|
Tutorial Cracking :
My Driver v5.00 Pro Edition
|
Target : My Driver v5.00 Pro Edition
Tool : OllyDebug DeFixeD
Exe Info PE
My Drivers enables easy and fast detection, backup and restore of all hardware device drivers currently on your system.
Also, you can even find the latest drivers for your hardware and install them onto your computer.
Buka My drivernya, kita lihat apa saja yang muncul...!
Langsung minta registrasi.
Langkah pertama :
Scan MyDrivers.exe dengan Exe Info PE untuk melihat programnya diproteksi apa??
"Borland Delphi ( 2.0 - 7.0 ) 1992 - www.borland.com".
Langkah kedua :
Buka MyDrivers.exe dengan OllyDebug DeFixeD.
Di "CPU - main thread, module MyDrivers", klik kanan pilih "Search for" terus "All referenced text strings".
Geser keatas terus klik kanan, cari kata "registration".
004A4D44 PUSH 004A5208 ASCII "Registration Success!"
Klik dua kali.
004A4D1D E8 0605F6FF CALL 00405228
004A4D22 85C0 TEST EAX,EAX
004A4D24 0F84 BC010000 JE 004A4EE6
004A4D2A 8B45 FC MOV EAX,DWORD PTR SS:[EBP-4]
004A4D2D 8B80 04030000 MOV EAX,DWORD PTR DS:[EAX+304]
004A4D33 33D2 XOR EDX,EDX
004A4D35 E8 F227FAFF CALL 0044752C
004A4D3A 8D45 EC LEA EAX,DWORD PTR SS:[EBP-14]
004A4D3D E8 F2FEF5FF CALL 00404C34
004A4D42 6A 00 PUSH 0
004A4D44 68 08524A00 PUSH 004A5208 ASCII "Registration Success!"
004A4D49 68 20524A00 PUSH 004A5220 ASCII " Thank you for your support.",CR,"We will work even harder and",CR,"notify you future releases."
Beri breakpoint atau F2 dialamat "004A4D1D"
Tekan run atau F9.
Isi registrasinya.
Olly akan break dialamat "004A4D1D"
Registers (FPU)
EAX 00C09FFC ASCII "WDW222239-666172697A616C32332E636A622E6E6574"
ECX 00000001
EDX 00BF6754 ASCII "1234567890"
EBX 00BF4634
ESP 0012F1A8
EBP 0012F260
ESI 0043A0B4 MyDriver.0043A0B4
EDI 0012F3DC
EIP 004A4D1D MyDriver.004A4D1D
Langkah ketiga :
Jalankan My Drivernya.
Isi registernya dengan kode diatas.
Done.
18/02/10
|