buf
March 1st, 2004, 07:42
Hi all
I just recently started reversing (although I think that's an expensive word for what I really do), and have done only disassembler approaches (dead listings). I thought it was easy enough to reverse some jumps and make the progs think they were registered. Now I was thinking about trying some serial fishing. Judging from the tutorials and posts I read, it seemed simple enough and it was a way to progress from just the jump reversing.
So I got myself a file, since it could be useful to the work too, and tried to fish it.
Just so you now (and if you want to see the code, cause I don't have it here - I'm writing from work), the program is Target Name and Addy Removed So, I disassembled it, and found the famous GetWindowTextA. And then I made myself debug it (I used OllyDbg), set a breakpoint on GetWindowTextA and the program stopped there when I tried to register.
As far as I could understand, the first time it stopped was to get my username. So far, so good. It gets the user, and starts making call after call inside call, and then I get lost. I managed to see that the prog was converting each letter of the user to hex, but not its real value in hex, instead something xored.
The prog does something similar with the serial, but I can't seem to follow the logic.
I've been around it for two weeks and with no success. Can't find the compare to the real serial, can't find an error message no reverse the jump (exescope shows a window of "Registration Failed", but I never get to see it), can't find the correct serial in memory although I have traced into ALL the calls and have been watching the stack and dump windows os OllyDbg...
I used fileinspectorXL to see if it was packed, and it says it's packed with Shrinker 3.2, but DeShrink says otherwise.
I would be really thankfull if anyone could point me in the right direction.
Oh, by the way, I'm not asking for a serial or crack, just some tips. I'm sorry I can't paste de code here, but it would be too large anyway, cause I don't understand most of it. I tried to avoid posting stupid questions, but I have nothing but stupid questions.
Sorry for the long post, just trying to make it clear for everyone. Excuse my english.
Thanks all.
I just recently started reversing (although I think that's an expensive word for what I really do), and have done only disassembler approaches (dead listings). I thought it was easy enough to reverse some jumps and make the progs think they were registered. Now I was thinking about trying some serial fishing. Judging from the tutorials and posts I read, it seemed simple enough and it was a way to progress from just the jump reversing.
So I got myself a file, since it could be useful to the work too, and tried to fish it.
Just so you now (and if you want to see the code, cause I don't have it here - I'm writing from work), the program is Target Name and Addy Removed So, I disassembled it, and found the famous GetWindowTextA. And then I made myself debug it (I used OllyDbg), set a breakpoint on GetWindowTextA and the program stopped there when I tried to register.
As far as I could understand, the first time it stopped was to get my username. So far, so good. It gets the user, and starts making call after call inside call, and then I get lost. I managed to see that the prog was converting each letter of the user to hex, but not its real value in hex, instead something xored.
The prog does something similar with the serial, but I can't seem to follow the logic.
I've been around it for two weeks and with no success. Can't find the compare to the real serial, can't find an error message no reverse the jump (exescope shows a window of "Registration Failed", but I never get to see it), can't find the correct serial in memory although I have traced into ALL the calls and have been watching the stack and dump windows os OllyDbg...
I used fileinspectorXL to see if it was packed, and it says it's packed with Shrinker 3.2, but DeShrink says otherwise.
I would be really thankfull if anyone could point me in the right direction.
Oh, by the way, I'm not asking for a serial or crack, just some tips. I'm sorry I can't paste de code here, but it would be too large anyway, cause I don't understand most of it. I tried to avoid posting stupid questions, but I have nothing but stupid questions.
Sorry for the long post, just trying to make it clear for everyone. Excuse my english.
Thanks all.