Andy's Thread Saturday, 20-Feb-99 06:09:10 I am a newbie so I am using Softice&W32Dsm. This is what I have found out so far: After displaying "Caveman crackme...",the program opens CAVEMAN.DAT and stores the handle at the memory location [656].If the file doesn't exist it jumps to the code displaying "Unregistered" It reads and stores at [658] a integer volue (2 bytes).This seems to be the length of the user's name. The program reads in [667] the next x bytes (x==the number stored at [658]).Because this is dispalyed using int 21h,I think it's a good idea that the name ends with '$'. A word is being read and stored at [65A].It is used for chaecking the validity of the keyfile. 0163 mov cx, [0658] 0167 xor ax, ax 0169 mov si, 0667 016C lodsb 016D add ah, al 016F rol ax, 01 0171 rol ax, 01 0173 rol ax, 01 0175 loop 016C This loop generates a word value that is compared with the one at memory location [65A].If the numbers are not the same,then it jumps to the code displaying "Unregistered". Next,the program computes another value in si,stored at [65C] Then,it reads from [1B1] one byte at a time,until it reads 00.The low nibble form al is used as a counter (moved in cx),and the high one is moved into the low one and used for a XLAT instruction with the bytes "T.abcdfw".the resulting byte is written at mem. location [100],cl times. The bytes at [1B1] are: 0b180213421302180312031202112333110218021202140212015162120b00 The values obtained at [100] are used for another validity check.Don't know how,yet. Andy alitvin@codec.ro |
Andy's Thread (alitvin@codec.ro) (20-Feb-99 06:09:10) |