1)What is the problem....
I am trying to find out what a program is doing to get the next number in a serial. I do not fully understand these lines:

mov eax, dword ptr (ebp-04)
cdq
push 0000001F
pop esi
idiv esi
mov al, byte ptr (ebp+edx-24)

I know that it is taking the number in EAX and divides it by 1F, but my problem is I can not figure out, the number in EDX.

IE EAX = 317 and the number in EDX is A.

2)What is the protection.....
SERIAL
3)What tools are you using....
W32DSM, ULTRAEDIT32, SOFTICE
4)What tutorials have you read....
ALOT
5)Show your output listing WITH comments....
?
6)NOW ask your question....
What the heck is going on with EDX.

the CDQ will convert your 32-bit EAX into 64-bit by using EAX:EDX

idiv will put the quotient of the division in EAX, and the remainder in EDX.

To continue squidge I'd suggest that there is some array at ebp-24 address which lenght = 1e bytes and finally you have at al some value from that array.

(But as meant by squidge you had to guess it yourself )

Heh, damn right

TRACER asked what was going on with EDX, so I told him. Nothing more, nothing less

This remembered me when I was analising the code of SplishSplash... I didn't know about these two instructions too, but I keep an Opcode reference with me always... you should do the same.

Regards,

Thank you for your assistance. I have found that if I take the hex value and convert it to decimal then divide that by 31 (1F) then divide the remainder by 31 again I get the value that is in EDX in decimal form. Problem now is rounding. I already have figured out how to patch the program and the actual serial, but I am trying to write a keygenerator. The program uses the machine code to create a serial.

if the true serial appears in the program the most simple way is to make keygenerator inside the main application. Usually there is msgbox saying "you're bad guy bla bla". By changing address of that annoying string to address where the true serial is stored you'll get working keygen. Such programs make me crying.

Thank you Banshee for the tip. I do not know how to perform that task that you have explained above. Could you possibly tell me where I might find a tutorial on that subject? Not to repeat myself in another forum on this site, but I have successfully written the keygenerators for the programs. I would like to improve them by automatically getting the "Machine Code" of the computer ie("3355794638", but I don't know were it is located. Heck I don't even know were the programs are getting that number. Help on that subject would be great.

See my reply in the advanced forum.


dELTA