Results 1 to 3 of 3

Thread: help with this crackme

  1. #1
    chitech
    Guest

    help with this crackme

    hallo everybody

    I have a problem when I try to use "bpx getdlgitemtexta" on this crackme (attached). When softice break I press F5 and it breaks again (name/serial). After that I press F11 once to go back to the caller.

    Normally it looks like this:

    push xxx
    push xxx
    push xxx
    push xxx
    call User32!GetDlgItemTextA
    ...
    ...

    But now it shows something I don't understand. Please guide me.

    how to save/dump the assembler-code in softice into a tekst file?

    Thx


    Chitech
    Attached Files Attached Files
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Red wine, not vodka! ZaiRoN's Avatar
    Join Date
    Oct 2001
    Location
    Italy
    Posts
    922
    Blog Entries
    17
    hi chitech,
    i have take a look to the crackme.
    it uses a method to make your life hard while you are stepping the code.
    there are many useless instruction like jmp, call, pushad/popad, pushf/popf between the real instructions used by the crackme for the name/serial check.
    when you are stepping, remember that all the instructions between a pushad-popad and pushf-popf block are completely useless so don't take a closer look to them

    here is the first 3 useful intruction:
    402D1E: test eax, eax
    402D59: jnz 40309E
    403186: mov esi, 40701B
    use them in order to understand how the flow proceed

    the crackme seems not much difficult (i haven't reverse it yet...) but the problem is the stepping and the fact that you'll find instructions like:
    shl ecx, 18
    shr ecx, 18
    that are here only for kidding you.
    how to save/dump the assembler-code in softice into a tekst file?
    the command /dump of icedump is what you are looking for but imho don't help you too much in this specific case.
    use ida, it's optimus for this subject; you can see all the code used by the crackme...

    anyway i suggest to put this thread in the mini project area and see if anyone wants to join you in this project.

    hope it helps!
    regards,
    ZaiRoN

  3. #3
    chitech
    Guest
    thx u.....now I see the light

    I will put this thread in the mini project area and continue my reversing there


    Chitech
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Need help with crackme
    By lucid_dream in forum The Newbie Forum
    Replies: 4
    Last Post: January 12th, 2005, 04:32
  2. try this crackme
    By SaNGa in forum Mini Project Area
    Replies: 11
    Last Post: June 4th, 2002, 20:13
  3. int 20 (hinte's crackme #6)
    By ZaiRoN in forum Mini Project Area
    Replies: 26
    Last Post: March 7th, 2002, 16:40
  4. A little crackme
    By raven58 in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: February 14th, 2001, 18:19

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •