Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 10-05-2022, 16:13
Zeocrack Zeocrack is offline
Friend
 
Join Date: Sep 2022
Posts: 17
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 54
Thanks Rcvd at 0 Times in 0 Posts
Zeocrack Reputation: 0
Ripping from v0!d keygenme 1

Dear All

I want to make a keygen from the ripped code from the keygenme. Preparing keygen is very simple in vb, masm or cpp. But I want to ripping code fully from the keygenme.

Don't know what is the issue.

Would you please suggest?
https://mega.nz/file/YggXmQbA#JkKo3pEIDFYynK_YMBMpBhTTGZ2k5Ypm5Iy_TBGlF0s

Note: not sure external link for this case is allowed or not.


Thanks
Attached Files
File Type: zip Void Keygenme1 keygen.zip (24.2 KB, 6 views)
Reply With Quote
  #2  
Old 10-06-2022, 15:42
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 917
Rept. Given: 325
Rept. Rcvd 219 Times in 112 Posts
Thanks Given: 179
Thanks Rcvd at 413 Times in 233 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
What is the specific goal you are trying to reach?
is it that you want to rip code from vcrkme01.exe into your keygen.asm project or smth else
PS keygen.exe is crashing in my case (silent close on Generate button)
vcrkme01.exe is doing nothing (if filled in both fields and pressing [Check] button
Reply With Quote
The Following User Says Thank You to sendersu For This Useful Post:
Zeocrack (10-06-2022)
  #3  
Old 10-06-2022, 18:44
Zeocrack Zeocrack is offline
Friend
 
Join Date: Sep 2022
Posts: 17
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 54
Thanks Rcvd at 0 Times in 0 Posts
Zeocrack Reputation: 0
Thanks for reply. I just want rip from keygenme and make a keygen . Yes the keygen is closing but I couldn't find why. The goal is learn ripping and make it workable.

Thanks
Reply With Quote
  #4  
Old 10-08-2022, 23:09
sendersu sendersu is offline
VIP
 
Join Date: Oct 2010
Posts: 917
Rept. Given: 325
Rept. Rcvd 219 Times in 112 Posts
Thanks Given: 179
Thanks Rcvd at 413 Times in 233 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
Hi Zeocrack
I've analyzed your code, the culprit looks like comes from ripped code
it is the assembly instruction

mov ebp, temp

which is overwriting value of register ebp (which is used when you call any WinAPI + passing some local variable

eg in your case - after you damaged correct ebp value you are calling afterwards this:

invoke SetDlgItemText,hWnd,ID_OUTPUT,addr buffer

and it translates to the following asm code:

CPU Disasm
Address Hex dump Command Comments
004012DE |. 68 1E314000 PUSH OFFSET 0040311E ; /Text = "Z-K25494-2549"
004012E3 |. 6A 65 PUSH 65 ; |ControlID = 101.
004012E5 |. FF75 08 PUSH DWORD PTR SS:[EBP+8] ; |hDialog
004012E8 |. E8 AB000000 CALL ; \USER32.SetDlgItemTextA

and the crash is on the line which is trying to use the (damaged) value of EBP register...


usually app should not use EBP as data register, so either do not use it (use another one), or if you need to use it - do the push ebp ... change ebp + math ...pop ebp
Reply With Quote
The Following 2 Users Gave Reputation+1 to sendersu For This Useful Post:
niculaita (10-09-2022), sh3dow (10-11-2022)
The Following 4 Users Say Thank You to sendersu For This Useful Post:
niculaita (10-09-2022), sh3dow (10-11-2022), tonyweb (10-08-2022), Zeocrack (10-09-2022)
  #5  
Old 10-10-2022, 04:15
chants chants is offline
VIP
 
Join Date: Jul 2016
Posts: 643
Rept. Given: 21
Rept. Rcvd 43 Times in 26 Posts
Thanks Given: 592
Thanks Rcvd at 971 Times in 440 Posts
chants Reputation: 43
In fact ebp/rbp is used by the x86 architecture as the base pointer for the stack specifically in instructions enter and leave.

If the frame is managed only via esp/rsp with push, pop, call, ret and add/sub, then the ebp could actually be used on effect as an ordinary register. It also may have some nuances in how it appears in the addressing modes.

In general, addressing modes combined with opcode specific register uses can help infer optimal register allocation for a given task.
Reply With Quote
The Following 2 Users Say Thank You to chants For This Useful Post:
sh3dow (10-11-2022), Zeocrack (10-10-2022)
Reply

Tags
keygening

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On



All times are GMT +8. The time now is 12:13.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2022 )