Results 1 to 11 of 11

Thread: About jump over the crc check

  1. #1
    Ollyxyz
    Guest

    About jump over the crc check

    hi
    im newbie in ollydbg and assembly language.. i just wanted to ask how to jump over the crc check.
    please a brief explanation would be really helpful
    thnx in advance
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,524
    Blog Entries
    15
    jump before JMI sees you like this
    Attached Images Attached Images  

  3. #3
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    First of all you have to identify where the crc is located at. Once you know you can try to jump over the check.

    Suppose you have something like:
    Code:
    ...
    push esi
    xor eax, eax
    
    <crc check instructions>
    
    inc edi
    pop esi
    ...
    If you want to avoid the crc check you only have to jump over it. The best way is to add a jump instruction directly at the beginning of the crc check. The jump will lead you at the end of the crc check instructions block, at "inc edi". In this way you jump over the crc check.

  4. #4
    Naides is Nobody
    Join Date
    Jan 2002
    Location
    Planet Earth
    Posts
    1,647
    That is deep, profound stuff,

    ZaiRoN!

  5. #5
    Ollyxyz
    Guest
    thanks alot zairon
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Ollyxyz
    Guest
    zairon , can u please also explain what really crc check it is and where can i find that, like .dll files or .exe
    if its tht then how really can i edit /jump over in ollydvg
    thanks in advance
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    sounds like someone needs to learn how to use ollydbg first and read the faq

    crc checks can be found in .dll, .exe and others.

    zairon has explained how to jump over in ollydbg already.
    Last edited by squidge; July 10th, 2007 at 07:21.

  8. #8
    A CRC can be many things. Some of the more simpler types are the checksum type where they SUM (add) all the bytes in a file, or section of the code together, and then expect the result to match what it was when THEY did it. (So, if you change anything, the sum is different, and they know you've been tampering in there).

    Another type is to XOR (Exclusive Or) all the bytes together, and check them much the same way as mentioned above.

    The simple (at least in theory) way to find the checksum routine in a program is to set a READ breakpoint on the address that you intend to change, and run the program. When the program reads the address the breakpoint triggers, and you'll be in the middle of the function doing whatever type of math it's doing to compute the check. From there, you should be able to find the CMP or whatever that's checking it, and disable it.

    This was a "cracking 101" level discussion, if ANY of it didn't make sense, you need to study as was mentioned above. I would recommend an assembly tutorial, and the Olly documentation if you don't understand. The initial learning curve is steep, and don't ever expect to know it all, but you CAN learn this. It just takes time.

    FR (23 years experience, and still don't know it all).

  9. #9

    sage

    Looks like someone lacks a few billion neurons

  10. #10
    Ollyxyz
    Guest
    well, from where i should start to learn asm? i mean before asm shud i learn any specific languge?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #11
    read your signature.....

Similar Threads

  1. Changing a jump
    By voodoo in forum OllyDbg Support Forums
    Replies: 2
    Last Post: December 15th, 2004, 05:02
  2. How to find the jump???
    By homunculus in forum OllyDbg Support Forums
    Replies: 5
    Last Post: February 17th, 2003, 05:09
  3. newbie Q: far jump?
    By chitech in forum The Newbie Forum
    Replies: 5
    Last Post: September 5th, 2002, 20:24
  4. How to calculate which jump I want to use...
    By Six Black Roses in forum Malware Analysis and Unpacking Forum
    Replies: 2
    Last Post: March 12th, 2002, 19:28
  5. jump generator
    By amois in forum Malware Analysis and Unpacking Forum
    Replies: 12
    Last Post: October 18th, 2001, 09:42

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •