newbcrk
May 29th, 2003, 09:15
Searching the windows “wrong serial” under softice
Hello I do this to my messagebox
1/press F12 and put breakpoint on each call
2/Last F12 "wrong serial"-window pops up. At 0042D615 so breakpoint
3/Trace with F10 ; "wrong serial"-window pops up at 0042D674
4/Step into the call (F8)at 0042D674
5/ Delete or disable the breakpoint 0042D674
6/ trace on with F10 ; put breakpoint on each call
7/Lot of call so breakpoint
8/at 44FE73 windows pops but brieffly only so F8 in this call and trace with F10 all the time I return 44E73
9/meet a loop do beginning in 44E73 at 44FBE1 that I can’t leave .
Finally the window “wrong serial” never , never appears
How to find the last line wich pops the nag-screen ?
:U 0044FE73 L FF
017F:0044FE73 E8E4300000 CALL 00452F5C ;; step in with F8
;; I find 2 Calls and a call user32SeekmessageA and that's all ;my message box don’t pops
017F:0044FE78 8B03 MOV EAX,[EBX]
017F:0044FE7A 80B89C00000000 CMP BYTE PTR [EAX+0000009C],00
017F:0044FE81 740F JZ 0044FE92
017F:0044FE83 8B45FC MOV EAX,[EBP-04]
017F:0044FE86 C7804C02000002000000MOV DWORD PTR [EAX+0000024C],000000
017F:0044FE90 EB14 JMP 0044FEA6
017F:0044FE92 8B45FC MOV EAX,[EBP-04]
017F:0044FE95 83B84C02000000 CMP DWORD PTR [EAX+0000024C],00
017F:0044FE9C 7408 JZ 0044FEA6
017F:0044FE9E 8B45FC MOV EAX,[EBP-04]
017F:0044FEA1 E836FDFFFF CALL 0044FBDC ;; can't access without
; r fl z
017F:0044FEA6 8B45FC MOV EAX,[EBP-04]
017F:0044FEA9 8B804C020000 MOV EAX,[EAX+0000024C]
017F:0044FEAF 85C0 TEST EAX,EAX
017F:0044FEB1 74BE JZ 0044FE71
;; jump above all the time (loop do )
017F:0044FEB3 8945F8 MOV [EBP-08],EAX
017F:0044FEB6 6A00 PUSH 00
Hello I do this to my messagebox
1/press F12 and put breakpoint on each call
2/Last F12 "wrong serial"-window pops up. At 0042D615 so breakpoint
3/Trace with F10 ; "wrong serial"-window pops up at 0042D674
4/Step into the call (F8)at 0042D674
5/ Delete or disable the breakpoint 0042D674
6/ trace on with F10 ; put breakpoint on each call
7/Lot of call so breakpoint
8/at 44FE73 windows pops but brieffly only so F8 in this call and trace with F10 all the time I return 44E73
9/meet a loop do beginning in 44E73 at 44FBE1 that I can’t leave .
Finally the window “wrong serial” never , never appears
How to find the last line wich pops the nag-screen ?
:U 0044FE73 L FF
017F:0044FE73 E8E4300000 CALL 00452F5C ;; step in with F8
;; I find 2 Calls and a call user32SeekmessageA and that's all ;my message box don’t pops
017F:0044FE78 8B03 MOV EAX,[EBX]
017F:0044FE7A 80B89C00000000 CMP BYTE PTR [EAX+0000009C],00
017F:0044FE81 740F JZ 0044FE92
017F:0044FE83 8B45FC MOV EAX,[EBP-04]
017F:0044FE86 C7804C02000002000000MOV DWORD PTR [EAX+0000024C],000000
017F:0044FE90 EB14 JMP 0044FEA6
017F:0044FE92 8B45FC MOV EAX,[EBP-04]
017F:0044FE95 83B84C02000000 CMP DWORD PTR [EAX+0000024C],00
017F:0044FE9C 7408 JZ 0044FEA6
017F:0044FE9E 8B45FC MOV EAX,[EBP-04]
017F:0044FEA1 E836FDFFFF CALL 0044FBDC ;; can't access without
; r fl z
017F:0044FEA6 8B45FC MOV EAX,[EBP-04]
017F:0044FEA9 8B804C020000 MOV EAX,[EAX+0000024C]
017F:0044FEAF 85C0 TEST EAX,EAX
017F:0044FEB1 74BE JZ 0044FE71
;; jump above all the time (loop do )
017F:0044FEB3 8945F8 MOV [EBP-08],EAX
017F:0044FEB6 6A00 PUSH 00