|
Tutorial Cracking :
Sog DVD Ripper Platinum v6.0.20100329
|
Target : Sog DVD Ripper Platinum v6.0.20100329
Tool : OllyDebug DeFixeD
Exe Info PE
Sog DVD Ripper Platinum is an all-in-one solution for ripping or converting DVD to avi, DVD to DivX, Xvid, MPEG1/2, MPEG-4, H.264, wmv, flv (flash video), DVD to iPod/ iPhone/ AppleTV , DVD to mobile phone (3GP), DVD to PSP, DVD to Zune, DVD to PDA.
Scan Sog_DVD_Ripper_Platinum.exe dengan Exe Info PE untuk melihat programnya diproteksi apa??
Borland C++ Copyright 2002 Borland Corporation
Buka Sog_DVD_Ripper_Platinum.exe nya dengan OllyDebug DeFixeD.
Di "CPU - main thread, module Sog_DVD_Ripper_Platinum.exe", klik kanan pilih "Search for" terus "All Referenced Text Strings".
Geser keatas terus cari kata "incorrect".
Ketemunya.
00403D6B MOV EDX,0054DC57 ASCII "Incorrect Reg Name or Reg Code!",LF,"Please Input VALIDATE Reg Name and Reg Code!"
Klik dua kali.
00403D67 EB 4D JMP SHORT 00403DB6
00403D69 6A 00 PUSH 0
00403D6B BA 57DC5400 MOV EDX,0054DC57 ; ASCII "Incorrect Reg Name or Reg Code!",LF,"Please Input VALIDATE Reg Name and Reg Code!"
Trace kodenya keatas lagi.
00403C15 E8 AE010000 CALL 00403DC8 Sog_DVD_.00403DC8
00403C1A 83C4 08 ADD ESP,8
00403C1D BA 02000000 MOV EDX,2
00403C22 50 PUSH EAX
00403C23 8D45 F8 LEA EAX,DWORD PTR SS:[EBP-8]
00403C26 FF4E 1C DEC DWORD PTR DS:[ESI+1C]
00403C29 E8 66681400 CALL 0054A494
00403C2E FF4E 1C DEC DWORD PTR DS:[ESI+1C]
00403C31 8D45 FC LEA EAX,DWORD PTR SS:[EBP-4]
00403C34 BA 02000000 MOV EDX,2
00403C39 E8 56681400 CALL 0054A494 Sog_DVD_.0054A494
00403C3E 59 POP ECX
00403C3F 84C9 TEST CL,CL
00403C41 0F84 22010000 JE 00403D69
Beri breakpoint dialamat "00403C15"
Trus Run OllyDebugnya atau F9
Isi registernya trus klik register.
OllyDebug akan berhenti dialamat "00403C15"
00403C15 E8 AE010000 CALL 00403DC8 Sog_DVD_.00403DC8
Klik Step Into atau F7
00403DC8 55 PUSH EBP
00403DC9 8BEC MOV EBP,ESP
00403DCB 83C4 94 ADD ESP,-6C
00403DCE B8 18E25400 MOV EAX,0054E218
Klik Step Over atau F8 terus kebawah
00404069 E8 5A0A0000 CALL 00404AC8 Sog_DVD_.00404AC8
Klik Step Into atau F7 dialamat 00404069
00404AC8 55 PUSH EBP
00404AC9 8BEC MOV EBP,ESP
00404ACB 53 PUSH EBX
00404ACC 56 PUSH ESI
00404ACD 8B5D 0C MOV EBX,DWORD PTR SS:[EBP+C]
00404AD0 8B75 08 MOV ESI,DWORD PTR SS:[EBP+8]
00404AD3 33C9 XOR ECX,ECX
00404AD5 85DB TEST EBX,EBX
00404AD7 75 42 JNZ SHORT 00404B1B
Dialamat "00404AD7" kode "JNZ SHORT 00404B1B" ganti "JMP SHORT 00404B1B"
Lanjut lagi...!!!
Klik Step Over atau F8 terus kebawah
00404B1B 33D2 XOR EDX,EDX
00404B1D 8BC6 MOV EAX,ESI
00404B1F 0FBE30 MOVSX ESI,BYTE PTR DS:[EAX]
00404B22 03CE ADD ECX,ESI
00404B24 42 INC EDX
00404B25 40 INC EAX
00404B26 83FA 04 CMP EDX,4
00404B29 7C F4 JL SHORT 00404B1F
00404B2B A1 003D5600 MOV EAX,DWORD PTR DS:[563D00]
00404B30 FF30 PUSH DWORD PTR DS:[EAX]
00404B32 8BC1 MOV EAX,ECX
00404B34 5A POP EDX
00404B35 8BCA MOV ECX,EDX
00404B37 99 CDQ
00404B38 F7F9 IDIV ECX
00404B3A 3BDA CMP EBX,EDX
00404B3C 75 04 JNZ SHORT 00404B42
00404B3E B0 01 MOV AL,1
00404B40 EB 02 JMP SHORT 00404B44
00404B42 33C0 XOR EAX,EAX
Dialamat "00404B3C" kode "JNZ SHORT 00404B42" ganti "NOP"
Biar nilainya 1
Simpan perubahannya.
15/05/10
|