PDA

View Full Version : Can someone help me get started with an app?


bakatade
February 28th, 2013, 09:38
I'm new to this and trying to crack an app. I've been watching videos and reading but when I try the techniques I come up with nothing. This is what I've done so far:

1. Opened the app in .Net Reflector 8.0
- Got an error - "File is not a portable executable. DOS header does not contain 'MZ' signature."
2. Opened the app in OllyDbg 2.1.0.4
- I cannot find any of the error strings. And, when I debug it, it doesn't even seem to go into the .exe module at all, it seems to be loading the procs when it needs them dynamically.

Can anyone help me get started? If you would like the app let me know and I'll post it somewhere for download.

Thanks in advance,

Baka

Aimless
February 28th, 2013, 10:26
You should try to get your mind around first to simple, native, 32-bit applications with at least 2-3 versions below the current version.

What you are doing, is a surefire way to get discouraged.

May I suggest you first forget cracking, and concentrate on learning the tools by simple cracking (there are a lot of examples. Lena and Tiga's video tuts come immediately to mind). Read the manuals. Then re-read them again. Practice on simple targets. THEN, move on.

A few good tools, that come in handy on all occassions:

1. Ida Pro
2. Windbg
3. Ollydbg
4. Reshack

Every other tool can wait. These need to be learned first.

But above all, however, don't give up.

Have Phun

bakatade
February 28th, 2013, 10:31
Thanks Aimless for your suggestion, I've been watching the youtube videos on how to use ollydbg by fjlj, they have helped me to get a grip on what ollydbg does and how to navigate it.

bakatade
March 7th, 2013, 11:24
I have made some progress but I'm still missing something. I started breaking on messages like MessageBoxExW which shows me the text, "The License Key File was not found..." but when I try to go backwards up the stack, it kind of dead ends and I can't go up any further to find out what condition is making the dialog display. The thing I'm finding interesting is, I can't find where the .exe code is being called at all, I'm always in module USER32 or some other system module but never in the .exe module. I'm assuming the logic to "validate" the key would be in the .exe right?

Thanks again...