JWcal
April 5th, 2004, 08:27
Hey people, just signed up here, this is my first post. 
I'm not exactly sure what to search as I'm unaware of the technical term used for this. Here it goes...
1. What is the problem....
I've read plenty of tutes but i haven't been able to find any that relate to my problem. I've found and changed a condition(JNZ to JE) and i get the correct Message Box showing but the program still remains registered.
2. What is the protection.....
Need some help here i think.
3. What tools are you using....
Ollydbg1.09d. Sorry can't get SI to work.
4. What tutorials have you read....
The ones at Krobar's under serial section.
5. Show your output listing WITH comments....
6. NOW ask your question....
(Can i bend the rules with 5 and 6?
)
The whole code that i want to post is quite large, i'll post it on request. Here is basically how i see it.
My serial is entered.
Stored in a register.
Call is made.
JNZ if code if fake.
Here are some problems:
1.) (As described above)When JNZ is changed the program executes as if it were registered(pops up "Success" box) but it really isn't.
2.) There are 4 parts to the section I think needs the "fixing".
Call something
JNZ wrong:
"Congrats"
some more code;
"Serial you entered is correct"
more code;
wrong:
"Invalid"
some more code(like the one after "Congrats"
"Serial entered is wrong"
Now when i enter the wrong serial i get "Serial entered is wrong".
When i change the JNZ i get "Serial you entered is correct".
Why do i not get "Invalid" or "Congrats"?
Here is the code that i dont understand
NOTE: Serial i entered is "123" and i have edited out the name of the program.
I breakpointed each line(Info straight from Ollydbg).
LINE 1:
EAX 0097E85C ASCII "123"
Z=0
LINE 2:
EAX 00000000
EDX 0097E85C ASCII "123"
z=1
LINE 3:
EAX 0097EB9C
EDX 0097E85C ASCII "123"
z=1
LINE 4:
EAX 0097EB9C
EDX 0048F350 Progname.0048F350
z=1
LINE 5:
EAX 00000000
EDX 00000001
z=0
Now my questions.
Is there something going on in those calls that needs to be changed to get the program registered? I had a look through each call and the first one is called 4 times and the 2nd is called like 15+ times.
Please tell me if you require more info.
Is there a specific tute i should read?
Is this program too advanced for me?
Any help will be greatly appreciated.
Cheers JW.
For some reason i tried posting this and it gave an error. Apologies if it did actually post but at this time i can't see where the thread is.
I'm not exactly sure what to search as I'm unaware of the technical term used for this. Here it goes...
1. What is the problem....
I've read plenty of tutes but i haven't been able to find any that relate to my problem. I've found and changed a condition(JNZ to JE) and i get the correct Message Box showing but the program still remains registered.
2. What is the protection.....
Need some help here i think.
3. What tools are you using....
Ollydbg1.09d. Sorry can't get SI to work.
4. What tutorials have you read....
The ones at Krobar's under serial section.
5. Show your output listing WITH comments....
6. NOW ask your question....
(Can i bend the rules with 5 and 6?
)The whole code that i want to post is quite large, i'll post it on request. Here is basically how i see it.
My serial is entered.
Stored in a register.
Call is made.
JNZ if code if fake.
Here are some problems:
1.) (As described above)When JNZ is changed the program executes as if it were registered(pops up "Success" box) but it really isn't.
2.) There are 4 parts to the section I think needs the "fixing".
Call something
JNZ wrong:
"Congrats"
some more code;
"Serial you entered is correct"
more code;
wrong:
"Invalid"
some more code(like the one after "Congrats"
"Serial entered is wrong"
Now when i enter the wrong serial i get "Serial entered is wrong".
When i change the JNZ i get "Serial you entered is correct".
Why do i not get "Invalid" or "Congrats"?
Here is the code that i dont understand
NOTE: Serial i entered is "123" and i have edited out the name of the program.
Code:
0048F0F5 E8 DEC4FFFF CALL ProgName.0048B5D8
0048F0FA 8B45 E0 MOV EAX,DWORD PTR SS:[EBP-20]
0048F0FD BA 50F34800 MOV EDX,ProgName.0048F350
0048F102 E8 F157F7FF CALL ProgName.004048F8
0048F107 0F85 02010000 JNZ ProgName.0048F20F
I breakpointed each line(Info straight from Ollydbg).
LINE 1:
EAX 0097E85C ASCII "123"
Z=0
LINE 2:
EAX 00000000
EDX 0097E85C ASCII "123"
z=1
LINE 3:
EAX 0097EB9C
EDX 0097E85C ASCII "123"
z=1
LINE 4:
EAX 0097EB9C
EDX 0048F350 Progname.0048F350
z=1
LINE 5:
EAX 00000000
EDX 00000001
z=0
Now my questions.
Is there something going on in those calls that needs to be changed to get the program registered? I had a look through each call and the first one is called 4 times and the 2nd is called like 15+ times.
Please tell me if you require more info.
Is there a specific tute i should read?
Is this program too advanced for me?
Any help will be greatly appreciated.
Cheers JW.
For some reason i tried posting this and it gave an error. Apologies if it did actually post but at this time i can't see where the thread is.