Using Olly
A tutorial by Sgi

Oh well, para told me to write this fucking tut, well, i guees so many crackers are used to Sice, and well so many newbies find hard to use Sice for the first time too, don't worry i'll get you both in shape for Olly.

I'm using a TFT 17" monitor at 1280x1024, and i love it, i tell you this because all the SShots are captured at that res, if you don't have a res of 1280x1024, well too damn bad... :-)

AAANNYYWWAYY, here is your start kick, first lemme explain this, i'm gonna use the Crackme1 exe that belongs to Brad S. for demostrations only, there are several ways to crack this baby, including the very well written tut by you know who.

Let's get our hands dirty...

Start Olly, how? well, double click the icon of Olly. Simple, right?

you sould be here

Next, let's load the program to debug, How? from FILE choose OPEN, browse for your exe and open it...

You should see the CPU window if not, press ALT+C

for the Memory Widow you should press ALT+M

for the Execuatables module you should press ALT+E

for the references window, click on the VIEW menu and choose REFERENCES

ok?

your window should look like mine, arrange your child windows as you please...

Now, go get a Dr. Peeper, a good cup of Mexican Coffee (get a Los Portales brand, it's superb) or better go get a some yellow heaven, JW Blue Label can do the trick... or do as +ORC said once.... Martini...

Now, what's the meaning of all the windows? Firts let's focus on cracking this baby, so, we press F9 (F9 runs the proggy until it reaches another module), so Olly stops, let's press F9 until you reach the little window with the field entry for the password, then let's ALT+TAB to see our little window... when we do, Olly stops again. That's ok, let's press F9 again until we finally get our proggy, this time we can switch to the little window asking us for the password, right? we should be here, ok, i'm sure you are all tired of "press that Fkey X times" well, just press it until you reach the window asking for the password..! again, lemme explain this. the F9 key under Olly RUNS the program we are gonna debug until it reaches another module (or lib), so press it until you get your program.

On the password field we enter our code. Anything, let's enter 7777777 I like sevens..... 7 times 7, and press the little check button, we see an Incorrect , Try again! little window. so, we want to BP, How can we set breakpoints under Olly? EASY! remember the little Executable Modules window?? This one! The first line points to Crackme1.EXE so we LEFT CLICK the damn line... and choose VIEW NAMES (CTRL+N)

What the fuck is this? YES, It's a list of the calls! let's see hmmmm.... there is a call to KERNEL32.lstrncmpA, it compares some shit, right? mmmh. let's BP on it, how? we left click the call name and choose TOGGLE BREACKPOINT ON IMPORT, so, we close the names window, right? now, let's return to our little window asking us for your password. and we press the check button again (the 7777777 should be still there), what happens? Olly BPs, and stops the proggy (to see a window with our BPs, press ALT+B), we should be here...

Ohhh! What's in our Address little window? DAMNIT! there is a comparison between 2 strings! See? 7777777 and <BrD-SoB>, so, the program is comparing 2 strings, right? let's see the registers window, ECX = "<BrD-SoB>" and EDX = "7777777", ok let's press F9 so the program will go on.

You know? using Sice you need to d ecx, or d eax, or d ebx, using olly, that's almost automatic.

Yes, we get the Incorrect, Try again!! little window. BUT, guess what? this time we are gonna use that string and instead of 7777777 for the password window we are gonna entere <BrD-SoB>, let's do it.

Olly Breaks again, Oh, What's that on our registers? AHHHH, a comparison between ECX "<BrD-SoB>" and EDX "<BrD-SoB>", can it be possible? is it the real password? let's press F9 and go on....

Ohhh, this time we get a Correct Way to go! window.

So, we found the serial.. this one was EASY, on the second tut, we will see a more complex one, the Crackme2.exe...

Your friend. Sgi

How to contact me:

EFNET

#new2cracking

Don't message me. If i don't know you i won't respond, ask your questions on the channel.

Email

No email... No Spam

 

Yes all of this info is for educative purposes only. I'm NOT responible in any way of what you do with this knowledge. my main goal is to teach you how to use a debugger, NOTHING ELSE!

To make lawyers happy:OllyDbg Copyright (C) 2000-2002 Oleh Yuschuk. All Rights Reserved. All the other references are property of their legal owners, including crackme1.exe..... ok?