hi all,

i have written an in depth tutorial for detten's "trythis" crackme, the crackme
can be found at ptth://biw.rult.at

the tutorial includes much explanation as well as a serial generator

you can grab it at
ptth://home.pages.at/f001/0xf001_trythis_tutorial.txt

enjoy!

regards, 0xf001

well in gdb you can use set di i
or in big form
set disassembler-flovor intel to get gdb to produce intel output rather than AT&T
if you wish so
but if you use intel flavour the dissassembly in registers gets to decimal notation

ie an address like this [ebp-520] here 520 is deimal not hex
so if you want to do hexdump $[ebp-520] or ddump $[ebp-520] you have to use
hexdump $[ebp-0x208] or ddump $[ebp-0x208]

or you set the input-radix to 10. (notice the dot )
ie
gdb trythis
bp main
set di i
set input-radix 10.
run

will get you better results as you prefer intel syntax
have fun and change your tut and wrap it to 800.600
i still see a horizontal scroll making reading the page an irritation
nice tut

thx for the hints blabberer,

you could send a gdb tutorial

well i am not so concerned about at&t or radix, as you might think

in fact i prefer hex notation before decimal one. i wrote as a part of
an argument in the other thread that i do not like to use objdump for disassembly as it is very limited. this is the main concern.

with very limited i mean: relying on section headers, and also not doing
control flow disassembly. by that it is useless to most jobs. of course
your gcc created executables it can disassemble. but nothing that
uses the most basic tricks.

thanks, 0xf001