|
October 1998 |
"Directory Printer 2.0" ( Another memory echo crack ) |
Win '95/'98 PROGRAM Win Code Reversing |
|
|
by Punisher |
|
|
|
Cracking 4 Newbies |
|
|
Program Details Program Name: Dirprn20.zip Program Type: Directory Printer Program Location: Softseek Program Size: 387kb |
||
|
Tools Used: Soft-Ice --- Debugger |
||
|
Rating |
Easy ( X ) Medium ( ) Hard ( ) Pro ( ) |
There is a crack, a crack in everything. That's how the light gets in. |
Directory Printer 2.0
( Using the memory echo crack )
Written by Punisher
|
Introduction |
The author(s) of this utility can be found at: E-mail at compuserve
The author says:
"Directory Printer enables you to print directory listings or
save them to a file from Windows 95/98 or NT, a capability which is
not provided by Windows itself."
|
About this protection system |
Registration is via selecting the 'Help Register' menu.. Here you will be asked to enter:-
Registration Code No :
The registration is hardcoded into the program.
|
The Essay |
After installing Directory Printer 2.0 I had a look around the target. I
decided to use softice for the initial attack. I selected the help
register menu and was presented witha dialogbox that said
Registration code:
I typed in my faked reg code:
434343
Then went into softice using ctrl-d and set breakpoints on
GetDlgItemTextA, GetDlgItemText, GetWindowTextA and GetWindowText.
None of these worked when I presed the OK button in the Register
Dialog Box. So I then set a breakpoint on hmemcpy.
BPX hmemcpy
I then left softice using crtl-d
and press the OK button.
Softice broke on hmemcpy. I decided to do a search for my fake
regcode (434343)
s 0 lffffffff '434343'
and there in memory was
the real reg code.
You should buy this program if you intend to use it longer than the
evaluation period.