.png "cracking software with ollydbg")
Cracking software with ollydbg how to#
This resulted in the executable stepping into the "The serial is correct!" case, because the value of AL was AND'd to zero, resulted in the crackme being cracked. Ollydbg, how to crack software using ollydbg, ollydbg crack software, ollydbg reverse engineering. I wrote in a patch through Immunity Debugger to change that instruction to "JNZ" which told the CPU jump if AL is not zero.
Originally, this instruction was "JE test.004015FF" (jump if AL equals itself). The instruction directly below this was revealed to be a logic operation that decides which address to jump to depending on if the previous input matched the correct serial or not. EAX is a common register for strings to be stored in, so I presumed this would be my best chance to test input and step-through the process as it executes. I found "TEST AL, AL" at 004015D4 to be the best candidate for my environment, and since it is performing an AND operand on the lowest 8 bits of the EAX register (i.e. First and foremost, I needed to find which instruction the executable uses to read input and test against some value that I presume not to know. I tried my best to include everything within one screenshot so as not to drag my post on. Keep in mind, there are hundreds, if not thousands, of different ways one could go about doing it - especially on one so easy
Cracking software with ollydbg cracked#
This next picture is how I cracked your crack me. This first picture will show where you can find the CORRECT_SERIAL value by navigating into the executable's address space, and searching for all referenced strings in Immunity Debugger. various libraries that get loaded into memory). how to crack software and make (keygen, Patch, Loader) Broke software protections learn About Cracking tools Learn more about various reversing tools.
things you don't necessarily want to look at (i.e. The more you use debuggers, the more you will get used to what address ranges belong to an executable you're debugging vs. I'm inclined to believe you're probably searching for the CORRECT_SERIAL value in the wrong address space.
0 kommentar(er)
