Results 1 to 9 of 9

Thread: Help learning to reverse and crack

  1. #1

    Help learning to reverse and crack

    Hey everyone, I am fairly new to reversing (couple months). I use randoms version of ollydbg and have read a lot of randoms pages (http://thelegendofrandom.com).

    I first stared out trying to crack a program called timeline maker professional. This uses a 3rd party protection system from "protexis" to phone home using https and uses windows inbuilt cryptography stuff to encrpyt and decrpyt things. I have spent many hours commenting code and trying to figure out how to bypass the security or try to make it successfully register, to no avail.

    I am a very fast leaner however sometimes I just need help understanding new concepts and the tricks of the trade.

    I have given up on timeline maker pro for now and thought I would give something a little simpler a go.

    I have opted for AVS video converter from avs4you. It has a program called registration.exe which looks like it phones home and then updates the registry and creates a file with a extension *.lickey

    I have also studied the program itself which initially pops up a not registered window on startup and non-activated is displayed as the main window title of the main program. I made a file called license.lickey in the programdata\avs4you\licence\ folder which is where it looks for files with a *.lickey extension and it turns out this changes the message that is initially displayed when the program opens to "your subscription has expired".

    I used resource hacker to find the dialog which is entitled "TFORMUNREGISTEREDVERSION", I did a search strings in olly for this and found it as data in a couple of places, I put a few breakpoints in and I found the spot where the window is called, but I have no idea how to prevent it, I think that logic has already been processed well before.

    Basically I'm not sure where to start and I desperately need to improve my skills so am hoping to get some tips and help to finally crack something from scratch.

    Should I
    a.) try and crack the main prog and get it to think its registered?
    b.) try and crack the external exe called registration that phones home and eventually writes a licence file and some reg things.

    I just need someone to talk to.

    Thanks guys.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Registered User
    Join Date
    Dec 2005
    Posts
    216
    Blog Entries
    5
    Check out these tutorials:

    http://tuts4you.com/download.php?list.17

  3. #3
    From the dialog name, I would guess that this was written in Delphi. You could try using "PEiD" to identify the file signature. If it is, try using a Delphi decompiler like "DeDe".

  4. #4
    Thanks I will
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Quote Originally Posted by tedshred View Post
    From the dialog name, I would guess that this was written in Delphi. You could try using "PEiD" to identify the file signature. If it is, try using a Delphi decompiler like "DeDe".
    It must be because it has borland delphi c++ written in various places in the dissasembled code.

    Will DeDe do a much better job than olly? Ill give it a go. thanks!
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    im newbie. i hope you can help me to solve my problem.
    i have 2 software like this. (software can download right here CRACK REQUEST, LINKS DELETED). i have try to find bitmap and password with resource hacker but it say "protected by exe compresor". that software is built with delphi. I just want to know the password of setup and change "header image" .
    this is the screenshoot of software :
    http://s7.postimg.org/9vg8i3rwb/image.jpg
    http://s7.postimg.org/kjjzgy1vf/image.jpg
    http://s7.postimg.org/gol6s483f/image.jpg

    thanks for your help
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Quote Originally Posted by rendari View Post
    Check out these tutorials:

    http://tuts4you.com/download.php?list.17
    Thanks, Im up to tutorial 8 out of 40, going well so far they are very very helpful. Ive learn't a couple of new little tricks for use in olly. Most of the stuff so far I did already know from research and trial and error. Will keep going.....
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    Quote Originally Posted by spados View Post
    It must be because it has borland delphi c++ written in various places in the dissasembled code.

    Will DeDe do a much better job than olly? Ill give it a go. thanks!
    OK so I have run DeDe and it shows the forms etc. I'm finding it very hard to use DeDe, it is very different to olly. Is my goal to find the references in DeDe and then use olly to actually do the crack or can you crack things in DeDe aswell? That having been said I did get a VA of the non registered form from DeDe but when I use olly and goto expression with that address, it doesnt resemble anything like the data I am looking for.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    I see DeDe as a means to explore the code structure. You still need a separate debugger.

Similar Threads

  1. Machine learning for malware detection and classification
    By encryptedmind in forum Malware Analysis and Unpacking Forum
    Replies: 3
    Last Post: April 5th, 2013, 04:20
  2. FlexLM learning process
    By anderpok in forum The Newbie Forum
    Replies: 2
    Last Post: April 28th, 2006, 15:12
  3. learning idc
    By Hero in forum The Newbie Forum
    Replies: 1
    Last Post: July 19th, 2004, 16:54
  4. Suggestions for, relativly new, good learning targets?
    By SuperCali in forum Malware Analysis and Unpacking Forum
    Replies: 1
    Last Post: October 14th, 2001, 20:31
  5. Which book for learning about Windows Internals?
    By edward in forum Malware Analysis and Unpacking Forum
    Replies: 4
    Last Post: June 7th, 2001, 22:45

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •