|
Tutorial Cracking : CoffeeCup ButtonFactory v4.5
|
Target = CoffeeCup ButtonFactory v4.5
Tool = W32Dasm v8.93
Hackers View 6.15
Ok, kita langsung aja menuju target
Buka Btuuonfactory.exe dengan wdasm, klik goto trus StringDataReferences.
Di String Data Referances, cari pesan yang muncul pada saat program dijalankan.
Klik dua kali, kita langsung menuju ke alamat:
* Referenced by a (U)nconditional or (C)onditional Jump at Addresses:
|:0046F4DC(C), :0046F504(C)
* Possible StringData Ref from Code Obj ->"Incorrect username and password."
|
:0046F592 B890F64600 mov eax, 0046F690
:0046F597 E81839FEFF call 00452EB4
Sepertinya alamat diatas berasal dari dua conditional jump
Saatnya kita lihat di dua alamat tersebut :
* Possible StringData Ref from Code Obj ->"mk67z"
|
:0046F4D0 BAC0F54600 mov edx, 0046F5C0
:0046F4D5 E80699F9FF call 00408DE0 >>>mengecek nama dan password
:0046F4DA 85C0 test eax, eax >>> eax=0 ?? nama ok ??
:0046F4DC 0F85B0000000 jne 0046F592 >>> jump pertama
:0046F4E2 8D55FC lea edx, dword ptr [ebp-04]
:0046F4E5 8B8318030000 mov eax, dword ptr [ebx+00000318]
:0046F4EB E86017FCFF call 00430C50
:0046F4F0 8B45FC mov eax, dword ptr [ebp-04]
:0046F4F3 E8784AF9FF call 00403F70
* Possible StringData Ref from Code Obj ->"trs98z"
|
:0046F4F8 BAC8F54600 mov edx, 0046F5C8
:0046F4FD E8DE98F9FF call 00408DE0 >>> mengecek nama dan password
:0046F502 85C0 test eax, eax >>> if eax=0 ?? password ok ??
* Referenced by a (U)nconditional or (C)onditional Jump at Address:
|:0046F49D(C)
|
:0046F504 0F8588000000 jne 0046F592 >>>jump kedua
:0046F50A A1686B4A00 mov eax, dword ptr [004A6B68]
:0046F50F 8B00 mov eax, dword ptr [eax]
Kesimpulannya adalah :
"mk67z" = nama
"trs98z" = password
Thats !T....simple cracking......
|