Kayaker
October 11th, 2001, 13:31
Hiyas,
OK, Less talk, more action. There's always something new to learn, so here's a nice crackme by the_dux that deals with tracing in vxd code.
There's a basic serial routine within the vxd that you need to extract and build a keygen for. This part is fairly straightforward. The interesting part is in understanding how a vxd is accessed by a program, which Win32 and VMM API calls are used to call and load the vxd, and how the basic messaging system within a vxd is constructed.
You don't need to know how to program a vxd (though it would help immensely
, but a basic knowledge is helpful. I'd recommend at least 2 items to help:
Iczelion's VxD Tutorials:
http://win32asm.rxsp.com/tutorials.html
The Virtual Machine Manager Services (VMM) Help file. You may be able to find vmm.hlp elsewhere, but I had finally dug it up at a page that no longer works, so I'll upload it here (400k) as well for reference.
A reliable way to break into a dynamically loaded vxd I use is with
BPX VXDLDR_LoadDevice
and trace from there. Or you can find a Win32 API to break on as it's called.
Have fun,
Kayaker
OK, Less talk, more action. There's always something new to learn, so here's a nice crackme by the_dux that deals with tracing in vxd code.
There's a basic serial routine within the vxd that you need to extract and build a keygen for. This part is fairly straightforward. The interesting part is in understanding how a vxd is accessed by a program, which Win32 and VMM API calls are used to call and load the vxd, and how the basic messaging system within a vxd is constructed.
You don't need to know how to program a vxd (though it would help immensely

Iczelion's VxD Tutorials:
http://win32asm.rxsp.com/tutorials.html
The Virtual Machine Manager Services (VMM) Help file. You may be able to find vmm.hlp elsewhere, but I had finally dug it up at a page that no longer works, so I'll upload it here (400k) as well for reference.
A reliable way to break into a dynamically loaded vxd I use is with
BPX VXDLDR_LoadDevice
and trace from there. Or you can find a Win32 API to break on as it's called.
Have fun,
Kayaker