
Hi,
I'm new to RCE (but not to programming), so expect the general Newbie stuff from me :-) Yeh maybe not something like "How to crack?"...
I started a few days ago with RCE by examining simple stuff in Notepad and Minesweeper...(to learn the basics, how to use the programs [Olly & IDA],...).
Now I tried to find out how I can read the information of an PartyPoker-Table. So I used Olly to find calls to DrawTextW and I was able to locate the printing of the username + balance
So DS:[EBX+8], DS:[EBX+10] are holding the proper values, and DS:[EBX] is the address to the user-class (i think). At the begining of this function ECX was copied to EBX, so I search for the caller of "DisplayUser" (how i called the method at 100DC28B). I (Olly^^) found it at 100B1255 and recognize that from 100B1243 to 100B1295 is a loop (through the user array?).
But I'm not able to find the base-address to the array.
So this is the first building lot.
The second one: I recognize many calls to MCF42Lu with a number (e.a. MCF42Lu#537). MCF42 is a lib for c++, but for what? Also is there a possibility
to find a reference which #number does what?
The third one: How do I find the locations at which the program draws the images (like DrawTextW)?
The last one: I went the way from the user-interface to the data...maybe it is better to find the place where PartyPoker gets the data...so which methods are responsible for making http-request (or maybe other protocols).
I know many of these commands in higher programming languages (namely c#) and now search an assembler equivalent.
Thanks!
I'm new to RCE (but not to programming), so expect the general Newbie stuff from me :-) Yeh maybe not something like "How to crack?"...
I started a few days ago with RCE by examining simple stuff in Notepad and Minesweeper...(to learn the basics, how to use the programs [Olly & IDA],...).
Now I tried to find out how I can read the information of an PartyPoker-Table. So I used Olly to find calls to DrawTextW and I was able to locate the printing of the username + balance
Code:
100DC446 |. FF15 EC173410 CALL DWORD PTR DS:[103417EC] ; \USER32.DrawTextW, display username
100DC4F9 |. FF15 EC173410 CALL DWORD PTR DS:[103417EC] ; \USER32.DrawTextW, display balance
So DS:[EBX+8], DS:[EBX+10] are holding the proper values, and DS:[EBX] is the address to the user-class (i think). At the begining of this function ECX was copied to EBX, so I search for the caller of "DisplayUser" (how i called the method at 100DC28B). I (Olly^^) found it at 100B1255 and recognize that from 100B1243 to 100B1295 is a loop (through the user array?).
But I'm not able to find the base-address to the array.
So this is the first building lot.
The second one: I recognize many calls to MCF42Lu with a number (e.a. MCF42Lu#537). MCF42 is a lib for c++, but for what? Also is there a possibility
to find a reference which #number does what?
The third one: How do I find the locations at which the program draws the images (like DrawTextW)?
The last one: I went the way from the user-interface to the data...maybe it is better to find the place where PartyPoker gets the data...so which methods are responsible for making http-request (or maybe other protocols).
I know many of these commands in higher programming languages (namely c#) and now search an assembler equivalent.
Thanks!