📄 finger.html

📁 This is a e-book How to Crack with Softice. HTML type document.
💻 HTML
字号:
<HTML>
<HEAD>
   <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
   <META NAME="GENERATOR" CONTENT="Mozilla/4.04 [en] (Win95; I) [Netscape]">
   <META NAME="Author" CONTENT="KLee8084">
   <META NAME="Classification" CONTENT="Reverse Code Engineering">
   <META NAME="Description" CONTENT="Step by step guide to cracking WS-Finger Client">
   <META NAME="KeyWords" CONTENT="How to crack WS-Finger Client">
   <TITLE>WS-Finger Client</TITLE>
</HEAD>
<BODY TEXT="#001010" BGCOLOR="#C0C0C0" LINK="#FF0000" VLINK="#000099" ALINK="#FFFF00">
&nbsp;
<TABLE BORDER CELLSPACING=2 WIDTH="100%" 22" >
<TR BGCOLOR="#FFFFFF">
<TD WIDTH="15%">
<CENTER><B><FONT FACE="Arial,Helvetica">August 1998</FONT></B></CENTER>
</TD>

<TD WIDTH="100%">
<CENTER><FONT FACE="Arial,Helvetica"><FONT SIZE=+1>"Cracking WS-Finger
Client"</FONT></FONT></CENTER>
</TD>

<TD WIDTH="30%">
<CENTER><B><FONT FACE="Arial,Helvetica">Win '95 PROGRAM</FONT></B></CENTER>

<CENTER><FONT FACE="Arial,Helvetica"><FONT COLOR="#808080">Win Code Reversing</FONT></FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica"><FONT COLOR="#808080">&nbsp;</FONT></FONT></CENTER>
</TD>
</TR>

<TR BGCOLOR="#FFFF99">
<TD WIDTH="15%">
<CENTER><FONT FACE="Arial,Helvetica"><FONT COLOR="#890000">&nbsp;</FONT></FONT></CENTER>
</TD>

<TD>
<CENTER><FONT FACE="Arial,Helvetica">by KLee8084<FONT SIZE=+3>&nbsp;</FONT></FONT></CENTER>
</TD>

<TD VALIGN=CENTER WIDTH="30%"><FONT FACE="Arial,Helvetica">&nbsp;</FONT></TD>
</TR>

<TR BGCOLOR="#999900">
<TD WIDTH="15%">
<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>
</TD>

<TD>
<CENTER><FONT FACE="Arial,Helvetica">Code Reversing For Beginners&nbsp;</FONT></CENTER>
</TD>

<TD WIDTH="30%">
<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>
</TD>
</TR>

<TR BGCOLOR="#C0C0C0">
<TD WIDTH="15%"></TD>

<TD ALIGN=LEFT>
<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>

<CENTER><B><FONT FACE="Arial,Helvetica">Program Details</FONT></B></CENTER>

<CENTER><FONT FACE="Arial,Helvetica"><B>Program Name:</B> wsfinger.exe</FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica"><B>Program Type: </B>Internet utility</FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica"><B>Program Location: <A HREF="http://www.empire.net/~jobrien/wsfngr32.exe">HERE</A></B>&nbsp;</FONT></CENTER>

<CENTER><B><FONT FACE="Arial,Helvetica">Program Size: 687 Kb</FONT></B></CENTER>
<FONT FACE="Arial,Helvetica">&nbsp;</FONT></TD>

<TD WIDTH="30%"></TD>
</TR>

<TR BGCOLOR="#C0C0C0">
<TD WIDTH="15%"></TD>

<TD><FONT FACE="Arial,Helvetica"><B>&nbsp;</B>&nbsp;</FONT>&nbsp;
<CENTER><B><FONT FACE="Arial,Helvetica">Tools Used:</FONT></B></CENTER>

<CENTER><FONT FACE="Arial,Helvetica">Softice V3.2 - Debugger</FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>
</TD>

<TD WIDTH="30%"></TD>
</TR>

<TR>
<TD VALIGN=CENTER BGCOLOR="#C6E7C6">
<CENTER><B><FONT FACE="Arial,Helvetica"><FONT COLOR="#0000FF">Rating</FONT></FONT></B></CENTER>
</TD>

<TD VALIGN=CENTER BGCOLOR="#C6E7C6">
<CENTER><B><FONT FACE="Arial,Helvetica"><FONT SIZE=-1><FONT COLOR="#0000FF">Easy
( X )&nbsp; Medium (&nbsp; )&nbsp; Hard (&nbsp;&nbsp;&nbsp; )&nbsp; Pro
(&nbsp;&nbsp;&nbsp; )</FONT>&nbsp;</FONT></FONT></B></CENTER>
</TD>

<TD WIDTH="30%" BGCOLOR="#999900"><B><FONT FACE="Arial,Helvetica"><FONT SIZE=-1>There
is a crack, a crack in everything. That's how the light gets in.</FONT></FONT></B></TD>
</TR>
</TABLE>

<CENTER><FONT FACE="Arial,Helvetica"><FONT SIZE=-1>&nbsp;</FONT></FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT>&nbsp;
<HR></CENTER>

<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica"><FONT SIZE=+2>Cracking WS-Finger Client</FONT></FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica"><FONT COLOR="#0B7FC1">Written by KLee8084</FONT></FONT></CENTER>
<FONT FACE="Arial Black">&nbsp;</FONT>
<BR>&nbsp;
<BR>&nbsp;
<TABLE BORDER CELLSPACING=2 WIDTH="100%" HEIGHT="22" >
<TR>
<TD BGCOLOR="#C6E7C6">
<CENTER><FONT COLOR="#0000FF"><FONT SIZE=+2>Introduction</FONT></FONT></CENTER>
</TD>
</TR>
</TABLE>
<FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR>WS-Finger is a nifty little utility that allows you to "finger" a person
on the Internet and find out information on that person...provided, that
is, that the person's ISP doesn't block finger attempts.
<BR>&nbsp;
<TABLE BORDER CELLSPACING=2 WIDTH="100%" HEIGHT="22" >
<TR>
<TD BGCOLOR="#C6E7C6">
<CENTER><FONT COLOR="#3333FF"><FONT SIZE=+2>About this protection system</FONT></FONT></CENTER>
</TD>
</TR>
</TABLE>
<FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR>Not very much of a protection system. The password is calculated based
on the name that the user enters.
<BR><FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<TABLE BORDER CELLSPACING=2 WIDTH="100%" HEIGHT="22" >
<TR>
<TD BGCOLOR="#C6E7C6">
<CENTER><FONT SIZE=+2><FONT COLOR="#0000FF">The Essay</FONT>&nbsp;</FONT></CENTER>
</TD>
</TR>
</TABLE>
<FONT FACE="Arial,Helvetica"><FONT COLOR="#000000">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</FONT></FONT>
<BR>Once you install the program, then run it. A licensing agreement window
should pop up. Accept it. Ready? Let's start!
<BR>Click on <B><U>F</U>ile.</B>
<BR>Click on <B>Re<U>g</U>ister.</B>

<P>Now, enter your Name and a fake Password.
<BR>&nbsp;
<BR>Time to go into Softice and set a breakpoint.
<BR>&nbsp;
<BR>Press <B>CTRL-D</B>&nbsp; then type <B>bpx GetDlgItemTextA</B>&nbsp;<BR>

<BR>Now, type <B>X</B> to return to the program.&nbsp; Click on "<B>OK</B>".
<BR>&nbsp;
<BR>Bang! We're back in Softice at the start of <FONT COLOR="#CC6600">USER32!GetDlgItemTextA</FONT>

<P>Type <B>X</B>
<BR>&nbsp;
<BR>Now, press <B>F11</B> to return to the instruction following the call
to USER32!GetDlgItemTextA.
<BR><B>&nbsp;</B>
<BR><B>F10</B> until:

<P>:0040224B&nbsp;&nbsp;&nbsp; CALL 00409048&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&lt;- Routine to put hex value of fake password in EAX

<P><B>F8</B> into this call (you CAN, if you want, step over this call
with a <B>F10</B>).
<BR><B>&nbsp;</B>
<BR><B>F10</B> until:

<P>:0040904D&nbsp;&nbsp;&nbsp; MOV EDX, [EBP+08]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
&lt;- Your fake password

<P>To prove that this is your fake password, type <B>d EDX</B>
<BR><B>&nbsp;</B>
<BR><B>F10</B> until you return from the call.&nbsp;&nbsp; If you type
<B>? EAX</B> you'll see that EAX now holds the fake password.
<BR><B>&nbsp;</B>
<BR><B>F10</B> until:

<P>:004021C3&nbsp;&nbsp;&nbsp; CALL 0040225B

<P>Since the instruction following this CALL is a TEST, <B>F8</B> into
the call.&nbsp; <B>F10</B> until:

<P>:00402279&nbsp;&nbsp;&nbsp; CALL 004051C4
<BR>:0040227E&nbsp;&nbsp;&nbsp; POP ECX
<BR>:0040227F&nbsp;&nbsp;&nbsp; CMP EAX, EBX

<P><B>F8</B> into the call at :00402279.&nbsp; Hmmm...not interesting.
<BR><B>F10</B> until you return from the CALL.
<BR><B>F10</B> until you come back to the same call (are you feeling like
a yo-yo yet? *grin*)

<P>:00402279&nbsp;&nbsp;&nbsp; CALL 004051C4

<P><B>F10</B> over this call.
<BR>&nbsp;
<BR>As a matter of fact, press <B>F10</B> until EBX = EAX (:0040227F&nbsp;
CMP EAX, EBX). This should be the same as the length of the name that you
had entered. I had entered KLee8084. Therefore, EAX was 8. EBX was incremented
by 1 each time the loop was run through. (i.e., 8 iterations).
<BR><B>&nbsp;</B>
<BR><B>F10</B> until:

<P>:0040229B&nbsp;&nbsp;&nbsp; CALL 00408E14

<P><B>F10</B> over this call (well, you CAN <B>F8</B> into any of the calls,
if you want to.)
<BR><B>F10</B> until:

<P>:004022A3&nbsp;&nbsp;&nbsp; CALL 00408D84

<P><B>F10</B> over this call.

<P>Well...look at the next instruction. Interesting, isn't it? *wink*

<P>:004022A8&nbsp;&nbsp;&nbsp; CMP EAX, [EDI+0000016E]

<P>If you look at the value at EDI+0000016E, you'll see that it holds your
fake password (hex value). What, then, does EAX hold?
<BR>&nbsp;
<BR>Type <B>? EAX</B>
<BR>See the decimal value of EAX? That is the REAL password.
<BR>&nbsp;
<BR>Write it down.
<BR>&nbsp;
<BR>Time to clear the breakpoint (type <B>bc *</B> )
<BR>&nbsp;
<BR>Now, type <B>X</B> to return to the program.
<BR>&nbsp;
<BR>Click on "OK" to get rid of the nasty message box.
<BR>&nbsp;
<BR>Ready??
<BR>&nbsp;
<BR>Enter the number that you had written down (the decimal value of EAX).
<BR>Click on "OK".&nbsp; No message box thanking you??? Nothing???
<BR>*grin* Click on <U>H</U>elp.
<BR>&nbsp;
<BR>Click on <U>A</U>bout...

<P>Ahhh....Congratulations!
<BR>&nbsp;
<BR>Program cracked.
<BR>&nbsp;
<TABLE BORDER CELLSPACING=2 WIDTH="100%" HEIGHT="22" >
<TR>
<TD BGCOLOR="#C6E7C6">
<CENTER><FONT SIZE=+2><FONT COLOR="#0000FF">The 'Crack'</FONT>&nbsp;</FONT></CENTER>
</TD>
</TR>
</TABLE>
<FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR>None.&nbsp;
<BR>&nbsp;
<TABLE BORDER CELLSPACING=2 WIDTH="100%" HEIGHT="22" >
<TR>
<TD BGCOLOR="#C6E7C6">
<CENTER><FONT SIZE=+2><FONT COLOR="#0000FF">Final Notes</FONT>&nbsp;</FONT></CENTER>
</TD>
</TR>
</TABLE>
<FONT FACE="Arial,Helvetica"><FONT COLOR="#333333">&nbsp;</FONT></FONT>
<BR>The protection of this program is very similar to the protection of
Teleport Pro v1.28 (one of my other essays). Perhaps the creators of Teleport
Pro ripped the routine from WS-Finger? Perhaps not.

<P><FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR><FONT FACE="Arial,Helvetica">My thanks and gratitude goes to:-</FONT>
<BR><FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR><FONT FACE="Arial,Helvetica">Fravia+ for providing possibly the greatest
source of Reverse Engineering</FONT>
<BR><FONT FACE="Arial,Helvetica">knowledge on the Web.</FONT>
<BR><FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR><FONT FACE="Arial,Helvetica">+ORC for showing me the light at the end
of the tunnel.</FONT>
<BR>&nbsp;
<TABLE BORDER CELLSPACING=2 WIDTH="100%" HEIGHT="22" >
<TR>
<TD BGCOLOR="#C6E7C6">
<CENTER><FONT COLOR="#0000FF"><FONT SIZE=+2>Ob Duh</FONT></FONT>&nbsp;</CENTER>
</TD>
</TR>
</TABLE>
<I><FONT FACE="Arial,Helvetica">&nbsp;</FONT></I>
<BR><FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR><I><FONT FACE="Arial,Helvetica">Do I really have to remind you all
that by buying and NOT stealing the software you use will ensure that these
software houses will continue to&nbsp; produce even *better* software for
us to use and more importantly, to continue offering even more challenges
to breaking their often weak protection systems.</FONT></I>
<BR><FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR><I><FONT FACE="Arial,Helvetica">If your looking for cracks or serial
numbers from these pages then your wasting your time, try searching elsewhere
on the Web under Warze, Cracks etc.</FONT></I>
<BR><FONT FACE="Arial,Helvetica">&nbsp;</FONT>
<BR>
<HR SIZE=3 WIDTH="100%">
<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>

<CENTER><FONT FACE="Arial,Helvetica">&nbsp;</FONT></CENTER>

<CENTER><TABLE BORDER=2 >
<TR>
<TD>&nbsp;<FONT FACE="Arial,Helvetica"><FONT SIZE=+1>[ <A HREF="Main.html">Return</A>
]</FONT></FONT>&nbsp;</TD>
</TR>
</TABLE></CENTER>

<CENTER><B><FONT FACE="Arial,Helvetica"><FONT SIZE=+1>&nbsp;</FONT></FONT></B></CENTER>

<HR SIZE=3 WIDTH="100%">
<BR><FONT FACE="Arial,Helvetica"><FONT SIZE=-2>Essay by: <A HREF="mailto:KLee8084@snet.net">KLee8084</A></FONT></FONT>
<BR><FONT FACE="Arial,Helvetica"><FONT SIZE=-2>Page Created: 17th August
1998</FONT></FONT>
</BODY>
</HTML>
💿 文件大小 38 K
👤 上传用户 zhangpeng
📂 所属分类软件工程
🏷️ 相关标签

#document #Softice #e-book #Crack
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -