Log in

View Full Version : softice for a newbie


cornel
January 7th, 2002, 18:49
hi
Can anyone tell me in a simple understanding english how to use the F-keys in SI.I have read through a few tutorials
but the explanation thy give for like F8/F10 IS UNCLEAR TO ME.
What i like is a sort of example where the function keys can be explain to me.For me it looks as if F8 and F10 do the same thing iDUNNU.
Thanks
T

MTB
January 7th, 2002, 20:07
cornel
I could be mean and say RTFM but I will not. Go to sandmans site and down load his Softice tutorials. Hint one steps into the code, the other steps over it.
MTB

cornel
January 12th, 2002, 05:17
Hi
Is there perhaps someone who can give me a link to sandmans website cos i can;t open his site on my server.
Another question i have installed softice but now i can't open acrobat reader the latest version, i must disable softice, restart and then open AR, any suggestions.
I have read through a tutorial crackme2 by Acid Burn, but when i want to check the serial number by d edx it shows me a hello dude message, so where can i see the serial number or what must i do.
Is there someone out there who can perhaps help me.

Thanks

naides
January 12th, 2002, 08:25
Hi.
Answer to your acrobat problem ( this is a quote from a post made on an acrobat review site):

"Acrobat Reader 5.0 and Acrobat 5.0 refused to load in my computer all of the sudden. They would go loading modules until getting to DOCBOX.API and then stop. I uninstalled and reinstalled the program to no avail. I installed it in a different computer and had no problem. I located the offending file in the plug-in subdirectory of the ap called InterTrust. Then I realized that Adobe did not inter-trusted users with a debugger (Softice) running in their system. by either de-activating the debugger or deleting the distrust folder the reader loads just fine. If this was a security measure, was rather lame. Adobe, why don't you trust programmers?"

So Acrobat has a debugger detection device contained in the folder ....\Intertrust...! delete that folder and acrobat will not mind of your softice.

MTB:
I once went to see a doctor.
The doctor said: RTFM and handed me a thick volume with the title " Harrison's Internal Medicine". I was supossed to learn my way to the lingo, and figure out my problem, and then find myself the solution to it by thoughfully reading the book.

By asking an expert, or a doctor, you try to save yourself the pain, and the re-discovery process of having to invent the wheel again. What is obvious to you is quite difficult for some one else. But do not scorn us, the newbies: We are asking questions, so we are in learning mode.

riPPadoGG
January 12th, 2002, 11:56
Yea... buddy...
Times are bad.
Adobe is nowadays high on anti-RCE...
Please use IceDump along with S-Ice..

As for difference between F8 and F10, Go ahead and figure it out yourself. Break with S-Ice...go to a "call"...press F8, go to another call press F10. You will know the difference by yourself buddy, believe me.

Anyway best of luck with S-Ice. That is a damn nicely coded tool..

regards
doGG

Snatch
January 12th, 2002, 12:03
Good example with the book and doctor. I kind of agree. What is even more silly is "RTFM". Do you know how long it took me to discover what it stood for. I thought M=message at first then later learned manual. But anyway here is the appropriate response.

F8=Step(go into a call instruction)
F10=Step(go over a call instruction)

Adobe sucks yo. Now that I know that intertrust trick I am much happier. I was having problems with Softice and Acrobat until I started using the latest version of the debugger and acrobat and docbox.api just didnt load but acrobat worked anyway. Annoying stuff.

Snatch

MTB
January 12th, 2002, 20:25
naides

I am a newbie, the only way to learn softice is the hardway. I suggest to everyone here you find tutorials by sandman, mammon and fravia regarding softice.

Let see where do I start, the manual if you want to call it that sucks, or just is dated (really dated). The interface reminds me of code I used in the late 70's could do anything you wantted but took 2 years to learn under the guidance of a Sr. Engineer with 20 years experience.

I am currently trying to learn softice by REDOING a crack I did with IDA. Who knows I may learn how to use this hostile program!

As for the value of softice in reversing dongle codes is minimal, IDA is a much better tool in my opinion, not to mention it's a hell of a lot easier to use. My interest primarily is dongle protected software, which typically is easier to reverse than shareware.

May the force be with us in our exploration of Softice.

MTB

JMI
January 12th, 2002, 20:52
Here's a file that may provide some help in your adventures. Its from the #Cracking4Newbies site.

You'll find the ~Sandman's tuts on the Krobar site. Type Krobar in Google and you should find it without any trouble.

And if Snatch had taken the time to read this:

http://www.woodmann.net/fravia/rce-faq.htm

he wouldn't have been in the dark about RTFM. It and other important and useful information is there available for all who look around.

Enjoy.

Regards.

MTB
January 13th, 2002, 17:26
Is anyone interested in starting a softice for newbies class? I have a small target that was worked on before on this board. You will new SI (softice) running either using 98SE or NM, not 2K or XP, I am using 98SE.

Just an idea.

MTB