SV trace assembly code

[anantasia]

Quote:

Originally posted by retlic@Jan 5 2007, 23:12

Quote:

This is where i got lost. Could you tell me what u meant by the red text plz?

Oh,

The best way if u see from bird eye view. Try print code and look around code. I think not more than 1000 line u need to see.

[retlic]

Quote:

Originally posted by anantasia+Jan 5 2007, 23:25--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (anantasia @ Jan 5 2007, 23:25)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--retlic@Jan 5 2007, 23:12

Quote:

This is where i got lost. Could you tell me what u meant by the red text plz?

Oh,

The best way if u see from bird eye view. Try print code and look around code. I think not more than 1000 line u need to see.

[/b][/quote]
Lol does that mean I have to think? **** one think I cant do

[juhaszattila]

Maybe im too stupid. How you do the bypass thing?

[Domates]

/** set trap on first jump here and by pass
00403596 je 40378c <- by pass this point to 40359C
0040359C move ecx,[ebp-2c]
.
.
/** set trap and here and by pass
004035CB jne 40378c <- by pass this point to 4035DD
004035D1 cmp [004356e0],edi
004035D7 jne 40378c
004035DD push 00

do i have those to make jmp, after i did break point

[retlic]

Ok i cracked it. Logging ait and it came up with the following

Quote:

Sorry, the Scriptvessel Client is updated! Pls use the new one.
Last login time:2007-1-6 7:08:02

DID I DO ALL THIS WORK FOR NOTHING?!?!

[ahmedamin889]

Quote:

Ok i cracked it. Logging ait and it came up with the following

QUOTE
Sorry, the Scriptvessel Client is updated! Pls use the new one.
Last login time:2007-1-6 7:08:02


DID I DO ALL THIS WORK FOR NOTHING?!?!

NONONONONO u didnt... just send me that folder and i will fix it .. dont delet it i will do my best.
u passed wat had blocked me ..i can help u to pass wat had blocked u
dude send it to

[miko21]

awesome work here ... so those who can learn can have their on bot.. nice

btw did anyone cracked it yet? altho im starting to get it, its still paining my ****..

[maharaja]

Nice job anantasia!!

[¡ý¨kDB¨k¡ý]

[¡ý¨kDB¨k¡ý]

dun know what i did wrong but its really wrong something there lol .

[Domates]

** set trap on first jump here and by pass
00403596 je 40378c <- by pass this point to 40359C
0040359C move ecx,[ebp-2c] Ok here just Toggle Breakpoint and change je=jmp
.
.
/** set trap and here and by pass
004035CB jne 40378c <- by pass this point to 4035DD
004035D1 cmp [004356e0],edi
004035D7 jne 40378c
004035DD push 00 same here jne=jmp
.
.
/** call dll
00403685 CALL 00403CF6 <- this command to call routine at address 00403CF6 and when hit command RET. It's will return to next address 40368A
0040368A mov eax,[esi+1c]
.
.
00403CF6 JMP DWORD PTR[00429508] <- this command jump to long address. Almost use pointer to point long address to go. So PTR[00429508] = 10002860
.
.
10002860 SUB ESP, 000000C8 <- here is starting of countrymakeinus.dll
.
.
1000288B CALL 1001E804 <- this call check that it's right user/pass or not?
.
10002895 JNE 101zo1z21v01o12012z1vo101zo1z21v0+5d <- If wrong it's will jump to exit.. So this point we should by pass and go next command
10002897 CMP [esp+000000d4],fffd7fd0
100028A2 JNE 101zo1z21v01o12012z1vo101zo1z21v0+5d <- the another one , so just by pass to next command
100028A4 MOV eax,[esp+000000d8]
.
.
/* there amount 10-20 jump condition at here try by pass only JNE
.
.
10002AC0 CALL dword ptr[100303a0]
.
.
/* there amount 10-20 jump condition at here try by pass only JNE
.
.
10003110 RET <- finished sub routine and return to address 40368A

After this poin u can start bot by press Funtion key 11 on CO2

How we save this after, Iam gonna sleep :P
If u think iam wasting my time send me SV:P

[¡ý¨kDB¨k¡ý]

ok ... i`m confused now

[¡ý¨kDB¨k¡ý]

Quote:

Originally posted by Xibungo@Jan 5 2007, 00:00
ok i search this line, can i pm u plz anantasia?
i will only pm u if u say to me, im waiting
so, answer me here, when u say "set trap " what we have to do? and by pass is to replace adress? for example : /** set trap and here and by pass
004035CB jne 40378c <- by pass this point to 4035DD
004035D1 cmp [004356e0],edi
004035D7 jne 40378c
004035DD push 00
( change 40378c to 4035dd ) ?

same here [img]text2schild.php?smilienummer=1&text=help ! I R BABOON' border='0' alt='help ! I R BABOON' />

[anantasia]

Quote:

Originally posted by Domates@Jan 5 2007, 23:48
/** set trap on first jump here and by pass
00403596 je 40378c <- by pass this point to 40359C
0040359C move ecx,[ebp-2c]
.
.
/** set trap and here and by pass
004035CB jne 40378c <- by pass this point to 4035DD
004035D1 cmp [004356e0],edi
004035D7 jne 40378c
004035DD push 00

do i have those to make jmp, after i did break point

Sorry for long respond, I just suggest my friend to do it by chat message. Now he can do crack on his self.

For your question u must change EIP to next command not change it to jump instruction

[¡ý¨kDB¨k¡ý]

Quote:

Originally posted by anantasia+Jan 6 2007, 02:00--></span><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>QUOTE (anantasia @ Jan 6 2007, 02:00)</td></tr><tr><td id='QUOTE'> <!--QuoteBegin--Domates@Jan 5 2007, 23:48
/** set trap on first jump here and by pass
00403596 je 40378c <- by pass this point to 40359C
0040359C move ecx,[ebp-2c]
.
.
/** set trap and here and by pass
004035CB jne 40378c <- by pass this point to 4035DD
004035D1 cmp [004356e0],edi
004035D7 jne 40378c
004035DD push 00

do i have those to make jmp, after i did break point

Sorry for long respond, I just suggest my friend to do it by chat message. Now he can do crack on his self.

For your question u must change EIP to next command not change it to jump instruction [/b][/quote]
k help me pls i understood the trap thing but i can`t understand what is bypass .. what to do ? i se trap on on 00403596 what to do next ?