Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   meaning of a p-code Registration routine (https://forum.exetools.com/showthread.php?t=10208)

wassim_ 09-29-2006 22:49
meaning of a p-code Registration routine
 
Hi, after debugging this vb application, I was able to locate the "check if registered" routine, the program uses online registration and once it receives the server's good boy response, it writes the used serial to the registry here:
HKEY_Local_Machine/Software/TargetName
The key that holds the serial is RegKey= 123456789123456789123456;
the key's length has to be 24.

Now, if I enter a bogus key, the program uses this routine to check it out, I am unable to understand it and what it is supposed to return when registration is valid. I know what jumps to reverse but I think it is storing some variables elsewhere that prevent the program from working normally.

I need help in understanding the valid key check hereafter:

Code:
Public Sub unknown_47B730
  loc_47B678: FLdRfVar var_BC
  loc_47B67B: LitVarI4
  loc_47B683: LitStr "RegKey"
  loc_47B686: FStStrCopy var_98
  loc_47B689: FLdRfVar var_98
  loc_47B68C: LitStr "Software\TargetName"
  loc_47B68F: FStStrCopy var_94
  loc_47B692: FLdRfVar var_94
  loc_47B695: LitI4 -2147483646//    WHAT IS THIS FOR?
  loc_47B69A: CStrI4              // What DOES THIS DO?
  loc_47B69C: PopTmpLdAdStr
  loc_47B6A0: ImpAdLdRf unk_419ECB
  loc_47B6A3: NewIfNullPr
  loc_47B6A6: Me.HeightSet
  loc_47B6AB: FLdZeroAd var_BC
  loc_47B6AE: FStStr var_8C
  loc_47B6BD: LitI2_Byte 0
  loc_47B6BF: FStI2 var_86
  loc_47B6C2: ILdRf var_8C
  loc_47B6C5: FnLenStr
  loc_47B6C6: LitI4 24          <------------- is the serial's length 24?
  loc_47B6CB: NeI4             
  loc_47B6CC: BranchF loc_47B6D7  <-----------jump to bad boy if not
  loc_47B6CF: LitI2_Byte 255  //WHAT IS THIS variable's function?
  loc_47B6D1: FStI2 var_86
  loc_47B6D4: Branch loc_47B72D
  loc_47B6D7: ' Referenced from: 47B6CC
  loc_47B6D7: ILdRf var_8C
  loc_47B6DA: ImpAdLdPr unk_419ECE
  loc_47B6DD: MemStStrCopy
  loc_47B6E1: FLdRfVar var_BC
  loc_47B6E4: LitVarI2 var_B8, 63
  loc_47B6E9: LitStr "User Name"  // User Name is the name you enter as user
  loc_47B6EC: FStStrCopy var_98
  loc_47B6EF: FLdRfVar var_98
  loc_47B6F2: LitStr "Software\TargetName"
  loc_47B6F5: FStStrCopy var_94
  loc_47B6F8: FLdRfVar var_94
  loc_47B6FB: LitI4 -2147483646  // Here it is again...
  loc_47B700: CStrI4
  loc_47B702: PopTmpLdAdStr
  loc_47B706: ImpAdLdRf unk_419ECB
  loc_47B709: NewIfNullPr
  loc_47B70C: Me.HeightSet
  loc_47B711: FLdZeroAd var_BC
  loc_47B714: FStStr var_8C
  loc_47B723: ILdRf var_8C
  loc_47B726: ImpAdLdPr unk_419ECE
  loc_47B729: MemStStrCopy
  loc_47B72D: ' Referenced from: 47B6D4
  loc_47B72D: ExitProcI2
  loc_47B72E: LargeBos loc_47B732 'Ignore this
End Sub

I have tried finding some explanation about these mnemonics but I could not find all what I need.

Any help is appreciated.


All times are GMT +8. The time now is 05:04.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX