SV trace assembly code

Quote:

Originally posted by retlic@Jan 5 2007, 23:12 Quote: /* there amount 10-20 jump condition at here try by pass only JNE . . 10002AC0 CALL dword ptr[100303a0] . . /* there amount 10-20 jump condition at here try by pass only JNE . . 10003110 RET <- finished sub routine and return to address 40368A This is where i got lost. Could you tell me what u meant by the red text plz?

Oh,

The best way if u see from bird eye view. Try print code and look around code. I think not more than 1000 line u need to see.

:)

Quote:

Originally posted by anantasia+Jan 5 2007, 23:25--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (anantasia @ Jan 5 2007, 23:25)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--retlic@Jan 5 2007, 23:12 Quote: /* there amount 10-20 jump condition at here try by pass only JNE . . 10002AC0 CALL dword ptr[100303a0] . . /* there amount 10-20 jump condition at here try by pass only JNE . . 10003110 RET <- finished sub routine and return to address 40368A This is where i got lost. Could you tell me what u meant by the red text plz?

Oh,

The best way if u see from bird eye view. Try print code and look around code. I think not more than 1000 line u need to see.

:) [/b][/quote]
Lol does that mean I have to think? Damn one think I cant do :D

Maybe im too stupid. How you do the bypass thing?

/** set trap on first jump here and by pass
00403596 je 40378c <- by pass this point to 40359C
0040359C move ecx,[ebp-2c]
.
.
/** set trap and here and by pass
004035CB jne 40378c <- by pass this point to 4035DD
004035D1 cmp [004356e0],edi
004035D7 jne 40378c
004035DD push 00

do i have those to make jmp, after i did break point

Ok i cracked it. Logging ait and it came up with the following

Quote:

Sorry, the Scriptvessel Client is updated! Pls use the new one. Last login time:2007-1-6 7:08:02

DID I DO ALL THIS WORK FOR NOTHING?!?!

Quote:

Ok i cracked it. Logging ait and it came up with the following QUOTE Sorry, the Scriptvessel Client is updated! Pls use the new one. Last login time:2007-1-6 7:08:02 DID I DO ALL THIS WORK FOR NOTHING?!?!

NONONONONO u didnt... just send me that folder and i will fix it .. dont delet it i will do my best.
u passed wat had blocked me ..i can help u to pass wat had blocked u
dude send it to [Only registered and activated users can see links. Click Here To Register...]

awesome work here :eek: ... so those who can learn can have their on bot.. nice

btw did anyone cracked it yet? altho im starting to get it, its still paining my butt.. :D

Nice job anantasia!!

:cry:

dun know what i did wrong but its really wrong something there lol .

** set trap on first jump here and by pass
00403596 je 40378c <- by pass this point to 40359C
0040359C move ecx,[ebp-2c] Ok here just Toggle Breakpoint and change je=jmp
.
.
/** set trap and here and by pass
004035CB jne 40378c <- by pass this point to 4035DD
004035D1 cmp [004356e0],edi
004035D7 jne 40378c
004035DD push 00 same here jne=jmp
.
.
/** call dll
00403685 CALL 00403CF6 <- this command to call routine at address 00403CF6 and when hit command RET. It's will return to next address 40368A
0040368A mov eax,[esi+1c]
.
.
00403CF6 JMP DWORD PTR[00429508] <- this command jump to long address. Almost use pointer to point long address to go. So PTR[00429508] = 10002860
.
.
10002860 SUB ESP, 000000C8 <- here is starting of countrymakeinus.dll
.
.
1000288B CALL 1001E804 <- this call check that it's right user/pass or not?
.
10002895 JNE 101zo1z21v01o12012z1vo101zo1z21v0+5d <- If wrong it's will jump to exit.. So this point we should by pass and go next command
10002897 CMP [esp+000000d4],fffd7fd0
100028A2 JNE 101zo1z21v01o12012z1vo101zo1z21v0+5d <- the another one , so just by pass to next command
100028A4 MOV eax,[esp+000000d8]
.
.
/* there amount 10-20 jump condition at here try by pass only JNE
.
.
10002AC0 CALL dword ptr[100303a0]
.
.
/* there amount 10-20 jump condition at here try by pass only JNE
.
.
10003110 RET <- finished sub routine and return to address 40368A

After this poin u can start bot by press Funtion key 11 on CO2

How we save this after, Iam gonna sleep :P
If u think iam wasting my time send me SV:P

ok ... i`m confused now

Quote:

Originally posted by Xibungo@Jan 5 2007, 00:00 ok i search this line, can i pm u plz anantasia? i will only pm u if u say to me, im waiting :) so, answer me here, when u say "set trap " what we have to do? and by pass is to replace adress? for example : /** set trap and here and by pass 004035CB jne 40378c <- by pass this point to 4035DD 004035D1 cmp [004356e0],edi 004035D7 jne 40378c 004035DD push 00 ( change 40378c to 4035dd ) ?

same here [img]text2schild.php?smilienummer=1&text=help ! I R BABOON' border='0' alt='help ! I R BABOON' />

Quote:

Originally posted by Domates@Jan 5 2007, 23:48 /** set trap on first jump here and by pass 00403596 je 40378c <- by pass this point to 40359C 0040359C move ecx,[ebp-2c] . . /** set trap and here and by pass 004035CB jne 40378c <- by pass this point to 4035DD 004035D1 cmp [004356e0],edi 004035D7 jne 40378c 004035DD push 00 do i have those to make jmp, after i did break point

Sorry for long respond, I just suggest my friend to do it by chat message. Now he can do crack on his self.

For your question u must change EIP to next command not change it to jump instruction

Quote:

Originally posted by anantasia+Jan 6 2007, 02:00--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (anantasia @ Jan 6 2007, 02:00)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--Domates@Jan 5 2007, 23:48 /** set trap on first jump here and by pass 00403596 je 40378c <- by pass this point to 40359C 0040359C move ecx,[ebp-2c] . . /** set trap and here and by pass 004035CB jne 40378c <- by pass this point to 4035DD 004035D1 cmp [004356e0],edi 004035D7 jne 40378c 004035DD push 00 do i have those to make jmp, after i did break point

Sorry for long respond, I just suggest my friend to do it by chat message. Now he can do crack on his self.

For your question u must change EIP to next command not change it to jump instruction [/b][/quote]
k help me pls :cry: i understood the trap thing but i can`t understand what is bypass .. what to do ? i se trap on on 00403596 what to do next ?