I'm new to this and trying to crack two diffarent programs with softice,with the first I can by-pass the serial check but can't find the true serial..although i keep on finding ..x.e.p.e.p.t... when I dump various registers,the prog is Windows Enforcer 6,I gave up looking and moved on to another totally un related prog and found the same string in that too....is it a problem i have with something or is it a very,very strange coincidence
Cheers

Maybe you should try reading some tutorials. There are plenty of newbie tutorials at both http://zencrack2.cjb.net and http://crackmes.cjb.net

I was following a tutorial for Enforcer V4 but didnt seem to be able to find that version.It was a simple question do i have a problem with Softice or not...Yes or No would have been fine...I know as much now as I did when I posted the first message.If I'm missing the obvious fair enough I'll look again,and again.But ive been at it for a week,learnt a lot about ASM as i knew nothing two weeks ago,but not enough I see,just wanted to check I hadnt got a fault and that the answer was there even if I cant see it.

Hi,
Hmm yes or no would be fine, ok yes then again no it could be your attitude thats the problem.
regards

Just lemme say this:

The likelyhood of such a bug in SI is so small, I doubt it's even infinitisimal
Now really. The chances are way too slim that this is a SI problem.
It could be that the two protections rely on something in your system, or something else that is common and thus you see the same kind of string.
Don't worry dude, keep at it, but keep refreshing your mind with tutorials all the time so you don't get lost in the code.
Once you get the hang of it, it'll look much easier later on.

LS

Yes, it's a problem you have with something ;-)

Your "real" serial may never get loaded into memory as a string....the entered serial, may just get compared to certain mathematical procedures and if it passes them all, it's good, if not, it's a bad serial.

Don't give up easily, but you need to start with the basics and work your way up. These programs may be a bit advanced for you at this point. Try a few tutorials, and when you learn a bit, go back and try them again ;-)

I suggest qferret.cjb.net (plug plug), or www.idca.com/~thesandman/index2.html.

For a first proggy, I would suggest Winzip, as it's extremely easy, and the serial IS held in memory, so you'll kinda find out what to look for.

LOL, hey LS, next time you pop sice, check out the data window. There's e's x's p's and various other chars everywhere (mostly 1st 3 though)......coincidental ascii representation of the hex notation.

Hi,

I downloaded the Windows Enforcer proggy and had a quick look at it.

Bypassing the checks is pretty easy...there are three of them. The first simply checks if the user entered string is the correct length of 24 characters (a pretty long string for a serial). The second and third checks are jz / jnz flags.

...Finding the real serial on the other hand may not be so easy. Without extensively analyzing the algorithm, it appears to be using a couple of look-up tables. One appears to be generated from your serial and the other appears to be constant. The elements in these arrays are compared. Unfortunately, generating the table from your 24 digit serial is no simple case of "serial fishing" in memory as there seem to be some extensive mathematical operations occuring / possibly some form of encryption. IMO, reversing this algorithm might be more trouble than its worth...though it could be interesting if you have the time to play with it ;-)

Might I add that Maud Dib's advice of reading some tuts is good advice. CrackZ has a number of key gen tutorials if that is your area of interest. It takes time and *much* effort to get over the initial learning curve in learning to crack / reverse. IMO, 2 weeks is nothing in the scheme of things. By first getting a good foundation in asm, reading tuts, and learning to use your tools effectively, you'll save yourself much agony and frustration. I speak from personal experience! :-)

Regards,
Clandestiny

Thankyou all...It seems that this one is a little out of my depth (most seem to be) but I am having a lot of fun...at least i know it wasnt staring me in the face...
Thanks again,
Steve.

I apologize in advance for this post, if I piss off anybody. Steve posted a question in a NEWBIE forum, i.e. he is far from being an expert, and got a flurry of condescending answers, sending him to read the Tuts, or criticizing him for his attitude.
I have to say this because I have been in his place. If you don't ask your Newbie questions in here, the NEWBIES forum, then where?
Clandestiny went well out of his way to post a sensible answer, probably because he has been in Steve's place before, as I have been.
The people that know Soooo much about reverse engineering should answer a post if they are willing to help, not to bash a newbie or to demonstrate their contempt. We all know you have been through the boot camp, please don't kick us.
I think Steve's question was fair, though misguided. The answers could be more sympathetic.
.

Hi,
I don't wan't this to turn into a long slagging off thing so my last words on this subject. I actually was trying to help, his
curt reply to being directed to tutorials was
out of order, if you are polite then others will be the same, if not..

regards

I would like to say that my comments were in no way intended to sound disrespectfull of Tutorials or their Author's,I have the greatest respect for people who take the time out to write them for the benefit of people like myself,who really do seem to be staring into the Abyss when starting from scratch.
Sorry if my words were misrepresentative of my true opinions.
Steve.

Hey guys, I doubt any of the posters in this forum intended to insult or hurt. As for directing a newbie to tutorials, well, it might seem a bit harsh to hear: you're not good enough, go read some tuts and then try again.
But bare in mind folks, nobody actually said that. And refering a newbie to tutorials is sometimes the only advice we can give.
This doesn't come to badmouth or demoralize the newbie or any1 else posting here, it's just that the point we're trying to make is to grasp a GOOD understanding of the basics, and then try again and again untill you get it right.
It's maybe unfortunate that the only learning tools available comes down to the tutorials, but that's the way it goes now.
For the people who struggle with programs, don't give up, time will make it's magic, and suddenly you'll discover you've learned a whole lot of useful things.
Keep at it and keep learning.

LS

I didn't mean it to look *very* harsh ;-)

As anyone who's seen any number of my postings can verify, I'm a complete smarta$$ at heart :-D

Hi
If you want to try to follow tutorials with the original progs, try my tuts section.
If you can't get the original version that the tut is about, e-mail me, i kept ALL the originals, so just drop me a note what do you need, and I'll send it to you or tell you where to download it from.
It is realy helpfull to follow same version as in the tutorial..
http://snakepage.cjb.net
Good luck
the snake