Re: Project6 - Task3 Saturday, 06-Feb-99 21:57:27
Project 6 Task:3 File:Memory 95 Date:7/2/99 Task 3.... My thoughts ??*!#$*% !!!!!! **** ??????#$%^&&..........deep breath one step at a time.... I prefer to use W32dasm for this bit perhaps cause SoftIce is still a little to daunting for me. So with my breakpoint and local function details enabled. 0040B73A call 0040ccc0 The call would seem to be some kind of string compare. Passing my ser# and the Realser# on the stack to the local function and returning the result in AX On return ECX contains the Dword in my ser# at which comparison failed.EDX contains the equivalant Dword in the Realser#. Both contain nothing if the comparison was successful. AX contains contains '00000000' if the comparison was successful.'FFFFFFFF' if unsuccessful. 0040B73F add esp,00000008 Please could someone explain BTW to me in Sandmans Q1.b The purpose of this is a little vague to me at this momment. The instruction obviously moves the stack pointer up two Dwords posistioning it just below the two ser#'s at the value 00000111. Prehaps this will become clearer when I look more closely at the function. (Q3) 0040B742 test eax,eax This tests the value in EAX for a value. If not found '00000000' then the zero flag is set to '1'. Otherwise the zero flag is '0' 0040B73A jne 0040B9BC A jne instruction check the zero flag and jumps if it's value is '0'. So in this case it is checking the results of the comparison function. This jump takes us to the 'Sorry registration codes do not match.............' string Question 2: :0040CCC0>>>> :0040CCCC << * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0040CCF0(C) <<< a loop | :0040CCD6 mov al, byte ptr [ecx] << Please Help:: As I mentioned at the start of this project I am just now learning assembler. Could someone please tell me: Are lines 0040ccdc >0040cce6 not redundant code, would it not be better to omit these lines and just add 00000001 to ECX & EDX in 40cce8 & EB????? * Referenced by a (U)nconditional or (C)onditional Jump at Address: |:0040CCDE(C) << :0040CCF2 xor eax, eax << :0040CCF5 pop ebx <<????????? :0040CCF6add esp, 00000004 << * Referenced by a (U)nconditional or (C)onditional Jump at Addresses: |:0040CCDA(C), :0040CCE6(C) << :0040CCFA sbb eax, eax << :0040CCFD sbb eax, FFFFFFFF << :0040CD01 add esp, 00000004 << Please Help: I know what this function is doing in principal, ie moving -1 into EAX but I do not really understand the relevance of the individual instructions. I have included my best guess, but if any one has the time to explain to me I would be grateful. (especially the relevance of ESI and EBX) Question 3: Phew panic!!! I'll take a stab at it Still using W32dasm I set bkpts on all GetWindowTextA occurrances. Run till API returns 'Pirate copy' Step. 0041c0ee push ESI No! I don't even know where to start here, take a break try again later. ShADe |
ShADe: Project6 - Task1 (04-Feb-99 02:13:20) |
|
Copyright © InsideTheWeb, Inc. 1997-1999
All rights reserved.