sulea Posted June 6, 2011 Report Posted June 6, 2011 un nou challenge:se da urmatorul program:Download GameWiz32 1.43 - GameWiz32 is a generic cheat tool for games running under Windows 95/98/ME/2000/XP - Softpediacerinte: sa se crackuiasca! puteti folosi orice metode doriti, patchuri pe executabil etcdeci este permis oriceastept pm cu rezolvarile, ca de obicei acestea vor fi facute publice mai tarziupremii: cei ce vor trece de challenge vor primi un log cu conturi random Quote
giv Posted April 4, 2014 Report Posted April 4, 2014 (edited) Sal.Scuze ca "readuc la viata" acest topic dar acum l-am vazut si am observat ca nu a raspuns nimeni la el.Nu vreau premiu deci nu trimit in PM.Procedura de verificare a fisierului de licenta este la:00410C1B >/$ 55 PUSH EBP ; __openfile0040C529 >/$ 55 PUSH EBP ; _freadAceasta incepe la:0040A780 > . 6A FF PUSH -0x1 ; sub_40A7800040A782 . 68 08284200 PUSH <gw32.__ehhandler$?ExecCommand@?$CH>; SE handler installation0040A787 . 64:A1 0000000>MOV EAX,DWORD PTR FS:[0]0040A78D . 50 PUSH EAX0040A78E . 64:8925 00000>MOV DWORD PTR FS:[0],ESP0040A795 . 83EC 10 SUB ESP,0x100040A798 . 55 PUSH EBP0040A799 . 56 PUSH ESI0040A79A . 57 PUSH EDI0040A79B . 8BF1 MOV ESI,ECX0040A79D . E8 AD310100 CALL <gw32.CDialog:InInitDialog(void)>0040A7A2 . 68 E4B14200 PUSH OFFSET <gw32.Mode> ; ASCII "rb"0040A7A7 . 68 20B64200 PUSH OFFSET <gw32.aGw32_reg> ; ASCII "gw32.reg"0040A7AC . E8 911E0000 CALL <gw32._fopen>Daca e bine ajungi la:0040A7F4 . /0F84 B3000000 JE <gw32.loc_40A8AD>0040A7FA . |57 PUSH EDI0040A7FB . |E8 7D1C0000 CALL <gw32._fclose>0040A800 . |8B0D 30BB4200 MOV ECX,DWORD PTR DS:[<off_42BB30>] ; <gw32.unk_42BB44>0040A806 . |83C4 04 ADD ESP,0x40040A809 . |894C24 14 MOV DWORD PTR SS:[ESP+0x14],ECX0040A80D . |8B56 5C MOV EDX,DWORD PTR DS:[ESI+0x5C]0040A810 . |8B2D C0334200 MOV EBP,DWORD PTR DS:[<&USER32.LoadStrin>; USER32.LoadStringA0040A816 . |8D7E 60 LEA EDI,DWORD PTR DS:[ESI+0x60]0040A819 . |6A 64 PUSH 0x64 ; /Count = 64 (100.)0040A81B . |57 PUSH EDI ; |Buffer0040A81C . |68 F4000000 PUSH 0xF4 ; |RsrcID = STRING "Registered to:"0040A821 . |52 PUSH EDX ; |hInst0040A822 . |C74424 34 000>MOV DWORD PTR SS:[ESP+0x34],0x0 ; |0040A82A . |FFD5 CALL EBP ; \LoadStringADaca nu:0040A8AD > > \8B4E 5C MOV ECX,DWORD PTR DS:[ESI+0x5C] ; loc_40A8AD0040A8B0 . 8B2D C0334200 MOV EBP,DWORD PTR DS:[<&USER32.LoadStrin>; USER32.LoadStringA0040A8B6 . 8D7E 60 LEA EDI,DWORD PTR DS:[ESI+0x60]0040A8B9 . 6A 64 PUSH 0x64 ; /Count = 64 (100.)0040A8BB . 57 PUSH EDI ; |Buffer0040A8BC . 68 2E010000 PUSH 0x12E ; |RsrcID = STRING "UNREGISTERED SHAREWARE VERSIONPLEASE REGISTER!"0040A8C1 . 51 PUSH ECX ; |hInst0040A8C2 . FFD5 CALL EBP ; \LoadStringAAcest lucru verifica existenta fisierului de licenta:0040A7EC . 8B86 48040000 MOV EAX,DWORD PTR DS:[ESI+0x448]0040AA31 . /76 76 JBE SHORT <gw32.loc_40AAA9>0040AA33 . |8A4D F3 MOV CL,BYTE PTR SS:[EBP-0xD]0040AA36 . |B8 01000000 MOV EAX,0x10040AA3B . |2BC3 SUB EAX,EBX0040AA3D . |8BF3 MOV ESI,EBX0040AA3F . |8945 D8 MOV DWORD PTR SS:[EBP-0x28],EAX0040AA42 > > |8A06 MOV AL,BYTE PTR DS:[ESI] ; loc_40AA420040AA44 . |0FBED0 MOVSX EDX,AL0040AA47 . |0FBED9 MOVSX EBX,CL0040AA4A . |33D3 XOR EDX,EBX0040AA4C . |83C2 1E ADD EDX,0x1E0040AA4F . |83FA 2B CMP EDX,0x2B0040AA52 . |75 0F JNZ SHORT <gw32.loc_40AA63>0040AA54 . |68 2CB64200 PUSH OFFSET <gw32.asc_42B62C>0040AA59 . |8D4D EC LEA ECX,DWORD PTR SS:[EBP-0x14]0040AA5C . |E8 571F0100 CALL <gw32.sub_41C9B8>0040AA61 . |EB 0D JMP SHORT <gw32.loc_40AA70>0040AA63 > > |32C1 XOR AL,CL ; Xor caracter citit cu al0040AA65 . |8D4D EC LEA ECX,DWORD PTR SS:[EBP-0x14]0040AA68 . |04 1E ADD AL,0x1E ; Adauga hex caracter citit 1E0040AA6A . |50 PUSH EAX ; Pune EAX in stiva0040AA6B . |E8 6F1F0100 CALL <gw32.Introducere caracter in string licenta>0040AA70 > > |8A4D F3 MOV CL,BYTE PTR SS:[EBP-0xD] ; Muta in Cl al doilea caracter din serial0040AA73 . |0FBE06 MOVSX EAX,BYTE PTR DS:[ESI] ; Muta spatiu gol in EAX0040AA76 . |0FBED1 MOVSX EDX,CL ; Muta caracterul citit anterior in EDX0040AA79 . |33C2 XOR EAX,EDX ; XOR EAX, EDX0040AA7B . |8B55 D8 MOV EDX,DWORD PTR SS:[EBP-0x28]0040AA7E . |83C0 1E ADD EAX,0x1E ; Adauga la EAX 1E = 300040AA81 . |03D6 ADD EDX,ESI ; Adauga la EDX serialul = 1 caracter0040AA83 . |0FAFC2 IMUL EAX,EDX ; Inmulteste EAX cu EDX0040AA86 . |8B55 E0 MOV EDX,DWORD PTR SS:[EBP-0x20]0040AA89 . |03D0 ADD EDX,EAX ; Adauga EAX la EDX0040AA8B . |8B45 DC MOV EAX,DWORD PTR SS:[EBP-0x24]0040AA8E . |8955 E0 MOV DWORD PTR SS:[EBP-0x20],EDX0040AA91 . |8B55 E8 MOV EDX,DWORD PTR SS:[EBP-0x18]0040AA94 . |40 INC EAX ; Muta EA la urmatoarea pozitie0040AA95 . |81E2 FF000000 AND EDX,0xFF ; AND EDX cu FF0040AA9B . |46 INC ESI ; Incrementeaza ESI0040AA9C . |3BC2 CMP EAX,EDX ; Compara EAX cu EDX0040AA9E . |8945 DC MOV DWORD PTR SS:[EBP-0x24],EAXAre apoi mai multe verificari pe fisierul de licenta in asa fel incat daca nu exista sau e ceva in neregula cu el aplicatia se va busi.Per ansamblu nu este greu de "spart" acest program insa necesita rabdare.Sau pur si simplu se poate sari peste verificarea fisierului de licenta:0041D24C /74 0C JE SHORT <gw32.loc_41D25A> ; Verificare licentaJE in JMP Edited April 4, 2014 by giv Quote
