lordcedrich 02-09-2007 09:03 PM

Reverse Engineering
Im wondering what should i change i this code to bypass the code needed by the software
here is the code

0045EA48 . E8 63F6FFFF CALL ttmz.0045E0B0
0045EA4D . 84C0 TEST AL,AL
0045EA4F 75 1A JNZ SHORT ttmz.0045EA6B
0045EA51 . 8B0D 28184600 MOV ECX,DWORD PTR DS:[461828] ; ttmz.00462C44
0045EA57 . A1 341A4600 MOV EAX,DWORD PTR DS:[461A34]
0045EA5E . 8B15 DCE34500 MOV EDX,DWORD PTR DS:[45E3DC] ; ttmz.0045E428
0045EA64 . E8 1B93FFFF CALL ttmz.00457D84
0045EA69 EB 18 JMP SHORT ttmz.0045EA83
0045EA6B > 8B0D 6C184600 MOV ECX,DWORD PTR DS:[46186C] ; ttmz.00462C18
0045EA71 . A1 341A4600 MOV EAX,DWORD PTR DS:[461A34]
0045EA78 . 8B15 30964500 MOV EDX,DWORD PTR DS:[459630] ; ttmz.0045967C
0045EA7E . E8 0193FFFF CALL ttmz.00457D84
0045EA83 > A1 341A4600 MOV EAX,DWORD PTR DS:[461A34]

what should i change to bypass the code of the software

Silkut 02-10-2007 04:16 AM

Did you follow any tutorials about reversing before posting ? There are severals on the net that could help you to understand what the code is doing and how to change it to do what you want to.


lordcedrich 02-10-2007 07:12 AM

yes i read but i didnt understand this
1.outside this hangs software not not usefully, because he does not have the ability which doubles can strike its
2.his key point is 0045EA64 its
3.explains this software is not main, what is main is transfers □a DLL document time in him, also some confirms its want to enter this very simple EA64 and EA69 directly collect form NOP to be allowed

You try, 64 assemblies are NOT, 69 changes JNZ or NOT, has jumped the confirmation, in 48 looked how confirms transfers software □DLL

thedark 05-11-2007 06:16 PM

i was actually thinking there must be no PE reversing discussions in this forum ;p

