Thank you so much ... if i can hit more than one thanks for this i wouldQuote:
Olly isn't that hard to use. Here's a tutorial I found in google that may help you: [Only registered and activated users can see links. Click Here To Register...]
Sure, if you know the encryption method, you can probably reverse it and make a decryption method. However, for beginners, it's easier to bypass/remove the encryption in most cases.
ill try to understand the whole thing but somthing i dont udnerstand ... There Are Password Keys what r they used for ? and There R smthing like Rotate Left with value and rotate right with value So what r those ?Quote:
Follow all methods that the password is passed to. Look for JMPs related to it, etc.
No problem, good luck learning to use Olly, you won't regret it.Quote:
Thank you so much ... if i can hit more than one thanks for this i would
now i will download the OllyDBG . and play with it :D . have a Great day
The keys are used in the encryption to make sure that it's encrypted so that only the client and server understand it, and can decrypt it. Rotate left/right are part of the encryption method, and are used to shift data around according to the encryption algorithm.Quote:
ill try to understand the whole thing but somthing i dont udnerstand ... There Are Password Keys what r they used for ? and There R smthing like Rotate Left with value and rotate right with value So what r those ?
[Only registered and activated users can see links. Click Here To Register...]Quote:
Thanks for this ... now im very sure that i will never ever learn how to use it , since i will never find somone or some site to teach machine code . and so OllyBDG is useless for smone like me . :(
So, tell me, wouldn't that all be solved by simply modifying the function that encrypted it in the first place? I don't know about newer clients, but when I removed the pw encryption from my 4XXX all I did was break once the login button was clicked, and step through until I found the "password", followed into the function it was passed to, and changed the first line after the check to return it instead of encrypting it first. Even if they have made it somehow harder in the later patches, you're trying to tell me that it's impossible to stop the plaintext version from being encrypted? It can't be that damn hard. And it worse comes to worse, change the name of Conquer.exe and make a loaded named Conquer.exe to intercept it third-party. Life isn't so complicated that you have to make a big deal out of it.Quote:
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
And most of you will be able to find where the password is stored in the exe, and once a smart ass finds it he'll be surprised that its already encrypted and that its useless unless he has the balls locate where the password is being encrypted, and the balls to reverse the encrypting process, and when you finally figure all this shit out you will notes that every time you enter a new digit into the password field the *Already encrypted password* will be re encrypted again and the digit that you just entered is no longer available because its been replaced with a Star* and Zeroxelli answers are no where near any of this stuff.
However... the best way to do it is by capturing and recording each digit that's being entered in the password field ignoring the whole password encryption and when the client login you encrypt that password the way you want and send it to the server.
So yeah man up and have some balls.. and maybe you will get somewhere on your own because that's what i did after i asked 3 members on this forum who claims to know everything about it and most of them gave me a bunch of bullshit answers that proves they are full of shit and they know nothing about it...
Its The Latest Patch of Conquer :D ...He is Too Good At Using Olly i Seen that by myselfQuote:
So, tell me, wouldn't that all be solved by simply modifying the function that encrypted it in the first place? I don't know about newer clients, but when I removed the pw encryption from my 4XXX all I did was break once the login button was clicked, and step through until I found the "password", followed into the function it was passed to, and changed the first line after the check to return it instead of encrypting it first. Even if they have made it somehow harder in the later patches, you're trying to tell me that it's impossible to stop the plaintext version from being encrypted? It can't be that damn hard. And it worse comes to worse, change the name of Conquer.exe and make a loaded named Conquer.exe to intercept it third-party. Life isn't so complicated that you have to make a big deal out of it.
Anyway, the links you posted were helpful and hopefully will shine some insight on the people trying to learn Olly.
Edit: @ahmed104 What client is that? It's odd that the plaintext password would be a constant in the machine code. Are you sure that you didn't change the value of any of the strings for that screenshot?
Around 11MB/Second at the moment. Anywho, patched up to the most recent client, but I don't see any static constant containing the plain-text password.Quote:
whats your download rate ?
I Envy You dude ... 11 MB / Sec means WHole client 600 MB would be Downloaded in 0.9 Min RoflQuote:
Around 11MB/Second at the moment. Anywho, patched up to the most recent client, but I don't see any static constant containing the plain-text password.
Ah well, I'll check back tomorrow guys. Wife is going to murder me if I keep the lights on any later, good night.
"a7a da law 3ndna fe masr kano 2atlook"Quote:
Around 11MB/Second at the moment. Anywho, patched up to the most recent client, but I don't see any static constant containing the plain-text password.
Ah well, I'll check back tomorrow guys. Wife is going to murder me if I keep the lights on any later, good night.
I believe that nothing is irreversible/impossible we just have to know how.Quote:
So, tell me, wouldn't that all be solved by simply modifying the function that encrypted it in the first place? I don't know about newer clients, but when I removed the pw encryption from my 4XXX all I did was break once the login button was clicked, and step through until I found the "password", followed into the function it was passed to, and changed the first line after the check to return it instead of encrypting it first. Even if they have made it somehow harder in the later patches, you're trying to tell me that it's impossible to stop the plaintext version from being encrypted? It can't be that damn hard. And it worse comes to worse, change the name of Conquer.exe and make a loaded named Conquer.exe to intercept it third-party. Life isn't so complicated that you have to make a big deal out of it.
Anyway, the links you posted were helpful and hopefully will shine some insight on the people trying to learn Olly.
Edit: @ahmed104 What client is that? It's odd that the plaintext password would be a constant in the machine code. Are you sure that you didn't change the value of any of the strings for that screenshot?