Results 1 to 8 of 8

Thread: one program work but other doesn't?

  1. #1
    Dtox
    Guest

    one program work but other doesn't?

    Hi everyone,

    Im currently reading through tutorials, how-tos, instructionals, etc. Currently Im learning about debugging. I noticed that IDA seems to actually debug a while w32DSM doesn't (it wont even load the file, it just sits there). IDA seems to work well enough, but I was curious as to why its doing this. From what I've read W32DSM is a pretty valuable tool, so I wouldn't want to lose it. Anyone ever experience and get around this?

    BTW I hope I read the FAQ well enough to not ask anything stupid. If I didn't then sorry and do what you must.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    reknihT esreveR SiGiNT's Avatar
    Join Date
    Sep 2004
    Location
    Wherever I am
    Posts
    750
    Read the post just below yours - the debugger in w32dasm wasn't discussed, because there aint much to discuss!

    SiGiNT
    Unemployed old fart Geek - Self Employed Annoyance
    Team: Noobisco Crackers
    If someone can't do it for you, you'll never learn!

  3. #3
    Dtox
    Guest
    I think I may of found the answer. Is it answered in this question from FAQ?:

    I load a file but I am not able to see the string reference, is it possible?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Dtox
    Guest
    whoa, ok been reading since 9:30PM....its now 3:20AM. Im gonna do this dammit. I have a question though. I have been reading up on Timelimits. So far I've only read about Time Trial (30 days, 20 days, etc.). I still haven't read about a specific one though. This one has no nag screen or anything. It has a timer and lets you use it for about 3 minutes until the program shuts down. I don't know the name of this protection. Does anyone have an idea of what its called so I can do some research on it?

    Edit: I think I may just be starting a bit more advanced than I should be. Im sure someone knows this but I wont understand it until I read a lot more. Soooo....I'll give myself a week and see what happens.
    Last edited by Dtox; September 25th, 2006 at 03:44.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Naides is Nobody
    Join Date
    Jan 2002
    Location
    Planet Earth
    Posts
    1,647
    Hi Dtox. Take it easy.

    From first post: You need to get your concepts straight, Disassembler vrs. Debugger:

    IDA and W32DSM are Disassemblers: They translate, in a static fashion, the binary code of an excutable file into the opcodes of assembly language. OK?

    They also label disassembly listing of the program with visual aids, cross references, symbols, function limits an other bells and whistles, to help you understand the structure of the program but that is all they do.

    A debugger analyzes the behavoir of a program WHILE it is running, by pausing the CPU. Debugging is live and direct: The variables hold real values, the branch points do branch and the loops go around in loops.

    IDA and W32DASM do have rather primitive debuggers attached to them, But the best example of a debugger is Olly.

    To confuse things a little, Olly, a DEBUGGER holds a very good disassembler attached to it, so that when you are tracing the execution of a program, Olly presents you with an Assembly language listing composed on "on the fly".

    Question (Post) 2:
    You have a lapse limited app, usually sound or video app demos have such devices.

    Just like any reversing, you need to think: How can the computer find out that 3 mins have gone by?

    Search for time keeping APIs like getTickCount, GetSystemTime.

    Also, 3 mins later the program does not show a nag, but QUITS.
    Finishing a program is a quite involved process: Disassemble your program and look for APIs that do the quiting, for instance PostQuitMessage, ExitProcess.

  6. #6
    reknihT esreveR SiGiNT's Avatar
    Join Date
    Sep 2004
    Location
    Wherever I am
    Posts
    750
    To add to what naides has posted, have you checked to see if your program is packed? - go to protools (google for it), and get a copy of PEiD - if it's packed, (says Arma, or asprotect or anything other than Visual C, Borland, or Visual Basic), then you are probably out of your league, and a debugger or disassembler will be of little help - come back here and let us know, just running in olly until it shuts down can give some clues, just hit the big blue "K" after shut down and trace back from the last reference from your target in the stack window.

    SiGiNT
    Unemployed old fart Geek - Self Employed Annoyance
    Team: Noobisco Crackers
    If someone can't do it for you, you'll never learn!

  7. #7
    SetTimer is also a frequently used API for these sorts of time limits (and may also be used for anti-tracing methods as well).

  8. #8
    Dtox,

    You may want to first leave the time trials for a while if you are really starting out. I recommend breaking Winzip v6/7/8 or Mirc v5/6 first. Simple serial based productions...

    If I were you, I take 2 weeks off from all this cracking stuff, and instead learn how to use my tools better...

    FYI, W32dasm is dead. It is no longer a viable tool for debugging. Its like trying to debug a program with debug.exe, plus it also does not do UNICODE.

    Better stick with IDA and a decent debugger.

    Have Phun
    Blame Microsoft, get l337 !!

Similar Threads

  1. Replies: 0
    Last Post: January 12th, 2008, 00:08
  2. USB mouse doesn't work in DriverStudio 3.1.0
    By Walaci in forum Tools of Our Trade (TOT) Messageboard
    Replies: 5
    Last Post: April 29th, 2005, 12:24
  3. rtcMsgBox breakpoint doesn't work
    By id6262 in forum The Newbie Forum
    Replies: 3
    Last Post: January 12th, 2004, 19:01
  4. My softice doesn't work in windowsXP!!!
    By AllenGnr in forum Tools of Our Trade (TOT) Messageboard
    Replies: 2
    Last Post: March 8th, 2002, 05:09
  5. SoftICE doesn't work on Windows XP beta
    By Solomon in forum Tools of Our Trade (TOT) Messageboard
    Replies: 9
    Last Post: December 12th, 2001, 00:29

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •