Hi all

( newbie in old body !)

I have a cnc machine with a program that helps me make kitchen cabinets.

i have recently acquired a newer version but the previous dll patch ( dongle emulation )does not work on the new software.

I have tried to compare the 2 ( patched and original ) files via a disassembler to see is i can recognize any changes in the source code , but it may be way above my experience ( i am an electronics engineer !)

rather than call it quits i thought i would ask you guys for any sugetions or guidance. I have spent hours on the net reading up on info ( to my wifes disgust!)

regards peter

Just general suggestions.

1.First of all you have a lot of ground to cover, if you have little reversing experience. Consider that buying the new version software may indeed be cheaper and faster. If your wife is already pissed at you for spending a few hours searching the web, you may as well start searching for a good divorce lawyer, because learning to reverse is going to absorb many hours of your waking time.
2. One way you may approach this problem is to disassemble, with IDA, the OLD dll, before and after it is patched, then use the diff tool by Andre Protas http://research.eEye.com. It will quickly show you where and what the patch does to the code.

3.Then disassemble the new version of the dll, unpatched, and DIFF it with the old, unpatched dll version. See if the areas of the code that got patched are still recognizable within the new code.

4Last, if that is the case, try to reconstruct, by hand, the effect of the patch into the new version of the dll.

Many thanks for your suggestions , it is a start in the right direction.

I have down loaded the binary diff starter ( twice ) but it fails to initialize on my pc, so i will work that one out and go to the next step.

thanks peter

Hi,
'Nother newbie in an old body here.
I'm at the stage of collecting tools and it occurred to me, its not clear if all these various tools can be installed and cohabit agreeably on one hard drive.
There's rarely any mention of which platform each tool likes and very little mention of any two, or three, tools not getting along with each other during a reversing session.
Is this too stupid of a question, even for a newbie?

Reason I ask about platforms is I'm surrounded by computers here at home and I can run Ubuntu, Win95, Win98, Win98se, WinXP, home and professional and I'm thinking about playing with Vista soon.

Let me answer part of the question.

Ring 0 RCE tools kernel level debuggers, such as SofIce (Siser?)are heavily Platform specific and non-portable.

Ring 3 disassemblers, debuggers, monitors tend to be quite forgiving, as long as you remain within the windows family, but I most tell you that I have not personally tested each tool on each environment.

*nix tools are *nix specific.

IDA can disassemble a wide variety of executables from different platforms, but it is my understanding that you've got to have a specific version to be hosted by either Windows x32, x64, Linux or Mac OSX.

Hmmmm....

I'm _STILL_ waiting for JMI to provide a "read the friggin' FAQ you n00b" and "show us what the f$$k you have done about it" response to the above questions. C'mon, just cos the guys say they are "old" does not mean that they should not be fragged for asking a crack request, heavily couched in cracking terms... I mean, people here have been torn apart even after providing more information. And comparing the binaries? that is hardly worth considering. They have provided no response to what they have done int his regard.

For the boys above, welcome to the board, and pardon my response, I am generally friendly. Its directed more to the mods than to you. Not that I think they need to be reminded of their duties of course

I think dongles are way off if you have never cracked before. I'd suggest going in for IDA Pro and SOFTICE, cracking winzip and mirc before hitting on these heavy duty pieces of protections. Dongles are getting tougher by the day and at times they take longer than you can wait in order to crack them. Some cannot be cracked with satisfaction fully without the dongle present.

So, if you are new to cracking, I'd suggest leaving dongles for a while and learning how to use your tools and beginning cracking winzip and MIRC. IF, however, you are only interested in the solution to the problem you mentioned above, then like I said, I am hoping for JMI to give you all a big frag in the buns. On a friendlier note, I hope you are here on the board to stay.

Peace,

Have Phun

Boy! have to go out of town for a couple of days without internet connection and the crying of "slacker, slacker" is echoing through the halls.

Maybe I was just carried away with the "newbie in an old body" remark and decided to cut him some slack before I rained on his parade. In any case, with my return, I really wasn't sure which one to jump on or both, because the Thread seems to have been hijacked by Tradeflash while I was gone.

So you Newbies who didn't actually read the Friggin FAQ or indicate you have done any of your own research, take yourselves to the woodshed and beat the tar out of yourselves until I can rest up and beat you within an inch of your lives, my own self. Consider yourselves whipped, battered and brused and start off with actually reading the Friggin FAQ and do some searching yourselves before you ask such questions.

Regards,

AS a half hearted apology:

I answered klos post because:
1. Despite his inexperience he showed effort in devising a strategy, he just needed the means to put it to use.
2.Out of sympathy and solidarity when he mentioned his pissed off wife.

Now to Tradeflash?
I answered because of . . .?Inertia?
You see, I am a teacher during the day, so by sheer necessity, I have desensitized my self into believing that there is no such a thing as too stupid a question.

Well, I've now got my feet wet. And my ass kicked. I didn't really hijack the former 'old body' post intentionally. I just happened to register and post shortly after he. I do admit I was looking for a shortcut to building, building, testing, testing. I'm guilty. Back to the drawing board. I'm here to stay and hope to post something useful someday. Thank you all for your responses. I felt like I was at work with my 'pals'. Whenever I pull a boner there, I get a similar response.

I had an amusing thought this evening. Why not, just for laughs, set up a forum with a totally useless FAQ. And then, whenever questions were posted, hire a few parrots to repeat, "READ THE FAQ!!!!"
Then I realized we already have that here and the web doesn't need two such sites.

You are free of course to start your own site and run it as you wish...

Polly want a cracker?

@Tradeflash:

Would you please illuminate us with your extensive knowledge of reverse engineering and write a useful version of the FAQ?

Thank you.

Or alternatively, just blow me.