In labba's tut it says set a break point at the RET

00FF3A2C 3100 XOR DWORD PTR DS:[EAX],EAX (where we stop..so set break here? is this RET?)00FF3A2E 64:8F05 00000000 POP DWORD PTR FS:[0]
00FF3A35 58 POP EAX
00FF3A36 833D B07EFF00 00 CMP DWORD PTR DS:[FF7EB0],0
00FF3A3D 74 14 JE SHORT 00FF3A53
00FF3A3F 6A 0C PUSH 0C
00FF3A41 B9 B07EFF00 MOV ECX,0FF7EB0
00FF3A46 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00FF3A49 BA 04000000 MOV EDX,4
00FF3A4E E8 EDD0FFFF CALL 00FF0B40
00FF3A53 FF75 FC PUSH DWORD PTR SS:[EBP-4]
00FF3A56 FF75 F8 PUSH DWORD PTR SS:[EBP-8]
00FF3A59 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
00FF3A5C 8338 00 CMP DWORD PTR DS:[EAX],0
00FF3A5F 74 02 JE SHORT 00FF3A63
00FF3A61 FF30 PUSH DWORD PTR DS:[EAX]
00FF3A63 FF75 F0 PUSH DWORD PTR SS:[EBP-10]
00FF3A66 FF75 EC PUSH DWORD PTR SS:[EBP-14]
00FF3A69 C3 RETN

1. Learn asm
2. If step 1 fails, learn asm
3. If step 2 fails, learn asm
4. If step 3 fails, learn asm
5. If step 4 fails, learn how to read
6. If step 5 fails, admit that you're a complete failure and quit the scene
7. Study the source code that you rip. Particularly this line:

Anything in that line resembling a RET? ANYTHING AT ALL?

Fake

Your so nice with the newbies.

Thank you. I take great pride in being sarcastic and arrogant.

Fake

Ps. It seems to me that to qualify as a newbie, one should be capable of at least some independent thought.

00FF3A2C 3100 XOR DWORD PTR DS:[EAX],EAX
00FF3A2E 64:8F05 00000000 POP DWORD PTR FS:[0]
00FF3A35 58 POP EAX
00FF3A36 833D B07EFF00 00 CMP DWORD PTR DS:[FF7EB0],0
00FF3A3D 74 14 JE SHORT 00FF3A53
00FF3A3F 6A 0C PUSH 0C
00FF3A41 B9 B07EFF00 MOV ECX,0FF7EB0
00FF3A46 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00FF3A49 BA 04000000 MOV EDX,4
00FF3A4E E8 EDD0FFFF CALL 00FF0B40
00FF3A53 FF75 FC PUSH DWORD PTR SS:[EBP-4]
00FF3A56 FF75 F8 PUSH DWORD PTR SS:[EBP-8]
00FF3A59 8B45 F4 MOV EAX,DWORD PTR SS:[EBP-C]
00FF3A5C 8338 00 CMP DWORD PTR DS:[EAX],0
00FF3A5F 74 02 JE SHORT 00FF3A63
00FF3A61 FF30 PUSH DWORD PTR DS:[EAX]
00FF3A63 FF75 F0 PUSH DWORD PTR SS:[EBP-10]
00FF3A66 FF75 EC PUSH DWORD PTR SS:[EBP-14]
00FF3A69 C3 RETN

yea 00FF3A69 C3 RETN does look like ret.... the thing is i just wanna make sure coz...they say put break at ret...so was thinking wheter should click on 00FF3A69 C3 RETN and f2 or...f2 at 00FF3A2C 3100 XOR DWORD PTR DS:[EAX],EAX
... p/s i dont mind sacarsm =) its all in the process of learning

Hi, welcome to the board, and ignore most of the newbie flames, you'll get that often. However, its assumed that you have some working knowledge of assembly. No programming skills necessary, just assembly reading skills.

A good idea might be to go to the Intel site and get the instruction reference manual. Straight from the horse's mouth. Look up the RETURN instruction. Note that in assembly translation from binary to assembly, one instruction can have different meaning, different opcode and different representation.

RET
RETN
..etc are all different "variants" of the return instruction. How did I know this? Simple, its mentioned in the intel instruction reference manual. You might try getting the one for Pentium IV rather than the 64-Bit Itanium one, though.

Mostly, try to get an idea of what the author of the tutorial is trying to get across. Following the tutorial blindly will lead only to that program being cracked and leave you frustrated because you did not master the rudimentary basics. A good idea might be to also add the Windows API help file( you'll find it scattered all over the net. Its. 21 MB) This'll spare you asking what the Windows API does, what parameter is passed, what is returned etc.

But most of all, enjoy the game. Don't worry if things do not come out correct the first time. We are here on the board for that. But make sure you have worked on the problem you are solving and have something to show us that you were indeed working on it.

A good idea might be to try cracking Winzip versions 5/6/7 or MIRC versions 5/6. Try going after time-based protections then. Leave the crackmes and the keygenmes for now. They almost always offer no good experience.

Have Phun

cheers mate