Follow all methods that the password is passed to. Look for JMPs related to it, etc.Quote:
Well lets Assume that i Found where the Password Located ... What should i do then to Reach Password Encryption ?
[Request] How to patch conquer.exe to bybass Password encryption ?
06/23/2012 00:06
Zeroxelli#16
06/23/2012 00:06
romeoromeo#17
Thank you so much ... if i can hit more than one thanks for this i wouldQuote:
Sure, if you know the encryption method, you can probably reverse it and make a decryption method. However, for beginners, it's easier to bypass/remove the encryption in most cases.
now i will download the OllyDBG . and play with it :D . have a Great day
06/23/2012 00:16
shadowman123#18
ill try to understand the whole thing but somthing i dont udnerstand ... There Are Password Keys what r they used for ? and There R smthing like Rotate Left with value and rotate right with value So what r those ?Quote:
06/23/2012 00:20
Zeroxelli#19
No problem, good luck learning to use Olly, you won't regret it.Quote:
now i will download the OllyDBG . and play with it :D . have a Great day
The keys are used in the encryption to make sure that it's encrypted so that only the client and server understand it, and can decrypt it. Rotate left/right are part of the encryption method, and are used to shift data around according to the encryption algorithm.Quote:
06/23/2012 02:43
{ Angelius }#20
[Only registered and activated users can see links. Click Here To Register...]Quote:
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
And most of you will be able to find where the password is stored in the exe, and once a smart ass finds it he'll be surprised that its already encrypted and that its useless unless he has the balls locate where the password is being encrypted, and the balls to reverse the encrypting process, and when you finally figure all this shit out you will notes that every time you enter a new digit into the password field the *Already encrypted password* will be re encrypted again and the digit that you just entered is no longer available because its been replaced with a Star* and Zeroxelli answers are no where near any of this stuff.
However... the best way to do it is by capturing and recording each digit that's being entered in the password field ignoring the whole password encryption and when the client login you encrypt that password the way you want and send it to the server.
So yeah man up and have some balls.. and maybe you will get somewhere on your own because that's what i did after i asked 3 members on this forum who claims to know everything about it and most of them gave me a bunch of bullshit answers that proves they are full of shit and they know nothing about it...
06/23/2012 03:21
ahmed104#21
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
06/23/2012 06:46
Zeroxelli#22
So, tell me, wouldn't that all be solved by simply modifying the function that encrypted it in the first place? I don't know about newer clients, but when I removed the pw encryption from my 4XXX all I did was break once the login button was clicked, and step through until I found the "password", followed into the function it was passed to, and changed the first line after the check to return it instead of encrypting it first. Even if they have made it somehow harder in the later patches, you're trying to tell me that it's impossible to stop the plaintext version from being encrypted? It can't be that damn hard. And it worse comes to worse, change the name of Conquer.exe and make a loaded named Conquer.exe to intercept it third-party. Life isn't so complicated that you have to make a big deal out of it.Quote:
[Only registered and activated users can see links. Click Here To Register...]
[Only registered and activated users can see links. Click Here To Register...]
And most of you will be able to find where the password is stored in the exe, and once a smart ass finds it he'll be surprised that its already encrypted and that its useless unless he has the balls locate where the password is being encrypted, and the balls to reverse the encrypting process, and when you finally figure all this shit out you will notes that every time you enter a new digit into the password field the *Already encrypted password* will be re encrypted again and the digit that you just entered is no longer available because its been replaced with a Star* and Zeroxelli answers are no where near any of this stuff.
However... the best way to do it is by capturing and recording each digit that's being entered in the password field ignoring the whole password encryption and when the client login you encrypt that password the way you want and send it to the server.
So yeah man up and have some balls.. and maybe you will get somewhere on your own because that's what i did after i asked 3 members on this forum who claims to know everything about it and most of them gave me a bunch of bullshit answers that proves they are full of shit and they know nothing about it...
Anyway, the links you posted were helpful and hopefully will shine some insight on the people trying to learn Olly.
Edit: @ahmed104 What client is that? It's odd that the plaintext password would be a constant in the machine code. Are you sure that you didn't change the value of any of the strings for that screenshot?
06/23/2012 06:51
shadowman123#23
Its The Latest Patch of Conquer :D ...He is Too Good At Using Olly i Seen that by myselfQuote:
Anyway, the links you posted were helpful and hopefully will shine some insight on the people trying to learn Olly.
Edit: @ahmed104 What client is that? It's odd that the plaintext password would be a constant in the machine code. Are you sure that you didn't change the value of any of the strings for that screenshot?
06/23/2012 06:57
Zeroxelli#24
Eh.. I'll install the latest patch and check that address after//during login, but I doubt it'd be plain-text..Quote:
Edit: Jeez TQ, 197MB of patches.
06/23/2012 07:03
shadowman123#25
whats your download rate ?Quote:
Edit: Jeez TQ, 197MB of patches.
06/23/2012 07:09
Zeroxelli#26
Around 11MB/Second at the moment. Anywho, patched up to the most recent client, but I don't see any static constant containing the plain-text password.Quote:
Ah well, I'll check back tomorrow guys. Wife is going to murder me if I keep the lights on any later, good night.
06/23/2012 07:13
shadowman123#27
I Envy You dude ... 11 MB / Sec means WHole client 600 MB would be Downloaded in 0.9 Min RoflQuote:
Ah well, I'll check back tomorrow guys. Wife is going to murder me if I keep the lights on any later, good night.
Anyways Good luck
06/23/2012 07:22
dego4ever#28
"a7a da law 3ndna fe masr kano 2atlook"Quote:
Ah well, I'll check back tomorrow guys. Wife is going to murder me if I keep the lights on any later, good night.
11mb/s OMG
06/23/2012 07:52
shadowman123#29
ahahahhahahah Laughing Till Death :DQuote:
11mb/s OMG
"balash ne2olo 3ala eli 3ndena lytsedem :D"
06/23/2012 15:18
{ Angelius }#30
I believe that nothing is irreversible/impossible we just have to know how.Quote:
Anyway, the links you posted were helpful and hopefully will shine some insight on the people trying to learn Olly.
Edit: @ahmed104 What client is that? It's odd that the plaintext password would be a constant in the machine code. Are you sure that you didn't change the value of any of the strings for that screenshot?
And yes the password is never stored as a plain text in the exe at least not in the current patch client's and the screen shoots you saw are not for the last patch.. i can tell by looking at the addresses in the cpu window.