Results 1 to 7 of 7

Thread: Help finding the correct api

  1. #1
    michelinok
    Guest

    Help finding the correct api

    Hi!
    First of all sorry for my english
    I'm trying to debug the "import account" procedure of Outlook Express.
    I'm a total newbie, but i WAS a dos assembler expert (hope this will help me), so i've done this:
    1) Run ollydbg
    2) Loaded msimn.exe
    3) Run msimn.exe inside ollydbg
    4) gone to the import account dialog
    5) Pressed Alt+F1 and entered:
    bpx MessageBoxA
    bpx GetDlgItemTextA
    bpx GetWindowText
    bpx GetDlgItemText

    The problem is that Olly doesn't stop
    I've no idea where the problem is
    Can someone get a try?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    mr haggar
    Guest

    Help finding the correct api

    Try

    bp MessageBoxA and not bpx.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    michelinok
    Guest

    Help finding the correct api

    "bp MessageBoxA" doesn't work
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4

    Help finding the correct api

    doesn´work or doesn´t stop?

    if doesn´t work you are in windows 98, change to XP, 2000 or NT now, ollydbg is a piece of shit in 98 with less possiblities and power.

    If work but no stop try using BMSG or message breakpoints this work always.

    Ricardo

  5. #5
    Super Moderator
    Join Date
    Dec 2004
    Posts
    1,486
    Blog Entries
    15

    Help finding the correct api

    well ricardo wanted to say w98 is a piece of shit i think not ollydbg is a piece of shit

    well in 98 just out of curiosity i loaded the c:\programfilesmsimn.exe

    and hit ctrl+n (find all names in the module)


    References in MSIMN:.text to USER32.MessageBoxA
    Address Disassembly Comment
    01002272 CALL DWORD PTR DS:[<&USER32.MessageBoxA> DS:[01001088]=83503B38, (Thunk to USER32.MessageBoxA)


    and that is called only if FreeLibrary fails and that too on exiting from outlookexpress via file --> exit

    so choose the right api for your work and better read some tutorials


    here is the list of apis thats imported by msimn.exe
    only breaks on this apis would work

    or if you are sure you saw a message box popping up in msimn.exe
    attach ollydbg while message box is still active and then backtrace looking at call stack

    Names in MSIMN
    Address Section Type ( Name Comment
    01001070 .text Import SHLWAPI.#67
    01001090 .text Import ( USER32.CharNextA
    01001028 .text Import ( KERNEL32.CloseHandle
    01001048 .text Import ( KERNEL32.CreateMutexA
    01001010 .text Import ( KERNEL32.ExitProcess
    01001034 .text Import ( KERNEL32.FreeLibrary
    01001020 .text Import ( KERNEL32.GetCommandLineW
    01001064 .text Import ( KERNEL32.GetEnvironmentVariableA
    0100102C .text Import ( KERNEL32.GetFileAttributesA
    01001030 .text Import ( KERNEL32.GetLastError
    0100105C .text Import ( KERNEL32.GetModuleFileNameA
    01001014 .text Import ( KERNEL32.GetModuleHandleA
    01001038 .text Import ( KERNEL32.GetProcAddress
    01001018 .text Import ( KERNEL32.GetStartupInfoA
    01001068 .text Import ( KERNEL32.GetVersionExA
    0100107C .text Import ( USER32.GetWindowThreadProcessId
    0100104C .text Import ( KERNEL32.IsDBCSLeadByte
    0100103C .text Import ( KERNEL32.LoadLibraryA
    01001084 .text Import ( USER32.LoadStringA
    01001050 .text Import ( KERNEL32.lstrcmpiA
    01001060 .text Import ( KERNEL32.lstrcpyA
    01001054 .text Import ( KERNEL32.lstrcpynA
    01001058 .text Import ( KERNEL32.lstrlenA
    01001040 .text Import ( KERNEL32.lstrlenW
    01001088 .text Import ( USER32.MessageBoxA
    01001F85 .text Export <ModuleEntryPoint>
    01001008 .text Import ( ADVAPI32.RegCloseKey
    01001004 .text Import ( ADVAPI32.RegOpenKeyExA
    01001000 .text Import ( ADVAPI32.RegQueryValueExA
    01001024 .text Import ( KERNEL32.ReleaseMutex
    0100108C .text Import ( USER32.SendMessageTimeoutA
    0100101C .text Import ( KERNEL32.SetErrorMode
    01001080 .text Import ( USER32.SetForegroundWindow
    01001074 .text Import ( SHLWAPI.StrCmpIW
    01001044 .text Import ( KERNEL32.WaitForSingleObject

  6. #6
    michelinok
    Guest

    Help finding the correct api

    Sorry for the delayed post...got it working using
    bp GetWindowText


    Sorry again!
    And many thanks!
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7

    Help finding the correct api

    OLLYDBG in 98 is a piece of shit (is a form of explain is very limited in 98) and i don´t speak english very well i don´t know how tell in other form more elegant, and w98 too is for me a piece of shit, OLLYDBG have no real posibilities for cracking in 98, if any take a idea of serious cracking need change to NT, 2000 or XP, the limitations of OLLYDBG are very very big, only very easy crackmes can be cracked by OLLYDBG in 98, in nt 2000 or XP you can crack all RING3 crackmes or programs without limitation.

    Sorry but i´m very limited speaking in english too.

    Ricardo

Similar Threads

  1. what is the correct path
    By Silkut in forum The Newbie Forum
    Replies: 1
    Last Post: December 20th, 2010, 10:23
  2. Crackme Patched but finding correct serial not so easy
    By DENiSON in forum The Newbie Forum
    Replies: 4
    Last Post: August 2nd, 2009, 11:47
  3. Which tool is correct:
    By Bengaly in forum Tools of Our Trade (TOT) Messageboard
    Replies: 17
    Last Post: April 13th, 2009, 04:05
  4. IS this the correct way to write hasp emulator
    By saber in forum The Newbie Forum
    Replies: 2
    Last Post: August 11th, 2005, 18:14

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •