- #OLLYDBG TUTORIAL ITA HOW TO#
- #OLLYDBG TUTORIAL ITA SERIAL#
- #OLLYDBG TUTORIAL ITA PATCH#
- #OLLYDBG TUTORIAL ITA REGISTRATION#
- #OLLYDBG TUTORIAL ITA CODE#
But that doesn't teach us much, we want to know exactly what this crackme is doing in order to test our username and serial.
#OLLYDBG TUTORIAL ITA PATCH#
So, we probably know how we could get the congrats message - a flick of the Z bit at 00401241 or simple patch of the JE at 00401243 should do it. You dont want to search for this again if you press a wrong button somewhere! What this means is that you can now come back here whenever you run the program without stepping through all the previous steps we have taken. Then select the line 00401223 and press F2 to put a new breakpoint here. Olly even helps show us we're in the right place by showing that our entered username and password are pushed to the stack before calls are made and a compare is made shortly afterwards.įor now, press Ctrl-N, select 'GetDlgItemTextA' and press 'remove all breakpoints'.
#OLLYDBG TUTORIAL ITA CODE#
We're done with the User32 code and are back with the main routine of the Crackme. If we continue this process we go through a long session in User32 and eventually land back here:Ġ0401226. In future you will use F10 and F12 to step, F8 just shows you more of whats involved. 25 steps take us back to User32 and 38 take us back again.
Pressing just twice will bring you into User32 and after 15 step overs we are back with the crackme. Press F8 to step over the program and try to get a feel for what is going on.
#OLLYDBG TUTORIAL ITA SERIAL#
This is important as when this says Kernel or User32, we know we can keeping stepping as it has nothing to do with our serial - we are only interested in the Crackme. If you read the top of you Olly window, it should say. Now, this is the first reference to the call 'GetDlgItemTextA' so we know our serial is shortly going to be read in. Press the register button and Olly should break here :Ġ04012CC |.
#OLLYDBG TUTORIAL ITA REGISTRATION#
Go to the registration box and enter a name and any serial. Press F9 and Olly will run the crackme, presenting you with its user interface. You can then right click on GetDlgItemTextA and select 'set breakpoint on every reference'. If you press Ctrl-N (or right click and select 'Search for' followed by 'name (label) in current module') you are presented with a list of calls made by the crackme. So, what we need to do is make sure that if the Crackme makes this call, Olly intercepts it and breaks for us so that we can follow what is being done with the information. There are a few ways windows does this - its beyond the scope of this article to teach you the depths - but I will tell you that one of them if using the call 'GetDlgItemTextA'. We therefore need Olly to intercept any calls this crackme makes where it could be reading what we typed from the username and serial boxes. Now, we know that the Crackme is taking whatever we typed and checking it against the correct serial. You'll then be presented with the workings of the application, starting about here :Ġ0401007 A3 CA204000 MOV DWORD PTR DS:,EAX Okay, so open Olly and select Crackme1.exe. So we know what we need to do we need to find the serial - at this point we dont know if its a hard coded number or if its generated from the username but thats part of the fun! You'll get a message saying 'No luck there mate' (incidentally, if you do happen to guess your serial and get the 'Congratulations' message, I recommend that you buy a lottery ticket today).
Enter a user name into the box and a random username. Well, theres not much to see but we can find a 'Register' box. Okay, so run the crackme and lets have a look around.
No cheating now -)ĭone? Well maybe you suprised yourself and found things you thought you'd never find? Maybe you found nothing and reckon you just wasted 30 minutes? Either way, I'll go through the process I used to reverse this and hopefully it will teach you a few things.
#OLLYDBG TUTORIAL ITA HOW TO#
The very least this will do is teach you how to use basic Ollydebug functions. See what you can find and get a feel for the program. First thing to do is close this tutorial and have a play around. Ok, so you should have downloaded the crackme and have Ollydebug installed. When I came to this level, I hadn't done anything like this before but since then I've been doing some reading around the subject and (geekily enough) I find it quite interesting. Looking at the stats, this seems to be where a lot of users get stuck so hopefully this article will show you how to progress. I've decided to write this series of articles almost as a helper to those stuck on Geek 8.
0 kommentar(er)
