Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 09-23-2003, 04:52
ysco
 
Posts: n/a
Need some help on this 1

Hello guys i realy need some help on this 1.

I have a proggie and i want to find the serial with Ice 3.0 .

The proggie is Trojan Guarder Gold Version you can download it here:

_http://www.users.ms11.net/~yoursoft/Trojan_Guarder_Gld.exe

It ask for a name and serial

30 days trial version.

Not that i want this proggie just for learning

This is how i done it:

First checked the protection on the proggie with Stud_PE the protection whas PECompact.
Unpacked the proggie with pe-scan (Unpacked succesfull)
Now i have loaded the proggie with the symbol loader from Ice, i have set a breakpiont bpx getwindowtexta hit control D 3 times till the registerwindows popup, filled in a username: ysco and a pass : 123321 now hit the register button Ice breaks now on getwindowtexta 001B: 77D48000 now i hit 1 time F12 2 times F10 now i am here 73DD36D3 Call 73DD2476 now i go into that call with the F8 button now iam here 73DD2476 push ESI now i hit the F10 button 3 times now i ended here 73DD247E mov EAX [ESP+08] this is the right entry so now i type s 0 l FFFFFFFF '123321' hit enter now it says Patern found at 0014FF48 now i see the serial that i had entered in the register screen in the top right corner and if i scroll a few lines to the top then i see also the username that i have entered so i think that i am at the right entry i have scroll down for looking the original serial but i didn`t found it ( Mabye i am Blind ) ,there where a lot off numbers but all mixed up the only 1 that i thought whas good whas this one 157212840 but no luck with this 1. Now my question, is this the right entry if so then how is the best way to search for that serial is there a trick because if you must scroll down with your mouse all the way down then it take`s a very lot time to search i have done that but still not found the right serial is there a line that you can type too search faster.
And can it be that the serial is all the way down or is it always nearby the serial that i typed in the registerscreen ????
Any help with this is very appriciated.


Thanks in advance.

ysco.

Last edited by ysco; 09-23-2003 at 04:56.
Reply With Quote
  #2  
Old 09-25-2003, 01:47
ysco
 
Posts: n/a
Is this one difficult or is it too much for giving a little help
68 views but not 1 reply ??????

ysco.
Reply With Quote
  #3  
Old 09-25-2003, 11:22
mtw mtw is offline
Friend
 
Join Date: Feb 2003
Posts: 73
Rept. Given: 0
Rept. Rcvd 2 Times in 1 Post
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
mtw Reputation: 2
Well you need todo more than that to get a serial.
The serial you out in must be 18 chars and it
uses name and serial to get a value so your method
wont work, trace back until you see your serial
and username in .. hmm cant remember eax maybe
from there its alot of code so just do as everyone
else must do, trace the code.

You would be better off usin Olly todo this.
And dissasemble the unpacked code to be able to
follow it while debugging, you find those bugs in no time.
Reply With Quote
  #4  
Old 09-26-2003, 01:53
ysco
 
Posts: n/a
Thanks for the reply mtw i will try that

ysco.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 20:35.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )