Log in

View Full Version : Frequently Sice Problem


Joda
June 23rd, 2001, 06:31
Hi all.

I hope this question wasnt posted b4, if it was plz give me the url and close the topic, so i dont waste space here with things already been discussed.

My problem is the following:

Most programs i try to crack (ye crack, i wouldnt call it reverse engeneering cauz i just have some fundamental ideas of programming, but cannot code in any language yet ) are not disassembleable (?) in WinDasm (at least 70-80%), so i have to use S-ICE on them.
But the problem with Sice is, that i always lose myself in the code. I set a breakpoint on let's say hmemcpy or createwindowexa or sth and then trace trace trace - check registers and memory and trace... And then its over, a nag appears and - ewps did i miss something?
So i try it a 2nd time and so on - until i give up - most of the time resulting in crippled programs, doing funny errors .

Is there anything in general, that could help me to get a more structured, effective way in using Sice on programs?
This tracing doesnt get me anywhere - and just breakpointing on memory ranges that look interesting or APi functions doesnt help me too most of the time - perhaps its just because i'm so new to the cracking stuff, but maybe there are some ideas that could help me, i would appreciate it.

cya

Joda

CoDe_InSiDe
June 23rd, 2001, 11:48
Hi Joda,

Yes, i've got one big suggestion for you

"Learn ASM"

i think that'll help
(Atleast with the Tracing and understanding of the Codes )

Cya...

CoDe_InSiDe

Joda
June 23rd, 2001, 13:19
Hey.

What do u mean by "Learn ASM" - learning to code in (win32) asm or just learning to "read" the asm dump?


cya

Joda

CoDe_InSiDe
June 23rd, 2001, 13:34
Hi Joda,

Well, both actually
But i think the second is better, unless you want to Code in it too
But the main thing would be to try to understand the meaning of the ASM instruction.
Not all instructions at once ofcourse ;D
But some basic instructions like ADD, MOV, SUB etc...
And the Jumps...
Hope this helps.

Cya...

CoDe_InSiDe

Joda
June 23rd, 2001, 13:48
hehe

Well i have some basic understanding of asm and a good and thick reference to its instructions - but u know if i land inside the dark code woods (wink), ret p myself outta the api instructions, i find myself writing down tons of notes - my bin is filled to the top and still i get nowhere - hm perhaps im not just physical visually handicapped but also mentally?

Last weekend for example i was sitting 2 days in front of a dumb Visual Basic program, with a stupid Serial/Name protection scheme, at the end just finding out that i missed, that it also compares a "-" to the serial number and just its last 5 numerical parts. Checking where a routine begins and where another ends in SoftIce sometimes gets me a real headache .

Joda

CoDe_InSiDe
June 24th, 2001, 02:22
Hi Joda,

Hehe
I've got another suggestion:

"Don't try to use SoftICE for VB Programs"

No wonder you were lost in the woods
For VB programs you can better use SmartCheck

Have you tried simple, small CrackMe's for example ??
That should be good to learn Tracing and understanding i think

Cya...

CoDe_InSiDe

Joda
June 24th, 2001, 07:07
Hi ho.

I will now. For i seem to have the problem always to download software thats packed or protected in ways i dont understand the CrackMe way will be the most intelligent I think.
And SmartCheck - hmmm - later maybe .

Thx for your suggestions man,

Joda